Build with more compiler flags #113
Description
Could you add more compiler flags to the default build to bring up more issues and fix them?
Here is a suggestion:
# https://security.stackexchange.com/questions/24444/what-is-the-most-hardened-set-of-options-for-gcc-compiling-c-c#24840
# https://github.com/neovim/neovim/issues/2557#issuecomment-98228545
CPPFLAGS="-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3"
CFLAGS="-O2 -fPIC -fPIE -fdiagnostics-color -Wall -Wextra \
-Wformat=2 -Wformat-nonliteral -Wwrite-strings -Wstringop-overflow=4 \
-Wunused -Wundef -Wswitch-enum \
-Wpointer-arith -Wcast-qual -Wcast-align -Wconversion -Wsign-conversion \
-fstack-protector-strong -fstack-clash-protection -Wstack-protector \
-Wlogical-op -Wshadow -Wbad-function-cast -Wnested-externs"
LDFLAGS="-Wl,-zrelro,-pie,-znow,-znoexecstack"
These are examples:
main.c: In function ‘DHFromArray’:
main.c:143:5: warning: ‘DH_new’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
143 | if ((dh = DH_new()) == NULL) {
| ^~
In file included from /usr/include/openssl/dsa.h:31,
from /usr/include/openssl/x509.h:37,
from /usr/include/openssl/ssl.h:32,
from ./cutil.h:9,
from main.c:32:
/usr/include/openssl/dh.h:210:27: note: declared here
210 | OSSL_DEPRECATEDIN_3_0 DH *DH_new(void);
| ^~~~~~
console.c:2201:6: warning: "USE_IPV6" is not defined, evaluates to 0 [-Wundef]
2201 | #if !USE_IPV6
| ^~~~~~~~
console.c:382:9: warning: passing argument 1 of ‘Msg’ discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
382 | Msg("options: %s", acA1->string);
| ^~~~~~~~~~~~~
../conserver/cutil.h:157:17: note: expected ‘char *’ but argument is of type ‘const char *’
157 | extern void Msg(char *, ...);
| ^~~~~~
console.c:521:9: warning: unused variable ‘one’ [-Wunused-variable]
521 | int one = 1;
| ^~~