Permalink
Browse files

Fix #223 - Hardening flags for radare2 $ HARDEN=1 sys/install.sh

  • Loading branch information...
1 parent c3673bb commit 9e12c60702e69087b22fc41e0d2f75213a5f1737 @radare committed Sep 27, 2013
Showing with 57 additions and 2 deletions.
  1. +1 −0 AUTHORS
  2. +2 −1 libr/bin/format/mach0/mach0.h
  3. +49 −0 sys/build-harden.sh
  4. +5 −1 sys/install.sh
View
@@ -17,6 +17,7 @@ Contributors: (sorted by length)
- Alexander
- dkreuter
- rvalles
+ - jvoisin
- esteve
- capi_x
- rudi_s
@@ -34,6 +34,7 @@ struct r_bin_mach0_import_t {
int ord;
int last;
};
+
struct r_bin_mach0_reloc_t {
ut64 offset;
ut64 addr;
@@ -91,7 +92,7 @@ struct MACH0_(r_bin_mach0_obj_t) {
ut64 entry;
int endian;
const char* file;
- struct r_buf_t* b;
+ RBuffer* b;
};
struct MACH0_(r_bin_mach0_obj_t)* MACH0_(r_bin_mach0_new)(const char* file);
View
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+MAKE_JOBS=8
+[ -z "${PREFIX}" ] && PREFIX=/usr
+
+case "$1" in
+-h)
+ echo "Usage: sys/build.sh [/usr]"
+ exit 0
+ ;;
+'')
+ :
+ ;;
+*)
+ PREFIX="$1"
+ ;;
+esac
+
+[ ! "${PREFIX}" = /usr ] && \
+ CFGARG=--with-rpath
+
+MAKE=make
+gmake --help >/dev/null 2>&1
+[ $? = 0 ] && MAKE=gmake
+
+# find root
+cd `dirname $PWD/$0` ; cd ..
+
+ccache --help > /dev/null 2>&1
+if [ $? = 0 ]; then
+ [ -z "${CC}" ] && CC=gcc
+ CC="ccache ${CC}"
+ export CC
+fi
+
+# build
+${MAKE} mrproper > /dev/null 2>&1
+[ "`uname`" = Linux ] && export LDFLAGS="-Wl,--as-needed"
+rm -f plugins.cfg
+# STATIC BUILD
+CFLAGS="${CFLAGS} -fPIE -fstack-protector-all -D_FORTIFY_SOURCE=2"
+CFGFLAGS="--without-pic --with-nonpic"
+export CFLAGS
+
+# TODO: add this?
+#LDFLAGS="${LDFLAGS} -Wl,-z,now -Wl,-z,relro"
+#export LDFLAGS
+./configure ${CFGARG} --prefix=${PREFIX} || exit 1
+exec ${MAKE} -s -j ${MAKE_JOBS}
View
@@ -17,4 +17,8 @@ fi
[ "`id -u`" = 0 ] || SUDO=sudo
[ -n "${NOSUDO}" ] && SUDO=
-./sys/build.sh $@ && ${SUDO} ${MAKE} symstall
+if [ "${HARDEN}" = 1 ]; then
+ ./sys/build-harden.sh $@ && ${SUDO} ${MAKE} symstall
+else
+ ./sys/build.sh $@ && ${SUDO} ${MAKE} symstall
+fi

0 comments on commit 9e12c60

Please sign in to comment.