community/chicken: build from source using chicken-bootstrap

Instead of relying on the pre-compiled C files shipped in the
release tarball. This fixes compilation with CVE-2022-45145.patch.

1 files changed, 14 insertions, 0 deletions

diff --git a/community/chicken/APKBUILD b/community/chicken/APKBUILD
index 9466b5d1283..9bd49aee847 100644
--- a/community/chicken/APKBUILD
+++ b/community/chicken/APKBUILD
@@ -9,6 +9,7 @@ url="https://call-cc.org/"
 arch="all"
 license="BSD-3-Clause"
 depends="gcc libc-dev $pkgname-dev $pkgname-libs"
+makedepends="chicken-bootstrap"
 subpackages="$pkgname-doc $pkgname-libs $pkgname-dev $pkgname-feathers::noarch"
 source="https://code.call-cc.org/releases/$pkgver/chicken-$pkgver.tar.gz
 	CVE-2022-45145.patch
@@ -25,6 +26,19 @@ source="https://code.call-cc.org/releases/$pkgver/chicken-$pkgver.tar.gz
 #     - CVE-2016-6830
 #     - CVE-2016-6831
 
+# We want to build CHICKEN from source, not from pre-compiled C sources
+# in order to be able to apply patches to the original Scheme sources.
+#
+# See comment in community/chicken-bootstrap for details.
+export CHICKEN="/usr/bin/chicken-bootstrap"
+
+prepare() {
+	default_prepare
+
+	# Remove all auto-generated C files included in the tarball.
+	make spotless
+}
+
 build() {
 	make PREFIX=/usr
 }