Author: Dharanendiran <dharanendiran@timesys.com>
Date: Tue, 11 Nov 2025 14:41:38 +0530


---
 configure | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/configure b/configure
index 07ef9b4..d0e4955 100755
--- a/configure
+++ b/configure
@@ -8157,6 +8157,16 @@ fi
     # with some versions of GCC and adds "stack canaries" which detect
     # when the return address has been overwritten, preventing many types of exploit attacks.
     # First check for -fstack-protector-strong, then for -fstack-protector...
+
+    # --------------------------------------------------------------------
+    # Allow manual disable of stack protector flags via environment variable
+    # Example: export CUPS_DISABLE_STACK_PROTECTOR=1
+    # --------------------------------------------------------------------
+    if test "x$CUPS_DISABLE_STACK_PROTECTOR" = "x1"; then
+        CFLAGS="$OLDCFLAGS"
+        OPTIM="$OPTIM -fno-stack-protector"
+        # Skip the rest of the detection code safely
+    else
     { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether compiler supports -fstack-protector-strong" >&5
 printf %s "checking whether compiler supports -fstack-protector-strong... " >&6; }
     OLDCFLAGS="$CFLAGS"
@@ -8214,6 +8224,8 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam \
     conftest$ac_exeext conftest.$ac_ext
 
 fi
+
+    fi # End of manual disable section
 rm -f core conftest.err conftest.$ac_objext conftest.beam \
     conftest$ac_exeext conftest.$ac_ext
     CFLAGS="$OLDCFLAGS"
-- 
2.34.1