mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-09 22:45:08 +00:00
3cd8ce3bce
Naive concatenation of $LD_LIBRARY_PATH can result in an empty colon-delimited segment; this tells glibc to load libraries from the current directory, which is definitely wrong, and may be a security vulnerability if the current directory is untrusted. (See #67234, for example.) Fix this throughout the tree. Signed-off-by: Anders Kaseorg <andersk@mit.edu>
81 lines
2.3 KiB
Nix
81 lines
2.3 KiB
Nix
{ stdenv, fetchzip, boost, cmake, ncurses, python2
|
|
, z3Support ? true, z3 ? null, cvc4Support ? true, cvc4 ? null
|
|
, cln ? null, gmp ? null
|
|
}:
|
|
|
|
assert z3Support -> z3 != null && stdenv.lib.versionAtLeast z3.version "4.6.0";
|
|
assert cvc4Support -> cvc4 != null && cln != null && gmp != null;
|
|
|
|
let
|
|
jsoncppURL = https://github.com/open-source-parsers/jsoncpp/archive/1.9.2.tar.gz;
|
|
jsoncpp = fetchzip {
|
|
url = jsoncppURL;
|
|
sha256 = "037d1b1qdmn3rksmn1j71j26bv4hkjv7sn7da261k853xb5899sg";
|
|
};
|
|
in
|
|
stdenv.mkDerivation rec {
|
|
|
|
pname = "solc";
|
|
version = "0.5.15";
|
|
|
|
# upstream suggests avoid using archive generated by github
|
|
src = fetchzip {
|
|
url = "https://github.com/ethereum/solidity/releases/download/v${version}/solidity_${version}.tar.gz";
|
|
sha256 = "1nfvsaci5ja5ss603z04197wndwkvcq9nm5mdab1kpdr91djxh2y";
|
|
};
|
|
|
|
postPatch = ''
|
|
substituteInPlace cmake/jsoncpp.cmake \
|
|
--replace "${jsoncppURL}" ${jsoncpp}
|
|
'';
|
|
|
|
cmakeFlags = [
|
|
"-DBoost_USE_STATIC_LIBS=OFF"
|
|
] ++ stdenv.lib.optionals (!z3Support) [
|
|
"-DUSE_Z3=OFF"
|
|
] ++ stdenv.lib.optionals (!cvc4Support) [
|
|
"-DUSE_CVC4=OFF"
|
|
];
|
|
|
|
nativeBuildInputs = [ cmake ];
|
|
buildInputs = [ boost ]
|
|
++ stdenv.lib.optionals z3Support [ z3 ]
|
|
++ stdenv.lib.optionals cvc4Support [ cvc4 cln gmp ];
|
|
checkInputs = [ ncurses python2 ];
|
|
|
|
# Test fails on darwin for unclear reason
|
|
doCheck = stdenv.hostPlatform.isLinux;
|
|
|
|
checkPhase = ''
|
|
while IFS= read -r -d ''' dir
|
|
do
|
|
LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$(pwd)/$dir
|
|
export LD_LIBRARY_PATH
|
|
done < <(find . -type d -print0)
|
|
|
|
pushd ..
|
|
# IPC tests need aleth avaliable, so we disable it
|
|
sed -i "s/IPC_ENABLED=true/IPC_ENABLED=false\nIPC_FLAGS=\"--no-ipc\"/" ./scripts/tests.sh
|
|
for i in ./scripts/*.sh; do
|
|
patchShebangs "$i"
|
|
done
|
|
for i in ./scripts/*.py; do
|
|
patchShebangs "$i"
|
|
done
|
|
for i in ./test/*.sh; do
|
|
patchShebangs "$i"
|
|
done
|
|
TERM=xterm ./scripts/tests.sh
|
|
popd
|
|
'';
|
|
|
|
meta = with stdenv.lib; {
|
|
description = "Compiler for Ethereum smart contract language Solidity";
|
|
homepage = https://github.com/ethereum/solidity;
|
|
license = licenses.gpl3;
|
|
platforms = with platforms; linux ++ darwin;
|
|
maintainers = with maintainers; [ dbrock akru lionello sifmelcara ];
|
|
inherit version;
|
|
};
|
|
}
|