[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
10/13: gnu: Add fortify-headers.
From: |
Leo Famulari |
Subject: |
10/13: gnu: Add fortify-headers. |
Date: |
Fri, 13 Jan 2017 19:15:55 +0000 (UTC) |
lfam pushed a commit to branch master
in repository guix.
commit e3c101eb95753d780a6fa2232ad9331f6afc0030
Author: ng0 <address@hidden>
Date: Thu Jan 12 00:39:31 2017 +0000
gnu: Add fortify-headers.
* gnu/packages/suckless.scm (fortify-headers): New variable.
Signed-off-by: Leo Famulari <address@hidden>
---
gnu/packages/suckless.scm | 41 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 41 insertions(+)
diff --git a/gnu/packages/suckless.scm b/gnu/packages/suckless.scm
index 2f22f30..5ef640b 100644
--- a/gnu/packages/suckless.scm
+++ b/gnu/packages/suckless.scm
@@ -503,3 +503,44 @@ factorisation, but you can force its output.
You can adjust the number of decimals with the @code{SCALE}
environment variable.")
(license license:wtfpl2))))
+
+(define-public fortify-headers
+ (package
+ (name "fortify-headers")
+ (version "0.8")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "http://dl.2f30.org/releases/"
+ name "-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1cacdczpjb49c4i1168g541wnl3i3gbpv2m2wbnmw5wddlyhgkdg"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f ; No tests
+ #:make-flags (list "CC=gcc"
+ (string-append "PREFIX=" %output))
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'configure)))) ; No configure script
+ (home-page "http://git.2f30.org/fortify-headers/")
+ (synopsis "Standalone fortify-source implementation")
+ (description
+ "This is a standalone implementation of fortify source. It provides
+compile time buffer checks. It is libc-agnostic and simply overlays the
+system headers by using the @code{#include_next} extension found in GCC. It
was
+initially intended to be used on musl based Linux distributions.
+
address@hidden
address@hidden It is portable, works on *BSD, Linux, Solaris and possibly
others.
address@hidden It will only trap non-conformant programs. This means that
fortify
+ level 2 is treated in the same way as level 1.
address@hidden Avoids making function calls when undefined behaviour has
already been
+ invoked. This is handled by using __builtin_trap().
address@hidden Support for out-of-bounds read interfaces, such as send(),
write(),
+ fwrite() etc.
address@hidden No ABI is enforced. All of the fortify check functions are
inlined
+ into the resulting binary.
address@hidden itemize\n")
+ (license license:isc)))
- branch master updated (fa3346b -> 0318305), Leo Famulari, 2017/01/13
- 08/13: gnu: Add noice., Leo Famulari, 2017/01/13
- 03/13: gnu: Add spoon., Leo Famulari, 2017/01/13
- 09/13: gnu: Add human., Leo Famulari, 2017/01/13
- 10/13: gnu: Add fortify-headers.,
Leo Famulari <=
- 05/13: gnu: Add skroll., Leo Famulari, 2017/01/13
- 06/13: gnu: Add sbm., Leo Famulari, 2017/01/13
- 07/13: gnu: Add prout., Leo Famulari, 2017/01/13
- 04/13: licenses: Add wtfpl2., Leo Famulari, 2017/01/13
- 02/13: gnu: Add wificurse., Leo Famulari, 2017/01/13
- 01/13: gnu: Add xbattmon., Leo Famulari, 2017/01/13
- 13/13: gnu: Add lchat., Leo Famulari, 2017/01/13
- 11/13: gnu: Add colors., Leo Famulari, 2017/01/13
- 12/13: gnu: Add libutf., Leo Famulari, 2017/01/13