Merge #66528: glibc: 2.27 -> 2.30 (into staging)

Includes update of stdenv bootstap tools (for three main platforms)
and many package fixes with new glibc.
This commit is contained in:
Vladimír Čunát 2020-02-05 13:41:09 +01:00
commit 48a997cd76
No known key found for this signature in database
GPG key ID: E747DF1F9575A3AA
65 changed files with 436 additions and 406 deletions

View file

@ -26,7 +26,7 @@ in stdenv.mkDerivation rec {
runHook postConfigure
'';
patchPhase = ''
postPatch = ''
sed -e "s#@./scripts#sh scripts#" -i Makefile
'';

View file

@ -1,4 +1,4 @@
{ stdenv, fetchurl, ncurses }:
{ stdenv, fetchurl, ncurses, fetchpatch }:
stdenv.mkDerivation rec {
pname = "gcal";
@ -9,6 +9,13 @@ stdenv.mkDerivation rec {
sha256 = "1av11zkfirbixn05hyq4xvilin0ncddfjqzc4zd9pviyp506rdci";
};
patches = [
(fetchpatch {
url = "https://src.fedoraproject.org/rpms/gcal/raw/master/f/gcal-glibc-no-libio.patch";
sha256 = "0l4nw9kgzsay32rsdwvs75pbp4fhx6pfm85paynfbd20cdm2n2kv";
})
];
enableParallelBuilding = true;
buildInputs = [ ncurses ];

View file

@ -13,6 +13,8 @@ stdenv.mkDerivation rec {
sha256 = "089r6i40lxcwzp60553b18f130asspnzqldlpii53smz52kvpirx";
};
patches = [ ./glibc-fix.patch ];
configureFlags = [
"--with-bash-path=${pkgs.bash}/bin/bash"
];

View file

@ -0,0 +1,12 @@
diff --git a/src/main.c b/src/main.c
index 27f5614..2b45708 100644
--- a/src/main.c
+++ b/src/main.c
@@ -23,6 +23,7 @@
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
+#include <sys/sysmacros.h>
#include <signal.h>

View file

@ -0,0 +1,21 @@
{ stdenv, fetchurl, pkg-config, gtk3 }:
stdenv.mkDerivation rec {
pname = "ssw";
version = "0.3";
src = fetchurl {
url = "https://alpha.gnu.org/gnu/ssw/spread-sheet-widget-${version}.tar.gz";
sha256 = "1h93yyh2by6yrmkwqg38nd5knids05k5nqzcihc1hdwgzg3c4b8y";
};
nativeBuildInputs = [ pkg-config ];
buildInputs = [ gtk3 ];
meta = with stdenv.lib; {
homepage = "https://www.gnu.org/software/ssw/";
license = licenses.gpl3;
description = "GNU Spread Sheet Widget";
platforms = platforms.linux;
};
}

View file

@ -1,7 +1,8 @@
{ lib
, python3Packages
, taskwarrior
, glibcLocales
, taskwarrior }:
}:
with python3Packages;
@ -21,6 +22,7 @@ buildPythonApplication rec {
tzlocal
urwid
];
checkInputs = [ glibcLocales ];
makeWrapperArgs = [ "--suffix" "PATH" ":" "${taskwarrior}/bin" ];

View file

@ -1,20 +1,23 @@
{ stdenv, fetchurl, libxml2, readline, zlib, perl, cairo, gtk3, gsl
, pkgconfig, gtksourceview, pango, gettext, dconf
, makeWrapper, gsettings-desktop-schemas, hicolor-icon-theme
, texinfo, ssw
}:
stdenv.mkDerivation rec {
name = "pspp-1.0.1";
pname = "pspp";
version = "1.2.0";
src = fetchurl {
url = "mirror://gnu/pspp/${name}.tar.gz";
sha256 = "1r8smr5057993h90nx0mdnff8nxw9x546zzh6qpy4h3xblp1la5s";
url = "mirror://gnu/pspp/${pname}-${version}.tar.gz";
sha256 = "07pp27zycrb5x927jwaj9r3q7hy915jh51xs85zxby6gfiwl63m5";
};
nativeBuildInputs = [ pkgconfig ];
nativeBuildInputs = [ pkgconfig texinfo ];
buildInputs = [ libxml2 readline zlib perl cairo gtk3 gsl
gtksourceview pango gettext
makeWrapper gsettings-desktop-schemas hicolor-icon-theme ];
makeWrapper gsettings-desktop-schemas hicolor-icon-theme ssw
];
doCheck = false;

