From 77dad2bd087d62dfddcab30833e1bd9981c0f6a4 Mon Sep 17 00:00:00 2001 From: Patrick Schleizer Date: Fri, 10 Nov 2023 14:09:01 -0500 Subject: [PATCH] more secure compile time options and removed unused variables --- Makefile | 7 +++++-- bindp.c | 12 +++++------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/Makefile b/Makefile index e439881..fb81b99 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,10 @@ TARGET=libindp.so +CC=gcc +CFLAGS=-nostartfiles -fpic -shared -D_GNU_SOURCE -fstack-protector-all -Wall -Wextra -Wformat-security -O2 -D_FORTIFY_SOURCE=2 -fstack-clash-protection -fcf-protection +LDFLAGS=-ldl -Wl,-z,relro -Wl,-z,now -Wl,-z,defs -Wl,-z,noexecstack all: - gcc -nostartfiles -fpic -shared bindp.c -o ${TARGET} -ldl -D_GNU_SOURCE + $(CC) $(CFLAGS) bindp.c -o $(TARGET) $(LDFLAGS) clean: - rm ${TARGET} -f + rm -f $(TARGET) diff --git a/bindp.c b/bindp.c index b2e9763..6749a3a 100644 --- a/bindp.c +++ b/bindp.c @@ -194,7 +194,6 @@ int bind (int fd, const struct sockaddr *sk, socklen_t sl) { #endif if (ip_transparent) { - int opt =1; setsockopt(fd, SOL_IP, IP_TRANSPARENT, &ip_transparent, sizeof(ip_transparent)); } @@ -214,13 +213,9 @@ int connect (int fd, const struct sockaddr *sk, socklen_t sl) { if (debug_enabled) { printf("[-] connect(): AF_INET connect() call, binding to local address\n"); } - static struct sockaddr_in *rsk_in; - - rsk_in = (struct sockaddr_in *)sk; if (bind_addr_saddr || bind_port_saddr) { - int r = bind (fd, (struct sockaddr *)local_sockaddr_in, sizeof (struct sockaddr)); - + bind (fd, (struct sockaddr *)local_sockaddr_in, sizeof (struct sockaddr)); } return real_connect (fd, sk, sl); @@ -232,6 +227,9 @@ int connect (int fd, const struct sockaddr *sk, socklen_t sl) { } } -int main(int argc,char **argv) { + +int main(int argc, char **argv) { + (void)argc; // Suppress unused parameter warning + (void)argv; // Suppress unused parameter warning return 0; }