From 03abbde81db7484ccdb4e1808881e1df20df2fb0 Mon Sep 17 00:00:00 2001 From: "H. Peter Anvin" Date: Mon, 3 Mar 2008 20:18:10 -0800 Subject: [PATCH] Prevent inclusion of system include files when inappropriate Use "-nostdinc -iwithprefix include" to prevent the inclusion of system header files, but still permitting *compiler* header files. --- com32/lib/MCONFIG | 3 ++- com32/libutil/Makefile | 8 +++++++- com32/libutil/sha256crypt.c | 5 ++++- com32/libutil/sha512crypt.c | 5 ++++- com32/menu/Makefile | 7 ++++--- com32/menu/menumain.c | 2 +- com32/modules/Makefile | 5 +++-- com32/samples/Makefile | 5 +++-- dos/Makefile | 3 ++- 9 files changed, 30 insertions(+), 13 deletions(-) diff --git a/com32/lib/MCONFIG b/com32/lib/MCONFIG index 781292b..7f88055 100644 --- a/com32/lib/MCONFIG +++ b/com32/lib/MCONFIG @@ -28,7 +28,8 @@ LIBFLAGS = -DDYNAMIC_CRC_TABLE -DPNG_NO_CONSOLE_IO \ # fallback anyway, just use that on old machines... # LIBFLAGS += -DPNG_NO_FLOATING_POINT_SUPPORTED -REQFLAGS = $(GCCOPT) -g -mregparm=3 -DREGPARM=3 -D__COM32__ -I. -I./sys -I../include +REQFLAGS = $(GCCOPT) -g -mregparm=3 -DREGPARM=3 -D__COM32__ \ + -nostdinc -iwithprefix include -I. -I./sys -I../include OPTFLAGS = -Os -march=i386 -falign-functions=0 -falign-jumps=0 \ -falign-labels=0 -ffast-math -fomit-frame-pointer WARNFLAGS = -W -Wall -Wpointer-arith -Wwrite-strings -Wstrict-prototypes -Winline diff --git a/com32/libutil/Makefile b/com32/libutil/Makefile index 426c333..d9f2a6c 100644 --- a/com32/libutil/Makefile +++ b/com32/libutil/Makefile @@ -42,7 +42,11 @@ AR = ar NASM = nasm NASMOPT = -O9999 RANLIB = ranlib -CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -D__COM32__ -W -Wall -march=i386 -Os -fomit-frame-pointer -I./include -I../include +CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os \ + -fomit-frame-pointer -D__COM32__ \ + -nostdinc -iwithprefix include \ + -I./include -I../include \ + -Wp,-MT,$@,-MD,$(dir $@).$(notdir $@).d SFLAGS = $(M32) -D__COM32__ -march=i386 LDFLAGS = -T ../lib/com32.ld LNXCFLAGS = -I./include -W -Wall -O -g -D_GNU_SOURCE @@ -112,3 +116,5 @@ spotless: clean install: all mkdir -m 755 -p $(INSTALLROOT)$(COM32DIR) install -m 644 libutil_com.a libutil_lnx.a $(INSTALLROOT)$(COM32DIR) + +-include .*.d diff --git a/com32/libutil/sha256crypt.c b/com32/libutil/sha256crypt.c index 7dbd8fa..27f912e 100644 --- a/com32/libutil/sha256crypt.c +++ b/com32/libutil/sha256crypt.c @@ -10,11 +10,14 @@ #include #include #include -#include +#include #include #include "xcrypt.h" +#define MIN(x,y) min(x,y) +#define MAX(x,y) max(x,y) + /* Structure to save state of computation between the single steps. */ struct sha256_ctx { diff --git a/com32/libutil/sha512crypt.c b/com32/libutil/sha512crypt.c index 9ff587b..9553ec1 100644 --- a/com32/libutil/sha512crypt.c +++ b/com32/libutil/sha512crypt.c @@ -10,11 +10,14 @@ #include #include #include -#include +#include #include #include "xcrypt.h" +#define MIN(x,y) min(x,y) +#define MAX(x,y) max(x,y) + /* Structure to save state of computation between the single