View file

@ -185,7 +185,10 @@ callPackage (import ./generic.nix (rec {
# Avoid a glibc >= 2.25 deprecation warnings that get fatal via -Werror.
sed 1i'#include <sys/sysmacros.h>' \
-i tools/blktap2/control/tap-ctl-allocate.c \
-i tools/libxl/libxl_device.c
-i tools/libxl/libxl_device.c \
${optionalString withInternalQemu "-i tools/qemu-xen/hw/9pfs/9p.c"}
sed -i -e '/sys\/sysctl\.h/d' tools/blktap2/drivers/block-remus.c
'';
passthru.qemu-system-i386 = if withInternalQemu

View file

@ -5,4 +5,5 @@ callPackage ./generic.nix ({
version = "4.8.1.0";
sha256 = "1vyvp2g28ihcgxgxr8nhzyzdmzicsh5djzk8dk1hj5p5f2k3ijqq";
enableParallelBuilding = false; # #32386, https://hydra.nixos.org/build/65600645
extraPatches = [ ./mono4-glibc.patch ];
})

View file

@ -1,6 +1,7 @@
{ stdenv, fetchurl, bison, pkgconfig, glib, gettext, perl, libgdiplus, libX11, callPackage, ncurses, zlib, withLLVM ? false, cacert, Foundation, libobjc, python, version, sha256, autoconf, libtool, automake, cmake, which
, enableParallelBuilding ? true
, srcArchiveSuffix ? "tar.bz2"
, extraPatches ? []
}:
let
@ -22,8 +23,6 @@ stdenv.mkDerivation rec {
propagatedBuildInputs = [glib];
NIX_LDFLAGS = if stdenv.isDarwin then "" else "-lgcc_s" ;
# To overcome the bug https://bugzilla.novell.com/show_bug.cgi?id=644723
dontDisableStatic = true;
@ -44,7 +43,7 @@ stdenv.mkDerivation rec {
# We want pkg-config to take priority over the dlls in the Mono framework and the GAC
# because we control pkg-config
patches = [ ./pkgconfig-before-gac.patch ];
patches = [ ./pkgconfig-before-gac.patch ] ++ extraPatches;
# Patch all the necessary scripts. Also, if we're using LLVM, we fix the default
# LLVM path to point into the Mono LLVM build, since it's private anyway.

View file

@ -0,0 +1,12 @@
diff --git a/mono/io-layer/processes.c b/mono/io-layer/processes.c
index 53c271a4..84bd3252 100644
--- a/mono/io-layer/processes.c
+++ b/mono/io-layer/processes.c
@@ -19,6 +19,7 @@
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
+#include <sys/sysmacros.h>
#include <unistd.h>
#ifdef HAVE_SIGNAL_H
#include <signal.h>

View file

@ -17,6 +17,8 @@ stdenv.mkDerivation {
postPatch = ''
sed -i src/wsh/include/libwitch/wsh.h src/wsh/scripts/INDEX \
-e "s#/usr/share/wcc#$out/share/wcc#"
sed -i -e '/stropts.h>/d' src/wsh/include/libwitch/wsh.h
'';
installFlags = [ "DESTDIR=$(out)" ];

View file

@ -1,14 +1,14 @@
{ fetchFromGitHub, stdenv, makeWrapper, unzip, libxml2, m4, uthash, which }:
stdenv.mkDerivation rec {
pname = "z88dk";
version = "unstable-2019-05-09";
pname = "z88dk-unstable";
version = "2020-01-27";
src = fetchFromGitHub {
owner = "z88dk";
repo = "z88dk";
rev = "826d68632c3a7c17df88dd2ec54571a6041da69c";
sha256 = "104qgb01sdb97mkcxnq1cdlqi5qvjm4rd9bg5r42pdfz81ss49xj";
rev = "efdd07c2e2229cac7cfef97ec01f478004846e39";
sha256 = "0jcks5ygp256lmzmllffp4yb38cxjgdyqnnimkj4s65095cfasyb";
fetchSubmodules = true;
};

