Check new compilation options with gcc 15

Description

Check if new flags to secure code development comes with update to gcc 15 to integrate them.

Code version and environment identification

Analysed by commit 26dad54e1a3bbf5d2f277502fa51b5d9cba77099

Steps to reproduce

N.A

Relevant logs and/or screenshots

N.A

Analysis

See https://gcc.gnu.org/gcc-15/

After a first analysis:

  • option -fanalyzer still brings a lot a false positive and is not activated
  • no new option on the sanitizer option (except for Aarch64 but CMakeList.txt would be very complex if we add different option per architecture
  • -fharden-control-flow-redundancy (introduced in GCC 14) seems interesting to boost security

Security impact

New option -fharden-control-flow-redundancy will enhance security.

Possible fixes

N.A

Edited by Vincent Lacroix