From 24d901aaf4738a7c9114a22e03629abd0dd20613 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <encukou@gmail.com>
Date: Mon, 22 Jul 2024 11:36:56 +0200
Subject: [PATCH] gh-112301: Revert "Add fortify source level 3 to default
 compiler options (gh-121520)"

Adding the flag broke buildbots.

This reverts commit bdab67e1c795443a0d8f8a5bbeb3a91ac4fd5a19.
---
 ...-07-08-23-39-04.gh-issue-112301.TD8G01.rst |  2 -
 configure                                     | 39 -------------------
 configure.ac                                  |  1 -
 3 files changed, 42 deletions(-)
 delete mode 100644 Misc/NEWS.d/next/Security/2024-07-08-23-39-04.gh-issue-112301.TD8G01.rst

diff --git a/Misc/NEWS.d/next/Security/2024-07-08-23-39-04.gh-issue-112301.TD8G01.rst b/Misc/NEWS.d/next/Security/2024-07-08-23-39-04.gh-issue-112301.TD8G01.rst
deleted file mode 100644
index d9b48993a2fb1a..00000000000000
--- a/Misc/NEWS.d/next/Security/2024-07-08-23-39-04.gh-issue-112301.TD8G01.rst
+++ /dev/null
@@ -1,2 +0,0 @@
-Enable runtime protections for glibc to abort execution when unsafe behavior is encountered,
-for all platforms except Windows.
diff --git a/configure b/configure
index 36f4bf7c05f7f3..73d3bda9ddcdaa 100755
--- a/configure
+++ b/configure
@@ -9691,45 +9691,6 @@ else $as_nop
 printf "%s\n" "$as_me: WARNING: -Wtrampolines not supported" >&2;}
 fi
 
-{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -D_FORTIFY_SOURCE=3" >&5
-printf %s "checking whether C compiler accepts -D_FORTIFY_SOURCE=3... " >&6; }
-if test ${ax_cv_check_cflags___D_FORTIFY_SOURCE_3+y}
-then :
-  printf %s "(cached) " >&6
-else $as_nop
-
-  ax_check_save_flags=$CFLAGS
-  CFLAGS="$CFLAGS  -D_FORTIFY_SOURCE=3"
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main (void)
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"
-then :
-  ax_cv_check_cflags___D_FORTIFY_SOURCE_3=yes
-else $as_nop
-  ax_cv_check_cflags___D_FORTIFY_SOURCE_3=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext
-  CFLAGS=$ax_check_save_flags
-fi
-{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___D_FORTIFY_SOURCE_3" >&5
-printf "%s\n" "$ax_cv_check_cflags___D_FORTIFY_SOURCE_3" >&6; }
-if test "x$ax_cv_check_cflags___D_FORTIFY_SOURCE_3" = xyes
-then :
-  BASECFLAGS="$BASECFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3"
-else $as_nop
-  { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: -D_FORTIFY_SOURCE=3 not supported" >&5
-printf "%s\n" "$as_me: WARNING: -D_FORTIFY_SOURCE=3 not supported" >&2;}
-fi
-
 
 case $GCC in
 yes)
diff --git a/configure.ac b/configure.ac
index 5873002039886a..00246a12100863 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2460,7 +2460,6 @@ AS_VAR_IF([with_strict_overflow], [yes],
 # These flags should be enabled by default for all builds.
 AX_CHECK_COMPILE_FLAG([-fstack-protector-strong], [BASECFLAGS="$BASECFLAGS -fstack-protector-strong"], [AC_MSG_WARN([-fstack-protector-strong not supported])], [-Werror])
 AX_CHECK_COMPILE_FLAG([-Wtrampolines], [BASECFLAGS="$BASECFLAGS -Wtrampolines"], [AC_MSG_WARN([-Wtrampolines not supported])], [-Werror])
-AX_CHECK_COMPILE_FLAG([-D_FORTIFY_SOURCE=3], [BASECFLAGS="$BASECFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3"], [AC_MSG_WARN([-D_FORTIFY_SOURCE=3 not supported])])
 
 case $GCC in
 yes)