View file

@ -0,0 +1,23 @@
diff --git a/Modules/posixmodule.c b/Modules/posixmodule.c
index c3682b4..16826c6 100644
--- a/Modules/posixmodule.c
+++ b/Modules/posixmodule.c
@@ -5880,15 +5880,13 @@ error:
#if defined(HAVE_OPENPTY) || defined(HAVE_FORKPTY) || defined(HAVE_DEV_PTMX)
#ifdef HAVE_PTY_H
#include <pty.h>
-#else
+#endif
#ifdef HAVE_LIBUTIL_H
#include <libutil.h>
-#else
+#endif
#ifdef HAVE_UTIL_H
#include <util.h>
-#endif /* HAVE_UTIL_H */
-#endif /* HAVE_LIBUTIL_H */
-#endif /* HAVE_PTY_H */
+#endif
#ifdef HAVE_STROPTS_H
#include <stropts.h>
#endif

View file

@ -103,10 +103,7 @@ in with passthru; stdenv.mkDerivation {
./3.5/ld_library_path.patch
] ++ optionals (isPy37 || isPy38) [
# Fix darwin build https://bugs.python.org/issue34027
(fetchpatch {
url = https://bugs.python.org/file47666/darwin-libutil.patch;
sha256 = "0242gihnw3wfskl4fydp2xanpl8k5q7fj4dp7dbbqf46a4iwdzpa";
})
./3.7/darwin-libutil.patch
] ++ optionals (isPy3k && hasDistutilsCxxPatch) [
# Fix for http://bugs.python.org/issue1222585
# Upstream distutils is calling C compiler to compile C++ code, which

View file

@ -1,146 +0,0 @@
From 5460617d1567657621107d895ee2dd83bc1f88f2 Mon Sep 17 00:00:00 2001
From: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Tue, 8 May 2018 18:12:41 -0700
Subject: [PATCH] Fix BZ 22786: integer addition overflow may cause stack
buffer overflow when realpath() input length is close to SSIZE_MAX.
2018-05-09 Paul Pluzhnikov <ppluzhnikov@google.com>
[BZ #22786]
* stdlib/canonicalize.c (__realpath): Fix overflow in path length
computation.
* stdlib/Makefile (test-bz22786): New test.
* stdlib/test-bz22786.c: New test.
---
ChangeLog | 8 +++++
stdlib/Makefile | 2 +-
stdlib/canonicalize.c | 2 +-
stdlib/test-bz22786.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 100 insertions(+), 2 deletions(-)
create mode 100644 stdlib/test-bz22786.c
diff --git a/stdlib/Makefile b/stdlib/Makefile
index af1643c..1ddb1f9 100644
--- a/stdlib/Makefile
+++ b/stdlib/Makefile
@@ -84,7 +84,7 @@ tests := tst-strtol tst-strtod testmb testrand testsort testdiv \
tst-cxa_atexit tst-on_exit test-atexit-race \
test-at_quick_exit-race test-cxa_atexit-race \
test-on_exit-race test-dlclose-exit-race \
- tst-makecontext-align
+ tst-makecontext-align test-bz22786
tests-internal := tst-strtod1i tst-strtod3 tst-strtod4 tst-strtod5i \
tst-tls-atexit tst-tls-atexit-nodelete
diff --git a/stdlib/canonicalize.c b/stdlib/canonicalize.c
index 4135f3f..390fb43 100644
--- a/stdlib/canonicalize.c
+++ b/stdlib/canonicalize.c
@@ -181,7 +181,7 @@ __realpath (const char *name, char *resolved)
extra_buf = __alloca (path_max);
len = strlen (end);
- if ((long int) (n + len) >= path_max)
+ if (path_max - n <= len)
{
__set_errno (ENAMETOOLONG);
goto error;
diff --git a/stdlib/test-bz22786.c b/stdlib/test-bz22786.c
new file mode 100644
index 0000000..e7837f9
--- /dev/null
+++ b/stdlib/test-bz22786.c
@@ -0,0 +1,90 @@
+/* Bug 22786: test for buffer overflow in realpath.
+ Copyright (C) 2018 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+/* This file must be run from within a directory called "stdlib". */
+
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <support/test-driver.h>
+#include <libc-diag.h>
+
+static int
+do_test (void)
+{
+ const char dir[] = "bz22786";
+ const char lnk[] = "bz22786/symlink";
+
+ rmdir (dir);
+ if (mkdir (dir, 0755) != 0 && errno != EEXIST)
+ {
+ printf ("mkdir %s: %m\n", dir);
+ return EXIT_FAILURE;
+ }
+ if (symlink (".", lnk) != 0 && errno != EEXIST)
+ {
+ printf ("symlink (%s, %s): %m\n", dir, lnk);
+ return EXIT_FAILURE;
+ }
+
+ const size_t path_len = (size_t) INT_MAX + 1;
+
+ DIAG_PUSH_NEEDS_COMMENT;
+#if __GNUC_PREREQ (7, 0)
+ /* GCC 7 warns about too-large allocations; here we need such
+ allocation to succeed for the test to work. */
+ DIAG_IGNORE_NEEDS_COMMENT (7, "-Walloc-size-larger-than=");
+#endif
+ char *path = malloc (path_len);
+ DIAG_POP_NEEDS_COMMENT;
+
+ if (path == NULL)
+ {
+ printf ("malloc (%zu): %m\n", path_len);
+ return EXIT_UNSUPPORTED;
+ }
+
+ /* Construct very long path = "bz22786/symlink/aaaa....." */
+ char *p = mempcpy (path, lnk, sizeof (lnk) - 1);
+ *(p++) = '/';
+ memset (p, 'a', path_len - (path - p) - 2);
+ p[path_len - (path - p) - 1] = '\0';
+
+ /* This call crashes before the fix for bz22786 on 32-bit platforms. */
+ p = realpath (path, NULL);
+
+ if (p != NULL || errno != ENAMETOOLONG)
+ {
+ printf ("realpath: %s (%m)", p);
+ return EXIT_FAILURE;
+ }
+
+ /* Cleanup. */
+ unlink (lnk);
+ rmdir (dir);
+
+ return 0;
+}
+
+#define TEST_FUNCTION do_test
+#include <support/test-driver.c>
--
2.9.3

