Merge pull request #41192 from oxij/tree/hardening-unformat
remove some format hardenings
This commit is contained in:
commit
5418dfcd5c
|
@ -162,6 +162,8 @@ stdenv.mkDerivation rec {
|
|||
# that in turn causes GHCi to abort
|
||||
stripDebugFlags = [ "-S" ] ++ stdenv.lib.optional (!targetPlatform.isDarwin) "--keep-file-symbols";
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
postInstall = ''
|
||||
for bin in "$out"/lib/${name}/bin/*; do
|
||||
isELF "$bin" || continue
|
||||
|
|
|
@ -172,6 +172,8 @@ stdenv.mkDerivation rec {
|
|||
|
||||
checkTarget = "test";
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
postInstall = ''
|
||||
for bin in "$out"/lib/${name}/bin/*; do
|
||||
isELF "$bin" || continue
|
||||
|
|
|
@ -8,6 +8,12 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "0czccp4fcpf2ykp16xcrzdfmnircz1ynhls334q374xknd5747d2";
|
||||
};
|
||||
|
||||
# fails 1 out of 1 tests with "BAD GLOBAL SYMBOLS" on i686
|
||||
# which can also be fixed with
|
||||
# hardeningDisable = stdenv.lib.optional stdenv.isi686 "pic";
|
||||
# but it's better to disable tests than loose ASLR on i686
|
||||
doCheck = !stdenv.isi686;
|
||||
|
||||
meta = {
|
||||
description = "ATSC A/52 stream decoder";
|
||||
homepage = http://liba52.sourceforge.net/;
|
||||
|
|
|
@ -4,16 +4,17 @@ stdenv.mkDerivation rec {
|
|||
name = "${pname}-${version}";
|
||||
version = "1.6.0";
|
||||
pname = "enchant";
|
||||
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://www.abisource.com/downloads/${pname}/${version}/${name}.tar.gz";
|
||||
sha256 = "0zq9yw1xzk8k9s6x83n1f9srzcwdavzazn3haln4nhp9wxxrxb1g";
|
||||
};
|
||||
|
||||
|
||||
nativeBuildInputs = [ pkgconfig ];
|
||||
buildInputs = [aspell glib hunspell hspell];
|
||||
|
||||
buildInputs = [ aspell glib hunspell hspell ];
|
||||
|
||||
meta = {
|
||||
description = "Generic spell checking library";
|
||||
homepage = http://www.abisource.com/enchant;
|
||||
platforms = stdenv.lib.platforms.unix;
|
||||
};
|
||||
|
|
|
@ -21,8 +21,11 @@ in stdenv.mkDerivation {
|
|||
# Use CC, CXX, and LD from environment
|
||||
./2.6.2-cxx.patch
|
||||
];
|
||||
|
||||
preConfigure = "export LD=${if stdenv.isDarwin then "clang++" else "g++"}";
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
NIX_CFLAGS_COMPILE =
|
||||
stdenv.lib.optional stdenv.isDarwin "-mmacosx-version-min=10.9";
|
||||
|
||||
|
|
|
@ -31,6 +31,8 @@ stdenv.mkDerivation {
|
|||
|
||||
makeFlags = ["prefix=$(out)" "WERROR=0"] ++ kernel.makeFlags;
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
# perf refers both to newt and slang
|
||||
nativeBuildInputs = [
|
||||
asciidoc xmlto docbook_xsl docbook_xml_dtd_45 libxslt
|
||||
|
|
|
@ -9263,7 +9263,7 @@ with pkgs;
|
|||
|
||||
qt-gstreamer = callPackage ../development/libraries/gstreamer/legacy/qt-gstreamer {};
|
||||
|
||||
qt-gstreamer1 = callPackage ../development/libraries/gstreamer/qt-gstreamer { boost = boost155;};
|
||||
qt-gstreamer1 = callPackage ../development/libraries/gstreamer/qt-gstreamer { boost = boost155; };
|
||||
|
||||
qtstyleplugin-kvantum-qt4 = callPackage ../development/libraries/qtstyleplugin-kvantum-qt4 { };
|
||||
|
||||
|
|
|
@ -6462,10 +6462,9 @@ let self = _self // overrides; _self = with self; {
|
|||
patches = [ ../development/perl-modules/gd-options-passthrough-and-fontconfig.patch ];
|
||||
|
||||
# otherwise "cc1: error: -Wformat-security ignored without -Wformat [-Werror=format-security]"
|
||||
NIX_CFLAGS_COMPILE = [ "-Wno-error=format-security" ];
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
# tests fail
|
||||
doCheck = false;
|
||||
doCheck = false; # fails 1 out of 13 tests
|
||||
|
||||
makeMakerFlags = "--lib_png_path=${pkgs.libpng.out} --lib_jpeg_path=${pkgs.libjpeg.out} --lib_zlib_path=${pkgs.zlib.out} --lib_ft_path=${pkgs.freetype.out} --lib_fontconfig_path=${pkgs.fontconfig.lib} --lib_xpm_path=${pkgs.xorg.libXpm.out}";
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue