Bug#685299: lintian: False positive from hardening-no-fortify-functions
On 2013-01-18 14:08, Roland Stigge wrote:
> All reported files basically do like this:
>
> $ hardening-check --verbose ./debian/guitarix/usr/lib/ladspa/guitarix.so
> ./debian/guitarix/usr/lib/ladspa/guitarix.so:
> Position Independent Executable: no, regular shared library (ignored)
> Stack protected: no, not found!
> Fortify Source functions: no, only unprotected functions found!
> unprotected: memset
> unprotected: memmove
> Read-only relocations: yes
> Immediate binding: no, not found!
> $
>
> What would you suggest here?
>
> Thanks in advance,
>
> Roland
Since I have an outstanding suggestion to whitelist exactly those two
functions (see #673112#62), I decided to do so. In Lintian 2.5.12,
those warnings should now disappear.
However, should you meet this warning again, there is a good chance I
will recomemnd you to simply override it once you have asserted that the
proper build flags are passed to the compiler (blhc can help you with this).
~Niels
Reply to: