@@ -120,18 +120,28 @@ function(add_ur_target_compile_options name)
120120 elseif (MSVC )
121121 target_compile_options (${name} PRIVATE
122122 $<$<CXX_COMPILER_ID:MSVC >:/MP> # clang-cl.exe does not support /MP
123- /W3
124123 /MD $<$<CONFIG:Debug>:d>
125- /GS
126- /DWIN32_LEAN_AND_MEAN
127- /DNOMINMAX
124+
125+ /W3
126+ /GS # Enable: Buffer security check
127+ /Gy # Enable: Function-level linking
128+
129+ $<$<CONFIG:Release>:/sdl> # Enable: Additional SDL checks
130+ $<$<CXX_COMPILER_ID:MSVC >:/Qspectre> # Enable: Mitigate Spectre variant 1 vulnerabilities
131+
132+ /wd4267 # Disable: 'var' : conversion from 'size_t' to 'type', possible loss of data
133+ /wd6244 # Disable: local declaration of 'variable' hides previous declaration
134+ /wd6246 # Disable: local declaration of 'variable' hides declaration of same name in outer scope
135+ )
136+
137+ target_compile_definitions (${name} PRIVATE
138+ WIN32_LEAN_AND_MEAN NOMINMAX # Cajole Windows.h to define fewer symbols
139+ _CRT_SECURE_NO_WARNINGS # Slience warnings about getenv
128140 )
129141
130142 if (UR_DEVELOPER_MODE)
131- # _CRT_SECURE_NO_WARNINGS used mainly because of getenv
132- # C4267: The compiler detected a conversion from size_t to a smaller type.
133143 target_compile_options (${name} PRIVATE
134- /WX /GS /D_CRT_SECURE_NO_WARNINGS /wd4267
144+ /WX # Enable: Treat all warnings as errors
135145 )
136146 endif ()
137147 endif ()
@@ -155,9 +165,12 @@ function(add_ur_target_link_options name)
155165 endif ()
156166 elseif (MSVC )
157167 target_link_options (${name} PRIVATE
158- LINKER:/DYNAMICBASE
159- LINKER:/HIGHENTROPYVA
160- LINKER:/NXCOMPAT
168+ LINKER:/DYNAMICBASE # Enable: Modify header to indicate ASLR should be use
169+ LINKER:/HIGHENTROPYVA # Enable: High-entropy address space layout randomization (ASLR)
170+ $<$<CONFIG:Release>:
171+ LINKER:/NXCOMPAT # Enable: Data Execution Prevention
172+ LINKER:/LTCG # Enable: Link-time code generation
173+ >
161174 )
162175 endif ()
163176endfunction ()
0 commit comments