View file

@ -1,55 +0,0 @@
From f51c8367685dc888a02f7304c729ed5277904aff Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Thu, 24 May 2018 14:39:18 +0200
Subject: [PATCH] Don't write beyond destination in
__mempcpy_avx512_no_vzeroupper (bug 23196)
When compiled as mempcpy, the return value is the end of the destination
buffer, thus it cannot be used to refer to the start of it.
(cherry picked from commit 9aaaab7c6e4176e61c59b0a63c6ba906d875dc0e)
---
ChangeLog | 9 +++++++++
NEWS | 7 +++++++
string/test-mempcpy.c | 1 +
sysdeps/x86_64/multiarch/memmove-avx512-no-vzeroupper.S | 5 +++--
4 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/string/test-mempcpy.c b/string/test-mempcpy.c
index c08fba8..d98ecdd 100644
--- a/string/test-mempcpy.c
+++ b/string/test-mempcpy.c
@@ -18,6 +18,7 @@
<http://www.gnu.org/licenses/>. */
#define MEMCPY_RESULT(dst, len) (dst) + (len)
+#define MIN_PAGE_SIZE 131072
#define TEST_MAIN
#define TEST_NAME "mempcpy"
#include "test-string.h"
diff --git a/sysdeps/x86_64/multiarch/memmove-avx512-no-vzeroupper.S b/sysdeps/x86_64/multiarch/memmove-avx512-no-vzeroupper.S
index 23c0f7a..effc3ac 100644
--- a/sysdeps/x86_64/multiarch/memmove-avx512-no-vzeroupper.S
+++ b/sysdeps/x86_64/multiarch/memmove-avx512-no-vzeroupper.S
@@ -336,6 +336,7 @@ L(preloop_large):
vmovups (%rsi), %zmm4
vmovups 0x40(%rsi), %zmm5
+ mov %rdi, %r11
/* Align destination for access with non-temporal stores in the loop. */
mov %rdi, %r8
and $-0x80, %rdi
@@ -366,8 +367,8 @@ L(gobble_256bytes_nt_loop):
cmp $256, %rdx
ja L(gobble_256bytes_nt_loop)
sfence
- vmovups %zmm4, (%rax)
- vmovups %zmm5, 0x40(%rax)
+ vmovups %zmm4, (%r11)
+ vmovups %zmm5, 0x40(%r11)
jmp L(check)
L(preloop_large_bkw):
--
2.9.3

