mirror of
https://github.com/projectacrn/acrn-hypervisor.git
synced 2025-09-18 15:28:43 +00:00
265499c2f2
"-O2 -D_FORTIFY_SOURCE=2": GCC C-Compiler can analyze the source code to be compiled and detect certain insecure sections, that might create a security problem. The compiler will replace the insecure function calls with special hardened code that will perform extra runtime checks while the process is executed. "-Wformat -Wformat-security": It warns about calls to "printf" and "scanf" functions where the format string is not a string literal and there are no format arguments, as in "printf (foo);". This may be a security hole if the format string came from untrusted input and contains %n. Tracked-On: 224003 Signed-off-by: wenshelx <wenshengx.wang@intel.com>