I’m building some rpms of some c/c++ libraries I’m trying to confirm use the hardening flags in gcc. During compile time I see my binaries are properly calling -D_FORTIFY_SOURCE=2 but the hardening-check binary seems to return that the flag was not called. Is it possible that this is a false positive and is there any other tools for confirming the accuracy of the hardening flags?
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Report from the Reproducible Builds Hackfest during Flock 2023 | 8 | 2004 | April 11, 2025 | |
| Package gcc-c++-14.2.1-1.fc40.x86_64 cannot be verified | 3 | 117 | October 10, 2024 | |
| Corruption on a binary generated during packaging | 6 | 78 | May 31, 2025 | |
| F42 Change Proposal: Optimized Binaries for the AMD64 / x86_64 Architecture (v2) (self-contained) | 59 | 2230 | June 25, 2025 | |
| Does the fedora-cisco-openh264 repo make Fedora to be not free? Is the repo content a binary blob? Implications? | 28 | 1298 | August 6, 2025 |