View file

@ -19,10 +19,12 @@
{ stdenv, lib
, buildPackages
, fetchurl, fetchpatch
, fetchurl
, linuxHeaders ? null
, gd ? null, libpng ? null
, libidn2
, bison
, python3
}:
{ name
@ -34,9 +36,9 @@
} @ args:
let
version = "2.27";
version = "2.30";
patchSuffix = "";
sha256 = "0wpwq7gsm7sd6ysidv0z575ckqdg13cr2njyfgrbgh4f65adwwji";
sha256 = "1bxqpg91d02qnaz837a5kamm0f43pr1il4r9pknygywsar713i72";
in
assert withLinuxHeaders -> linuxHeaders != null;
@ -92,35 +94,13 @@ stdenv.mkDerivation ({
url = "https://salsa.debian.org/glibc-team/glibc/raw/49767c9f7de4828220b691b29de0baf60d8a54ec/debian/patches/localedata/locale-C.diff";
sha256 = "0irj60hs2i91ilwg5w7sqrxb695c93xg0ik7yhhq9irprd7fidn4";
})
# https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5460617d1567657621107d895ee2dd83bc1f88f2
./CVE-2018-11236.patch
# https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f51c8367685dc888a02f7304c729ed5277904aff
./CVE-2018-11237.patch
# Remove after upgrading to glibc 2.28+
# Change backported from upstream
# https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9c79cec8cd2a6996a73aa83d79b360ffd4bebde6
./fix-out-of-bounds-access-in-findidxwc.patch
# Remove after upgrading to glibc 2.28+
# https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=21526a507df8f1b2e37492193a754534d8938c0b
./fix-out-of-bounds-access-in-ibm-1390-converter.patch
]
++ lib.optionals stdenv.isx86_64 [
./fix-x64-abi.patch
./2.27-CVE-2019-19126.patch
]
++ lib.optional stdenv.hostPlatform.isMusl ./fix-rpc-types-musl-conflicts.patch
++ lib.optional stdenv.buildPlatform.isDarwin ./darwin-cross-build.patch
# Remove after upgrading to glibc 2.28+
++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform || stdenv.hostPlatform.isMusl) (fetchpatch {
url = "https://sourceware.org/git/?p=glibc.git;a=patch;h=780684eb04298977bc411ebca1eadeeba4877833";
name = "correct-pwent-parsing-issue-and-resulting-build.patch";
sha256 = "08fja894vzaj8phwfhsfik6jj2pbji7kypy3q8pgxvsd508zdv1q";
excludes = [ "ChangeLog" ];
});
++ lib.optional stdenv.buildPlatform.isDarwin ./darwin-cross-build.patch;
postPatch =
''
@ -131,6 +111,15 @@ stdenv.mkDerivation ({
# nscd needs libgcc, and we don't want it dynamically linked
# because we don't want it to depend on bootstrap-tools libs.
echo "LDFLAGS-nscd += -static-libgcc" >> nscd/Makefile
# Ensure that libidn2 is found.
patch -p 1 <<EOF
--- a/inet/idna.c
+++ b/inet/idna.c
@@ -25,1 +25,1 @@
-#define LIBIDN2_SONAME "libidn2.so.0"
+#define LIBIDN2_SONAME "${lib.getLib libidn2}/lib/libidn2.so.0"
EOF
'';
configureFlags =
@ -162,7 +151,7 @@ stdenv.mkDerivation ({
outputs = [ "out" "bin" "dev" "static" ];
depsBuildBuild = [ buildPackages.stdenv.cc ];
nativeBuildInputs = [ bison ];
nativeBuildInputs = [ bison python3 ];
buildInputs = [ linuxHeaders ] ++ lib.optionals withGd [ gd libpng ];
# Needed to install share/zoneinfo/zone.tab. Set to impure /bin/sh to

