3cd8ce3bce
Naive concatenation of $LD_LIBRARY_PATH can result in an empty colon-delimited segment; this tells glibc to load libraries from the current directory, which is definitely wrong, and may be a security vulnerability if the current directory is untrusted. (See #67234, for example.) Fix this throughout the tree. Signed-off-by: Anders Kaseorg <andersk@mit.edu>
32 lines
893 B
Nix
32 lines
893 B
Nix
{ stdenv, fetchFromGitHub, cmake, check, subunit }:
|
|
stdenv.mkDerivation rec {
|
|
pname = "orcania";
|
|
version = "2.1.0";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "babelouest";
|
|
repo = pname;
|
|
rev = "v${version}";
|
|
sha256 = "1zp2rk267dfmfap6qsyn7maivrpid8s3rkicwk1q5v6j20cgh1f8";
|
|
};
|
|
|
|
nativeBuildInputs = [ cmake ];
|
|
|
|
checkInputs = [ check subunit ];
|
|
|
|
cmakeFlags = [ "-DBUILD_ORCANIA_TESTING=on" ];
|
|
|
|
doCheck = true;
|
|
|
|
preCheck = ''
|
|
export LD_LIBRARY_PATH="$(pwd)''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH"
|
|
export DYLD_FALLBACK_LIBRARY_PATH="$(pwd):$DYLD_FALLBACK_LIBRARY_PATH"
|
|
'';
|
|
|
|
meta = with stdenv.lib; {
|
|
description = "Potluck with different functions for different purposes that can be shared among C programs";
|
|
homepage = "https://github.com/babelouest/orcania";
|
|
license = licenses.lgpl21;
|
|
maintainers = with maintainers; [ johnazoidberg ];
|
|
};
|
|
}
|