From c625134668213eff97a837da54daec4425710d67 Mon Sep 17 00:00:00 2001
From: Brian Aker <brian@tangent.org>
Date: Wed, 19 Sep 2012 22:32:35 -0400
Subject: [PATCH] Update hardening flags.

---
 m4/ax_harden_compiler_flags.m4 | 36 ++++++++++++++++++++++++++++++++--
 1 file changed, 34 insertions(+), 2 deletions(-)

diff --git a/m4/ax_harden_compiler_flags.m4 b/m4/ax_harden_compiler_flags.m4
index 1490819d..7eecc0a1 100644
--- a/m4/ax_harden_compiler_flags.m4
+++ b/m4/ax_harden_compiler_flags.m4
@@ -63,6 +63,7 @@
           AX_CHECK_LINK_FLAG([-Werror])
           ])
       AX_CHECK_LINK_FLAG([-z relro -z now])
+      AX_CHECK_LINK_FLAG([-pie])
       ])
 
   AC_DEFUN([AX_HARDEN_C_COMPILER_FLAGS], [
@@ -83,14 +84,44 @@
 
       AX_APPEND_COMPILE_FLAGS([-Wall])
       AX_APPEND_COMPILE_FLAGS([-Wextra])
-      AX_APPEND_COMPILE_FLAGS([-std=c99])
+      AX_APPEND_COMPILE_FLAGS([-Wpragmas])
+      AX_APPEND_COMPILE_FLAGS([--paramssp-buffer-size=1])
+      AX_APPEND_COMPILE_FLAGS([-Waddress])
+      AX_APPEND_COMPILE_FLAGS([-Warray-bounds])
       AX_APPEND_COMPILE_FLAGS([-Wbad-function-cast])
+      AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts])
+      AX_APPEND_COMPILE_FLAGS([-Wcomment])
+      AX_APPEND_COMPILE_FLAGS([-Wctor-dtor-privacy])
+      AX_APPEND_COMPILE_FLAGS([-Wfloat-equal])
+      AX_APPEND_COMPILE_FLAGS([-Wformat=2])
+      AX_APPEND_COMPILE_FLAGS([-Wlogical-op])
+      AX_APPEND_COMPILE_FLAGS([-Wmaybe-uninitialized])
+      AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers])
+      AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn])
       AX_APPEND_COMPILE_FLAGS([-Wmissing-prototypes])
       AX_APPEND_COMPILE_FLAGS([-Wnested-externs])
+      AX_APPEND_COMPILE_FLAGS([-Wnon-virtual-dtor])
+      AX_APPEND_COMPILE_FLAGS([-Wnormalized=id])
       AX_APPEND_COMPILE_FLAGS([-Wold-style-definition])
+      AX_APPEND_COMPILE_FLAGS([-Woverloaded-virtual])
       AX_APPEND_COMPILE_FLAGS([-Woverride-init])
+      AX_APPEND_COMPILE_FLAGS([-Wpointer-arith])
+      AX_APPEND_COMPILE_FLAGS([-Wredundant-decls])
+      AX_APPEND_COMPILE_FLAGS([-Wshadow])
+      AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32])
+      AX_APPEND_COMPILE_FLAGS([-Wsign-compare])
+      AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1])
       AX_APPEND_COMPILE_FLAGS([-Wstrict-prototypes])
-      AX_APPEND_COMPILE_FLAGS([-Wlogical-op])
+      AX_APPEND_COMPILE_FLAGS([-Wswitch-enum])
+      AX_APPEND_COMPILE_FLAGS([-Wundef])
+      AX_APPEND_COMPILE_FLAGS([-Wunused-result])
+      AX_APPEND_COMPILE_FLAGS([-Wunused-variable])
+      AX_APPEND_COMPILE_FLAGS([-Wwrite-strings])
+      AX_APPEND_COMPILE_FLAGS([-fPIE])
+      AX_APPEND_COMPILE_FLAGS([-floop-parallelize-all])
+      AX_APPEND_COMPILE_FLAGS([-fwrapv])
+      AX_APPEND_COMPILE_FLAGS([-ggdb])
+      AX_APPEND_COMPILE_FLAGS([-std=c99])
       AC_LANG_POP
 
       ])
@@ -140,6 +171,7 @@
       AX_APPEND_COMPILE_FLAGS([-Wwrite-strings])
       AX_APPEND_COMPILE_FLAGS([-floop-parallelize-all])
       AX_APPEND_COMPILE_FLAGS([-fwrapv])
+      AX_APPEND_COMPILE_FLAGS([-fPIE])
       AX_APPEND_COMPILE_FLAGS([-ggdb])
       AC_LANG_POP
   ])
-- 
2.30.2