Makefile

Jan 1, 0001

Definition

A Makefile is a special file containing a set of directives used by the make build automation tool to compile and manage dependencies of a project. It defines how to derive the target program from source files, specifying rules, dependencies, and commands. Makefiles are commonly used in C/C++ projects but can be adapted for other programming languages and tasks, facilitating efficient project builds and automation.

Secure Settings Example

# Secure Makefile example with explicit shell and safe flags
SHELL := /bin/bash
CFLAGS := -Wall -Wextra -Werror -O2
LDFLAGS := -Wl,-z,relro,-z,now

all: myapp

myapp: main.o utils.o
	$(CC) $(LDFLAGS) -o $@ $^

%.o: %.c
	$(CC) $(CFLAGS) -c $<

clean:
	rm -f *.o myapp

Insecure Settings Example

# Insecure Makefile example with unsafe flags and implicit shell
CFLAGS := -O0
LDFLAGS :=

all: myapp

myapp: main.o utils.o
	$(CC) -o $@ $^

%.o: %.c
	$(CC) -c $<

clean:
	rm -f *.o myapp

Makefile

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter