Mercurial > hgrepos > Python2 > PyMuPDF
diff setup.py @ 31:baeb8bdeff3a
Fortify sources using _FORTIFY_SOURCE=3 and also apply -fno-delete-null-pointer-checks.
See: https://github.com/ossf/wg-best-practices-os-developers/issues/659.
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Sun, 21 Sep 2025 13:11:30 +0200 |
| parents | f76e6575dca9 |
| children | 14b91574d44a |
line wrap: on
line diff
--- a/setup.py Fri Sep 19 19:59:44 2025 +0200 +++ b/setup.py Sun Sep 21 13:11:30 2025 +0200 @@ -967,6 +967,10 @@ log( f'Setting XCFLAGS and XCXXFLAGS to predefine TOFU_CJK_EXT.') env_add(env, 'XCFLAGS', '-DTOFU_CJK_EXT') env_add(env, 'XCXXFLAGS', '-DTOFU_CJK_EXT') + fortify = os.environ.get('FORTIFY', '0') + if fortify != '0': + env_add(env, 'XCFLAGS', f'-D_FORTIFY_SOURCE={fortify}') + env_add(env, 'XCXXFLAGS', f'-D_FORTIFY_SOURCE={fortify}') if openbsd or freebsd: env_add(env, 'CXX', 'c++', ' ') @@ -1192,6 +1196,9 @@ debug = 'debug' in mupdf_build_dir_flags r_extra = '' defines = list() + fortify = os.environ.get('FORTIFY', '0') + if fortify != '0': + defines.append(f'_FORTIFY_SOURCE={fortify}') if windows: defines.append('FZ_DLL_CLIENT') wp = pipcl.wdev.WindowsPython()