From 286e67ddd2d06893a292f9f0c1473a6c23d5a307 Mon Sep 17 00:00:00 2001
From: lopachecoc <lopachecoc@housat.com>
Date: Tue, 10 Jan 2017 13:41:23 +0000
Subject: [PATCH] chore(build): improve hardening flags

Using "-fstack-protector-all" makes "--param ssp-buffer-size=1" pointless.

For ASLR "-pie -fPIE" is needed instead of just "-fPIE".
---
 qtox.pro | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/qtox.pro b/qtox.pro
index ba514e1d8..6be79e6c4 100644
--- a/qtox.pro
+++ b/qtox.pro
@@ -47,16 +47,17 @@ CONFIG   += silent
 # Hardening flags (ASLR, warnings, etc)
 # TODO: add `-Werror` to hardening flags once all warnings are fixed
 win32 {
-    QMAKE_CXXFLAGS += -fPIE \
+    QMAKE_CXXFLAGS += -pie \
+                      -fPIE \
                       -Wstrict-overflow \
                       -Wstrict-aliasing
 } else {
     QMAKE_CXXFLAGS += -fstack-protector-all \
+                      -pie \
                       -fPIE \
                       -Wstack-protector \
                       -Wstrict-overflow \
-                      -Wstrict-aliasing \
-                      --param ssp-buffer-size=1
+                      -Wstrict-aliasing
 }
 
 # osx & windows cannot into security (build on it fails with those enabled)