From 84245c843f30a7b535280e35f4d2d56e2a0ab789 Mon Sep 17 00:00:00 2001 From: alyaeanyx Date: Sun, 14 Nov 2021 17:06:21 +0100 Subject: [PATCH] bspatch: security and bug fixes --- pkgs/tools/compression/bsdiff/default.nix | 26 +++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/compression/bsdiff/default.nix b/pkgs/tools/compression/bsdiff/default.nix index 8f8818781ab4..541609bf13b3 100644 --- a/pkgs/tools/compression/bsdiff/default.nix +++ b/pkgs/tools/compression/bsdiff/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, bzip2 }: +{ lib, stdenv, fetchurl, fetchpatch, bzip2 }: stdenv.mkDerivation rec { pname = "bsdiff"; @@ -10,7 +10,29 @@ stdenv.mkDerivation rec { }; buildInputs = [ bzip2 ]; - patches = [ ./include-systypes.patch ]; + patches = [ + (fetchpatch { + url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/20-CVE-2014-9862.patch"; + sha256 = "sha256-3UuUfNvShQ8fLqxCKUTb/n4BmjL4+Nl7aEqCxYrrERQ="; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/30-bug-632585-mmap-src-file-instead-of-malloc-read-it.patch"; + sha256 = "sha256-esbhz2/efUiuQDuF7LGfSeEn3/f1WbqCxQpTs2A0ulI="; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/31-bug-632585-mmap-dst-file-instead-of-malloc-read-it.patch"; + sha256 = "sha256-Of4aOcI0rsgdRzPqyw2VRn2p9wQuo3hdlgDTBdXGzoc="; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/32-bug-632585-use-int32_t-instead-off_t-for-file-size.patch"; + sha256 = "sha256-SooFnFK4uKNXvXQb/LEcH8GocnRtkryExI4b3BZTsAY="; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/33-CVE-2020-14315.patch"; + sha256 = "sha256-eHu0ulZ4dneIju3GuffzvbpI0Hk2eDpovEUjmrHDk9U="; + }) + ./include-systypes.patch + ]; buildPhase = '' $CC -O3 -lbz2 bspatch.c -o bspatch