From c2558aba9439df62e11983a53496b1cd8b983242 Mon Sep 17 00:00:00 2001 From: Florian Fainelli Date: Fri, 24 Oct 2008 14:44:31 +0000 Subject: [PATCH] Hello, I've explained the problem at https://dev.openwrt.org/ticket/4115 This is my first patch to OpenWRT so please be lenient. The 160-stack-protector.patch deletes the section in configure of cups which switches on the stack-protector. In the Makefile the css files are missing. Signed-off-by: Heiner Kempken SVN-Revision: 13044 --- net/cups/patches/160-stack-protector.patch | 62 ++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 net/cups/patches/160-stack-protector.patch diff --git a/net/cups/patches/160-stack-protector.patch b/net/cups/patches/160-stack-protector.patch new file mode 100644 index 000000000..f26b7472e --- /dev/null +++ b/net/cups/patches/160-stack-protector.patch @@ -0,0 +1,62 @@ +--- cups-1.3.7/configure.old 2008-10-19 23:29:10.000000000 +0200 ++++ cups-1.3.7/configure 2008-10-19 23:31:10.000000000 +0200 +@@ -10115,59 +10115,6 @@ + OPTIM="-fPIC $OPTIM" + fi + +- # The -fstack-protector option is available with some versions of +- # GCC and adds "stack canaries" which detect when the return address +- # has been overwritten, preventing many types of exploit attacks. +- { echo "$as_me:$LINENO: checking if GCC supports -fstack-protector" >&5 +-echo $ECHO_N "checking if GCC supports -fstack-protector... $ECHO_C" >&6; } +- OLDCFLAGS="$CFLAGS" +- CFLAGS="$CFLAGS -fstack-protector" +- cat >conftest.$ac_ext <<_ACEOF +-/* confdefs.h. */ +-_ACEOF +-cat confdefs.h >>conftest.$ac_ext +-cat >>conftest.$ac_ext <<_ACEOF +-/* end confdefs.h. */ +- +-int +-main () +-{ +- +- ; +- return 0; +-} +-_ACEOF +-rm -f conftest.$ac_objext +-if { (ac_try="$ac_compile" +-case "(($ac_try" in +- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; +- *) ac_try_echo=$ac_try;; +-esac +-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +- (eval "$ac_compile") 2>conftest.er1 +- ac_status=$? +- grep -v '^ *+' conftest.er1 >conftest.err +- rm -f conftest.er1 +- cat conftest.err >&5 +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); } && { +- test -z "$ac_c_werror_flag" || +- test ! -s conftest.err +- } && test -s conftest.$ac_objext; then +- OPTIM="$OPTIM -fstack-protector" +- { echo "$as_me:$LINENO: result: yes" >&5 +-echo "${ECHO_T}yes" >&6; } +-else +- echo "$as_me: failed program was:" >&5 +-sed 's/^/| /' conftest.$ac_ext >&5 +- +- { echo "$as_me:$LINENO: result: no" >&5 +-echo "${ECHO_T}no" >&6; } +-fi +- +-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +- CFLAGS="$OLDCFLAGS" +- + # The -pie option is available with some versions of GCC and adds + # randomization of addresses, which avoids another class of exploits + # that depend on a fixed address for common functions. -- 2.30.2