steps. */ struct sha512_ctx { diff --git a/com32/menu/Makefile b/com32/menu/Makefile index b898ce0..4e0abc5 100644 --- a/com32/menu/Makefile +++ b/com32/menu/Makefile @@ -16,7 +16,7 @@ TMPFILE = $(shell mktemp /tmp/gcc_ok.XXXXXX) -gcc_ok = $(shell tmpf=$(TMPFILE); if gcc $(1) -c -x c /dev/null -o $$tmpf 2>/dev/null; \ +gcc_ok = $(shell tmpf=$(TMPFILE); if $(CC) $(1) -c -x c /dev/null -o $$tmpf 2>/dev/null; \ then echo $(1); else echo $(2); fi; rm -f $$tmpf) M32 := $(call gcc_ok,-m32,) $(call gcc_ok,-fno-stack-protector,) @@ -28,8 +28,9 @@ NASM = nasm NASMOPT = -O9999 RANLIB = ranlib CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os \ - -fomit-frame-pointer -I../libutil/include -I../include \ - -D__COM32__ \ + -fomit-frame-pointer -D__COM32__ \ + -nostdinc -iwithprefix include \ + -I../libutil/include -I../include \ -Wp,-MT,$@,-MD,$(dir $@).$(notdir $@).d LNXCFLAGS = -W -Wall -O -g -I../libutil/include -D_GNU_SOURCE LNXSFLAGS = -g diff --git a/com32/menu/menumain.c b/com32/menu/menumain.c index ac1f943..f79d00e 100644 --- a/com32/menu/menumain.c +++ b/com32/menu/menumain.c @@ -803,7 +803,7 @@ run_menu(void) to_clear = 0; } - this_timeout = min(min(key_timeout, timeout_left), CLK_TCK); + this_timeout = min(min(key_timeout, timeout_left), (clock_t)CLK_TCK); key = mygetkey(this_timeout); if ( key != KEY_NONE ) { diff --git a/com32/modules/Makefile b/com32/modules/Makefile index 88c8593..4849d1c 100644 --- a/com32/modules/Makefile +++ b/com32/modules/Makefile @@ -28,8 +28,9 @@ NASM = nasm NASMOPT = -O9999 RANLIB = ranlib CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os \ - -fomit-frame-pointer -I../libutil/include -I../include \ - -D__COM32__ \ + -fomit-frame-pointer -D__COM32__ \ + -nostdinc -iwithprefix include \ + -I../libutil/include -I../include \ -Wp,-MT,$@,-MD,$(dir $@).$(notdir $@).d LNXCFLAGS = -W -Wall -O -g -I../libutil/include LNXSFLAGS = -g diff --git a/com32/samples/Makefile b/com32/samples/Makefile index f17911d..177f351 100644 --- a/com32/samples/Makefile +++ b/com32/samples/Makefile @@ -28,8 +28,9 @@ NASM = nasm NASMOPT = -O9999 RANLIB = ranlib CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os \ - -fomit-frame-pointer -I../libutil/include -I../include \ - -D__COM32__ \ + -fomit-frame-pointer -D__COM32__ \ + -nostdinc -iwithprefix include \ + -I../libutil/include -I../include \ -Wp,-MT,$@,-MD,$(dir $@).$(notdir $@).d LNXCFLAGS = -W -Wall -O -g -I../libutil/include LNXSFLAGS = -g diff --git a/dos/Makefile b/dos/Makefile index 1bfc513..ad202ee 100644 --- a/dos/Makefile +++ b/dos/Makefile @@ -11,7 +11,8 @@ CC = gcc LD = ld -m elf_i386 OBJCOPY = objcopy OPTFLAGS = -g -Os -march=i386 -falign-functions=0 -falign-jumps=0 -falign-loops=0 -fomit-frame-pointer -INCLUDES = -include code16.h -I. -I.. -I../libfat -I ../libinstaller +INCLUDES = -include code16.h -nostdinc -iwithprefix include \ + -I. -I.. -I../libfat -I ../libinstaller CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -msoft-float $(OPTFLAGS) $(INCLUDES) LDFLAGS = -T com16.ld AR = ar -- 2.7.4