Merge #243211: treewide: disable fortify3 flag on packages
...into staging-next
This commit is contained in:
commit
b77e88f15c
|
@ -25,6 +25,9 @@ stdenv.mkDerivation rec {
|
|||
nativeBuildInputs = [ pkg-config wrapGAppsHook4 ];
|
||||
buildInputs = [ gtk4 alsa-lib ];
|
||||
|
||||
# causes redefinition of _FORTIFY_SOURCE
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "GUI for alsa controls presented by Focusrite Scarlett Gen 2/3 Mixer Driver";
|
||||
homepage = "https://github.com/geoffreybennett/alsa-scarlett-gui";
|
||||
|
|
|
@ -722,6 +722,10 @@ in
|
|||
# remove ccache
|
||||
substituteInPlace CMakeLists.txt --replace "ccache" ""
|
||||
'';
|
||||
|
||||
# causes redefinition of _FORTIFY_SOURCE
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
postBuild = "cd /build/source/build/pcsx2";
|
||||
meta = {
|
||||
description = "Port of PCSX2 to libretro";
|
||||
|
|
|
@ -51,6 +51,9 @@ stdenv.mkDerivation rec {
|
|||
"-Wno-error=array-bounds"
|
||||
];
|
||||
|
||||
# error: writing 1 byte into a region of size 0
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
|
|
|
@ -28,6 +28,12 @@ stdenv.mkDerivation rec {
|
|||
|
||||
OMP_NUM_THREADS = 2; # required for check phase
|
||||
|
||||
# With "fortify3", there are test failures, such as:
|
||||
# Testing cnof CAMB3LYP/6-31G using FMM
|
||||
# *** buffer overflow detected ***: terminated
|
||||
# ./test_fmm_camb3lyp.sh: line 81: 1061289 Aborted (core dumped) ./ergo <<EOINPUT > /dev/null
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
doCheck = true;
|
||||
|
||||
meta = with lib; {
|
||||
|
|
|
@ -99,8 +99,13 @@ buildPythonApplication rec {
|
|||
./disable-test_ssh_bootstrap_with_different_launchers.patch
|
||||
];
|
||||
|
||||
# Causes build failure due to warning
|
||||
hardeningDisable = lib.optional stdenv.cc.isClang "strictoverflow";
|
||||
hardeningDisable = [
|
||||
# causes redefinition of _FORTIFY_SOURCE
|
||||
"fortify3"
|
||||
] ++ lib.optionals stdenv.cc.isClang [
|
||||
# Causes build failure due to warning
|
||||
"strictoverflow"
|
||||
];
|
||||
|
||||
CGO_ENABLED = 0;
|
||||
GOFLAGS = "-trimpath";
|
||||
|
|
|
@ -29,6 +29,9 @@ stdenv.mkDerivation rec {
|
|||
"--disable-exec-static-tramp"
|
||||
];
|
||||
|
||||
# with fortify3, tests fail for some reason
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
preCheck = ''
|
||||
# The tests use -O0 which is not compatible with -D_FORTIFY_SOURCE.
|
||||
NIX_HARDENING_ENABLE=''${NIX_HARDENING_ENABLE/fortify/}
|
||||
|
|
|
@ -31,6 +31,9 @@ stdenv.mkDerivation rec {
|
|||
"USE_SYSTEM_MINIZIP=1"
|
||||
];
|
||||
|
||||
# TEST 428/429 worksheet:worksheet_table15 *** buffer overflow detected ***: terminated
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
doCheck = true;
|
||||
|
||||
checkTarget = "test";
|
||||
|
|
|
@ -22,6 +22,14 @@ in stdenv.mkDerivation rec {
|
|||
doCheck = true;
|
||||
buildFlags = [ "GCC_BASE:=${GCC_BASE}" ];
|
||||
|
||||
# Test failures with "fortify3" on, such as:
|
||||
# +*** buffer overflow detected ***: terminated
|
||||
# +Aborted (core dumped)
|
||||
# error: Actual exit value does not match the expected one.
|
||||
# error: expected 0, got 134.
|
||||
# error: FAIL: test 'bool-float.c' failed
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
passthru.tests = {
|
||||
simple-execution = callPackage ./tests.nix { };
|
||||
};
|
||||
|
|
|
@ -50,6 +50,9 @@ stdenv.mkDerivation rec {
|
|||
protobuf
|
||||
];
|
||||
|
||||
# inlining failed in call to 'tinydir_open': --param max-inline-insns-single limit reached
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://cxong.github.io/cdogs-sdl";
|
||||
description = "Open source classic overhead run-and-gun game";
|
||||
|
|
|
@ -12,6 +12,9 @@ stdenv.mkDerivation {
|
|||
|
||||
makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" "prefix=$(out)" ];
|
||||
|
||||
# causes redefinition of _FORTIFY_SOURCE
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p $out/share/man/man1
|
||||
cp man/mmc.1 $out/share/man/man1/
|
||||
|
|
|
@ -59,7 +59,10 @@ stdenv.mkDerivation rec {
|
|||
protobuf
|
||||
];
|
||||
|
||||
hardeningDisable = lib.optionals debug [
|
||||
hardeningDisable = [
|
||||
# causes redefinition of _FORTIFY_SOURCE
|
||||
"fortify3"
|
||||
] ++ lib.optionals debug [
|
||||
"fortify"
|
||||
];
|
||||
|
||||
|
|
|
@ -26,6 +26,9 @@ stdenv.mkDerivation rec {
|
|||
pciutils
|
||||
];
|
||||
|
||||
# causes redefinition of _FORTIFY_SOURCE
|
||||
hardeningDisable = [ "fortify3" ];
|
||||
|
||||
postBuild = ''
|
||||
patchShebangs lsmsr/createheader.py
|
||||
make -C lsmsr
|
||||
|
|
|
@ -27,6 +27,11 @@ stdenv.mkDerivation rec {
|
|||
"-Wno-error=maybe-uninitialized"
|
||||
];
|
||||
|
||||
hardeningDisable = lib.optionals stdenv.isAarch64 [
|
||||
# error: 'read' writing 1 byte into a region of size 0 overflows the destination
|
||||
"fortify3"
|
||||
];
|
||||
|
||||
installFlags = [
|
||||
"sysconfdir=${placeholder "out"}/etc"
|
||||
];
|
||||
|
|
Loading…
Reference in a new issue