diff --git a/pkgs/build-support/cc-wrapper/add-hardening.sh b/pkgs/build-support/cc-wrapper/add-hardening.sh
index 4440d99ccabafe..4b5c1733e75f7f 100644
--- a/pkgs/build-support/cc-wrapper/add-hardening.sh
+++ b/pkgs/build-support/cc-wrapper/add-hardening.sh
@@ -6,9 +6,15 @@ declare -A hardeningEnableMap=()
 # Intentionally word-split in case 'NIX_HARDENING_ENABLE' is defined in Nix. The
 # array expansion also prevents undefined variables from causing trouble with
 # `set -u`.
-for flag in ${NIX_HARDENING_ENABLE_@suffixSalt@-}; do
-  hardeningEnableMap["$flag"]=1
-done
+if [[ -z "${__structuredAttrs-}" ]]; then
+  for flag in ${NIX_HARDENING_ENABLE_@suffixSalt@-}; do
+    hardeningEnableMap["$flag"]=1
+  done
+else
+  for flag in "${NIX_HARDENING_ENABLE_@suffixSalt@[@]}"; do
+    hardeningEnableMap["$flag"]=1
+  done
+fi
 
 # fortify3 implies fortify enablement - make explicit before
 # we filter unsupported flags because unsupporting fortify3
diff --git a/pkgs/test/cc-wrapper/hardening.nix b/pkgs/test/cc-wrapper/hardening.nix
index 270e9a2e876164..fb30d17841e3da 100644
--- a/pkgs/test/cc-wrapper/hardening.nix
+++ b/pkgs/test/cc-wrapper/hardening.nix
@@ -178,6 +178,13 @@ in nameDrvAfterAttrName ({
     ignorePie = false;
   });
 
+  pieExplicitEnabledStructuredAttrs = brokenIf stdenv.hostPlatform.isStatic (checkTestBin (f2exampleWithStdEnv stdenv {
+    hardeningEnable = [ "pie" ];
+    __structuredAttrs = true;
+  }) {
+    ignorePie = false;
+  });
+
   relROExplicitEnabled = checkTestBin (f2exampleWithStdEnv stdenv {
     hardeningEnable = [ "relro" ];
   }) {