diff options
-rw-r--r-- | doc/stdenv.xml | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/doc/stdenv.xml b/doc/stdenv.xml index f8d9acb2fb0..0c2bb033957 100644 --- a/doc/stdenv.xml +++ b/doc/stdenv.xml @@ -1317,6 +1317,33 @@ in the default system locations.</para> </section> +<section xml:id="sec-hardening-in-nixpkgs"><title>Hardening in Nixpkgs</title> + +<para>By default some flags to harden packages at compile or link-time are set:</para> + +<variablelist> + + <varlistentry> + <term><varname>hardening_format</varname></term> + <listitem><para>Adds the <option>-Wformat -Wformat-security + -Werror=format-security</option> compiler options. At present, + this warns about calls to printf and scanf functions where the + format string is not a string literal and there are no format + arguments, as in <literal>printf(foo);</literal>. This may be + a security hole if the format string came from untrusted input + and contains <literal>%n</literal>.</para> + + <para>This needs to be turned off or fixed for errors similar to:</para> + + <programlisting> +/tmp/nix-build-zynaddsubfx-2.5.2.drv-0/zynaddsubfx-2.5.2/src/UI/guimain.cpp:571:28: error: format not a string literal and no format arguments [-Werror=format-security] + printf(help_message); + ^ +cc1plus: some warnings being treated as errors + </programlisting></listitem> + </varlistentry> +</variablelist> +</section> </chapter> |