projects / filament.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cf9f0d7)
Force non-executable stack
authorTimo Röhling <roehling@debian.org>
Fri, 17 May 2024 16:11:16 +0000 (18:11 +0200)
committerTimo Röhling <roehling@debian.org>
Fri, 17 May 2024 16:12:13 +0000 (18:12 +0200)
The material files which are included in the shared objects lack the GCC
sections which usually let the compiler conclude that it is safe to mark
the stack as non-executable. Therefore, we force the issue.

debian/rules patch | blob | history

diff --git a/debian/rules b/debian/rules
index d3d9ef91d22eeb8a99d8076f9c117187f8a12746..ef1b8f79a4da83ffad984ebbe4eccaabf7c455bc 100755 (executable)
--- a/debian/rules
+++ b/debian/rules
@@ -16,6 +16,7 @@ SUPPORTS_VULKAN = OFF
 endif
 
 export DEB_CPPFLAGS_MAINT_APPEND += -DNDEBUG
+export DEB_LDFLAGS_MAINT_APPEND = -Wl,-z,noexecstack
 
 ifneq (,$(filter $(DEB_HOST_ARCH), armel m68k mipsel powerpc sh4))
   export DEB_CXXFLAGS_MAINT_APPEND += -Wl,--no-as-needed -latomic -Wl,--as-needed
Unnamed repository; edit this file 'description' to name the repository.