Description: hardening stuff
Author: Herbert Parentes Fortes Neto <hpfn@debian.org>
Last-Update: 2016-07-22
--- a/common.mk
+++ b/common.mk
@@ -48,8 +48,9 @@
 # assertion and crash the program if it isn't really true.  You can add
 # -UNDEBUG (in any of various ways) to override this.
 #
-CFLAGS_COMMON = -DNDEBUG $(CFLAGS_PTHREAD)
-CXXFLAGS_COMMON = -DNDEBUG $(CFLAGS_PTHREAD)
+CPPFLAGS_COMMON = -D_FORTIFY_SOURCE=2
+CFLAGS_COMMON = $(CPPFLAGS_COMMON) -DNDEBUG $(CFLAGS_PTHREAD)
+CXXFLAGS_COMMON = $(CPPFLAGS_COMMON) -DNDEBUG $(CFLAGS_PTHREAD)
 
 ifeq ($(C_COMPILER_GNU),yes)
   CFLAGS_COMMON += $(GCC_C_WARNINGS) -fno-common -g -O3
@@ -173,10 +174,10 @@
 
 #------ the actual rules ----------------------------------------------------
 $(TARGET_SHARED_LIBRARIES) dummyshlib:
-	$(CCLD) $(LDFLAGS_SHLIB_ALL) $(LIBOBJECTS) $(LIBDEP) -o $@  
+	$(CCLD) $(CPPFLAGS_COMMON) $(LDFLAGS_SHLIB_ALL) $(LIBOBJECTS) $(LIBDEP) -o $@
 
 $(TARGET_SHARED_LIBS_PP) dummyshlibpp:
-	$(CXXLD) $(LDFLAGS_SHLIB_ALL) $(LIBOBJECTS) $(LIBDEP) -o $@  
+	$(CXXLD) $(CPPFLAGS_COMMON) $(LDFLAGS_SHLIB_ALL) $(LIBOBJECTS) $(LIBDEP) -o $@
 #----------------------------------------------------------------------------
 
 LIBXMLRPC_UTIL_DIR = $(BLDDIR)/lib/libutil
@@ -347,7 +348,7 @@
 	$(CC) -c -o $@ $(INCLUDES) $(CFLAGS_ALL) $(CFLAGS_SHLIB) $<
 
 $(TARGET_MODS_PP:%=%.o):%.o:%.cpp
-	$(CXX) -c -o $@ $(INCLUDES) $(CXXFLAGS_ALL) $<
+	$(CXX) -c -o $@ $(INCLUDES) $(CXXFLAGS_ALL) -fPIE $<
 
 $(TARGET_MODS_PP:%=%.osh): CXXFLAGS_COMMON += $(CFLAGS_SHLIB)