Use some additional compiler flags, to proper harden them.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org --- graphviz/graphviz.nm | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-)
diff --git a/graphviz/graphviz.nm b/graphviz/graphviz.nm index 625c554b2..c5147c5f5 100644 --- a/graphviz/graphviz.nm +++ b/graphviz/graphviz.nm @@ -5,7 +5,7 @@
name = graphviz version = 7.0.4 -release = 1 +release = 2
groups = Development/Tools url = https://gitlab.com/graphviz/graphviz @@ -42,6 +42,32 @@ build ./autogen.sh end
+ configure_options += \ + --enable-debug + + configure_cmds + # Add some additional C compiler flags to proper harden liblab_gamut. + sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \ + lib/edgepaint/Makefile + + # Add some additional C and C++ compiler flags to proper harden + # the "dot" binaries. + sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \ + cmd/dot/Makefile + sed -i '/^CXXFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \ + cmd/dot/Makefile + + # Add some additional C compiler flags to proper harden the + # "gvpr" binaries. + sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \ + cmd/gvpr/Makefile + + # Add some additional C compiler flags to proper harden the + # tools. + sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \ + cmd/tools/Makefile + end + test make check end