Apply secure option

- Problem: There is no FORTIFY option.
- Cause: Unlike the SSP that catches the stack BOF, a protection technique is
  needed to catch the BOF that occurs in a general memory buffer.
- Solution: apply FORTIFY and stack-canar options.

Change-Id: Idaddb614389bf6f8620720bb51c21128bbca0731
Signed-off-by: saerome.kim <saerome.kim@samsung.com>

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 4300258035a944ac92c6665bd1d4d98bd5d99b81..e39a147167b744de3a871812fdeb585395087c13 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -30,10 +30,18 @@ FOREACH(flag ${PKGS_CFLAGS})
        SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
 ENDFOREACH(flag)
 
-SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -fPIC -Wall -Werror")
 IF(BUILD_GCOV)
-    SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage")
+    SET(GGOV_FLAGS " -fprofile-arcs -ftest-coverage")
+ELSE(BUILD_GCOV)
+    set(GCOV_FLAGS "")
 ENDIF(BUILD_GCOV)
+
+SET(RELRO_FLAGS "-Wl,-z,relro")
+SET(FORTIFY_FLAGS "-D_FORTIFY_SOURCE=2")
+SET(STACK_CANARY_FLAGS "-fstack-protector-strong")
+SET(PIE_FLAGS "-fPIE -fPIC")
+SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} ${STACK_CANARY_FLAGS} ${FORTIFY_FLAGS} ${RELRO_FLAGS} ${PIE_FLAGS} ${GCOV_FLAGS} -Wall -Werror")
+
 SET(LIB_NAME "${PROJECT_NAME}")
 SET(LIB_PREFIX ${CMAKE_INSTALL_PREFIX})
 SET(LIB_DIR "${LIB_PATH}")

diff --git a/packaging/capi-network-ua.spec b/packaging/capi-network-ua.spec
index e2a42b52ff102f176e14526e45409543440a7012..cc1a630613ff8fb211697db1dbedf4a7225821ea 100644 (file)
--- a/packaging/capi-network-ua.spec
+++ b/packaging/capi-network-ua.spec
@@ -1,6 +1,6 @@
 Name: capi-network-ua
 Summary: User Awareness Framework CAPI
-Version: 0.12.12
+Version: 0.12.13
 Release: 1
 License: Apache-2.0
 Source0: %{name}-%{version}.tar.gz