graphviz: Proper harden some binaries
Commit Message
Use some additional compiler flags, to proper
harden them.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
graphviz/graphviz.nm | 28 +++++++++++++++++++++++++++-
1 file changed, 27 insertions(+), 1 deletion(-)
@@ -5,7 +5,7 @@
name = graphviz
version = 7.0.4
-release = 1
+release = 2
groups = Development/Tools
url = https://gitlab.com/graphviz/graphviz
@@ -42,6 +42,32 @@ build
./autogen.sh
end
+ configure_options += \
+ --enable-debug
+
+ configure_cmds
+ # Add some additional C compiler flags to proper harden liblab_gamut.
+ sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \
+ lib/edgepaint/Makefile
+
+ # Add some additional C and C++ compiler flags to proper harden
+ # the "dot" binaries.
+ sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \
+ cmd/dot/Makefile
+ sed -i '/^CXXFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \
+ cmd/dot/Makefile
+
+ # Add some additional C compiler flags to proper harden the
+ # "gvpr" binaries.
+ sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \
+ cmd/gvpr/Makefile
+
+ # Add some additional C compiler flags to proper harden the
+ # tools.
+ sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \
+ cmd/tools/Makefile
+ end
+
test
make check
end