mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-25 07:00:43 +00:00
3cd8ce3bce
Naive concatenation of $LD_LIBRARY_PATH can result in an empty colon-delimited segment; this tells glibc to load libraries from the current directory, which is definitely wrong, and may be a security vulnerability if the current directory is untrusted. (See #67234, for example.) Fix this throughout the tree. Signed-off-by: Anders Kaseorg <andersk@mit.edu>
49 lines
1.3 KiB
Nix
49 lines
1.3 KiB
Nix
{ boost, cmake, fetchFromGitHub, gtest, libpcap, openssl, stdenv }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "libtins";
|
|
version = "4.2";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "mfontanini";
|
|
repo = pname;
|
|
rev = "v${version}";
|
|
sha256 = "0gv661gdf018zk1sr6fnvcmd5akqjihs4h6zzxv6881v6yhhglrz";
|
|
};
|
|
|
|
postPatch = ''
|
|
rm -rf googletest
|
|
cp -r ${gtest.src}/googletest googletest
|
|
chmod -R a+w googletest
|
|
'';
|
|
|
|
nativeBuildInputs = [ cmake gtest ];
|
|
buildInputs = [
|
|
openssl
|
|
libpcap
|
|
boost
|
|
];
|
|
|
|
configureFlags = [
|
|
"--with-boost-libdir=${boost.out}/lib"
|
|
"--with-boost=${boost.dev}"
|
|
];
|
|
|
|
enableParallelBuilding = true;
|
|
doCheck = true;
|
|
preCheck = ''
|
|
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD${placeholder "out"}/lib
|
|
export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH''${DYLD_LIBRARY_PATH:+:}$PWD${placeholder "out"}/lib
|
|
'';
|
|
checkTarget = "tests test";
|
|
|
|
meta = with stdenv.lib; {
|
|
description = "High-level, multiplatform C++ network packet sniffing and crafting library";
|
|
homepage = "https://libtins.github.io/";
|
|
changelog = "https://raw.githubusercontent.com/mfontanini/${pname}/v${version}/CHANGES.md";
|
|
license = stdenv.lib.licenses.bsd2;
|
|
maintainers = with maintainers; [ fdns ];
|
|
platforms = stdenv.lib.platforms.unix;
|
|
};
|
|
}
|