e2fsprogs: patch for CVE-2022-1304

Did a basic smoke test of e2fsck.
2022-05-13 07:35:12 +00:00 · 2022-05-13 07:35:12 +00:00 · 4abc8088b7
commit 4abc8088b7
parent fe71877bbd
1 changed files with 10 additions and 5 deletions
--- a/pkgs/tools/filesystems/e2fsprogs/default.nix
+++ b/pkgs/tools/filesystems/e2fsprogs/default.nix
@ -23,15 +23,20 @@ stdenv.mkDerivation rec {
    ++ lib.optionals stdenv.isLinux [ fuse ];

  # Only use glibc's __GNUC_PREREQ(X,Y) (checks if compiler is gcc version >= X.Y) when using glibc
-  patches = if stdenv.hostPlatform.libc == "glibc" then null
-    else [
-      (fetchpatch {
+  patches = [
+    (fetchpatch {
+      name = "CVE-2022-1304.patch";
+      url = "https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/patch/?id=ab51d587bb9b229b1fade1afd02e1574c1ba5c76";
+      sha256 = "sha256-YEEow34/81NBOc6F6FS6i505FCQ7GHeIz0a0qWNs7Fg=";
+    })
+  ] ++ lib.optionals (stdenv.hostPlatform.libc == "glibc") [
+    (fetchpatch {
      url = "https://raw.githubusercontent.com/void-linux/void-packages/9583597eb3e6e6b33f61dbc615d511ce030bc443/srcpkgs/e2fsprogs/patches/fix-glibcism.patch";
      sha256 = "1gfcsr0i3q8q2f0lqza8na0iy4l4p3cbii51ds6zmj0y4hz2dwhb";
      excludes = [ "lib/ext2fs/hashmap.h" ];
      extraPrefix = "";
-      })
-    ];
+    })
+  ];

  postPatch = ''
    # Remove six failing tests