gmni: disable `fortify3` to fix `gcc-13` build

It's not masking a real overflow, but inhibits invalid `snprintf()`
buffer size bassed. Without the change build fails on `master` as:

    In function 'snprintf',
        inlined from 'xt_end_chain' at src/tofu.c:82:3,
        inlined from 'xt_end_chain' at src/tofu.c:70:1:
    ...-glibc-2.38-27-dev/include/bits/stdio2.h:54:10: error: '__builtin___snprintf_chk' specified bound 4 exceeds destination size 3 [-Werror=stringop-overflow]
       54 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       55 |                                    __glibc_objsize (__s), __fmt,
          |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       56 |                                    __va_arg_pack ());
          |                                    ~~~~~~~~~~~~~~~~~

As the project is not maintained anymore let's just disable the
`fortify3` that puts an extra check into `snprintf()` buffer.

1 files changed, 8 insertions, 0 deletions

diff --git a/pkgs/applications/networking/browsers/gmni/default.nix b/pkgs/applications/networking/browsers/gmni/default.nix
index 4bc4e360120fd..51dc9a3df53d2 100644
--- a/pkgs/applications/networking/browsers/gmni/default.nix
+++ b/pkgs/applications/networking/browsers/gmni/default.nix
@@ -14,6 +14,14 @@ stdenv.mkDerivation rec {
   nativeBuildInputs = [ scdoc ];
   buildInputs = [ bearssl ];
 
+  # Fix build on `gcc-13`:
+  #       inlined from 'xt_end_chain' at src/tofu.c:82:3,
+  #   ...-glibc-2.38-27-dev/include/bits/stdio2.h:54:10: error: '__builtin___snprintf_chk' specified bound 4 exceeds destination size 3 [-Werror=stringop-overflow]
+  #
+  # The overflow will not happen in practice, but `snprintf()` gets
+  # passed one more byte than available.
+  hardeningDisable = [ "fortify3" ];
+
   meta = with lib; {
     description = "A Gemini client";
     homepage = "https://git.sr.ht/~sircmpwn/gmni";