aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSören Tempel <soeren+git@soeren-tempel.net>2022-11-22 19:41:26 +0100
committerSören Tempel <soeren+git@soeren-tempel.net>2022-11-22 19:41:26 +0100
commitd0347d86b34d2c13e96b4468339b43a8a4296dce (patch)
tree2899049b8320ad1a5f2a2280785cc67873da9793
parentc859164a1b7dfd0ddac172dd28fdd0a4d23df3e1 (diff)
community/chicken: build from source using chicken-bootstrap
Instead of relying on the pre-compiled C files shipped in the release tarball. This fixes compilation with CVE-2022-45145.patch.
-rw-r--r--community/chicken/APKBUILD14
1 files changed, 14 insertions, 0 deletions
diff --git a/community/chicken/APKBUILD b/community/chicken/APKBUILD
index 9466b5d1283..9bd49aee847 100644
--- a/community/chicken/APKBUILD
+++ b/community/chicken/APKBUILD
@@ -9,6 +9,7 @@ url="https://call-cc.org/"
arch="all"
license="BSD-3-Clause"
depends="gcc libc-dev $pkgname-dev $pkgname-libs"
+makedepends="chicken-bootstrap"
subpackages="$pkgname-doc $pkgname-libs $pkgname-dev $pkgname-feathers::noarch"
source="https://code.call-cc.org/releases/$pkgver/chicken-$pkgver.tar.gz
CVE-2022-45145.patch
@@ -25,6 +26,19 @@ source="https://code.call-cc.org/releases/$pkgver/chicken-$pkgver.tar.gz
# - CVE-2016-6830
# - CVE-2016-6831
+# We want to build CHICKEN from source, not from pre-compiled C sources
+# in order to be able to apply patches to the original Scheme sources.
+#
+# See comment in community/chicken-bootstrap for details.
+export CHICKEN="/usr/bin/chicken-bootstrap"
+
+prepare() {
+ default_prepare
+
+ # Remove all auto-generated C files included in the tarball.
+ make spotless
+}
+
build() {
make PREFIX=/usr
}