cmake: add more hardening compiler flags
authorPetr Štetiar <ynezz@true.cz>
Sat, 7 Dec 2019 12:29:05 +0000 (13:29 +0100)
committerPetr Štetiar <ynezz@true.cz>
Wed, 25 Dec 2019 09:31:58 +0000 (10:31 +0100)
In order to spot possible issues with direct impact on security during
QA on CI (GCC version 6 and higher).

Ref: https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/
Signed-off-by: Petr Štetiar <ynezz@true.cz>
CMakeLists.txt

index da7d03c7fc213ea38fed65cd1d1217c948550320..0b0c9e316bfbdfd777dd08f8a4490a5327627660 100644 (file)
@@ -6,7 +6,8 @@ PROJECT(ubox C)
 
 ADD_DEFINITIONS(-Wall -Werror)
 IF(CMAKE_C_COMPILER_VERSION VERSION_GREATER 6)
-       ADD_DEFINITIONS(-Wextra)
+       ADD_DEFINITIONS(-Wextra -Werror=implicit-function-declaration)
+       ADD_DEFINITIONS(-Wformat -Werror=format-security -Werror=format-nonliteral)
 ENDIF()
 ADD_DEFINITIONS(-Os -std=gnu99 -g3 -Wmissing-declarations -Wno-unused-parameter)