View file

@ -1,26 +0,0 @@
diff -ur glibc-2.27/locale/weightwc.h glibc-2.27-patched/locale/weightwc.h
--- glibc-2.27/locale/weightwc.h 2018-02-02 01:17:18.000000000 +0900
+++ glibc-2.27-patched/locale/weightwc.h 2020-01-12 04:54:16.044440602 +0900
@@ -94,19 +94,19 @@
if (cp[cnt] != usrc[cnt])
break;
- if (cnt < nhere - 1)
+ if (cnt < nhere - 1 || cnt == len)
{
cp += 2 * nhere;
continue;
}
- if (cp[nhere - 1] > usrc[nhere -1])
+ if (cp[nhere - 1] > usrc[nhere - 1])
{
cp += 2 * nhere;
continue;
}
- if (cp[2 * nhere - 1] < usrc[nhere -1])
+ if (cp[2 * nhere - 1] < usrc[nhere - 1])
{
cp += 2 * nhere;
continue;

View file

@ -1,35 +0,0 @@
From 21526a507df8f1b2e37492193a754534d8938c0b Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Tue, 24 Jul 2018 14:08:34 +0200
Subject: [PATCH] Fix out-of-bounds access in IBM-1390 converter (bug 23448)
The IBM-1390 converter can consume/produce two UCS4 characters in each
loop.
---
ChangeLog | 6 ++++++
iconvdata/ibm1364.c | 2 ++
2 files changed, 8 insertions(+)
diff --git a/iconvdata/ibm1364.c b/iconvdata/ibm1364.c
index b833273..517fe60 100644
--- a/iconvdata/ibm1364.c
+++ b/iconvdata/ibm1364.c
@@ -150,6 +150,7 @@ enum
#define MIN_NEEDED_INPUT MIN_NEEDED_FROM
#define MAX_NEEDED_INPUT MAX_NEEDED_FROM
#define MIN_NEEDED_OUTPUT MIN_NEEDED_TO
+#define MAX_NEEDED_OUTPUT MAX_NEEDED_TO
#define LOOPFCT FROM_LOOP
#define BODY \
{ \
@@ -296,6 +297,7 @@ enum
/* Next, define the other direction. */
#define MIN_NEEDED_INPUT MIN_NEEDED_TO
+#define MAX_NEEDED_INPUT MAX_NEEDED_TO
#define MIN_NEEDED_OUTPUT MIN_NEEDED_FROM
#define MAX_NEEDED_OUTPUT MAX_NEEDED_FROM
#define LOOPFCT TO_LOOP
--
2.9.3

View file

@ -1,9 +1,9 @@
{ stdenv, fetchurl, fetchpatch
, autoreconfHook
# libffi is used in darwin stdenv
# libffi is used in darwin and linux with glibc stdenv
# we cannot run checks within it
, doCheck ? !stdenv.isDarwin, dejagnu
, doCheck ? stdenv.hostPlatform.isMusl, dejagnu
}:
stdenv.mkDerivation rec {

View file

@ -31,7 +31,7 @@ stdenv.mkDerivation rec {
sh Build -f ./a.m4
'';
patches = [ ./install.patch ./sharedlib.patch ];
patches = [ ./install.patch ./sharedlib.patch ./glibc-2.30.patch ];
nativeBuildInputs = [ m4 ];

View file

@ -0,0 +1,44 @@
diff --git a/libmilter/sm_gethost.c b/libmilter/sm_gethost.c
index 2423c34..f00468c 100644
--- a/libmilter/sm_gethost.c
+++ b/libmilter/sm_gethost.c
@@ -52,16 +52,8 @@ sm_getipnodebyname(name, family, flags, err)
bool resv6 = true;
struct hostent *h;
- if (family == AF_INET6)
- {
- /* From RFC2133, section 6.1 */
- resv6 = bitset(RES_USE_INET6, _res.options);
- _res.options |= RES_USE_INET6;
- }
SM_SET_H_ERRNO(0);
- h = gethostbyname(name);
- if (family == AF_INET6 && !resv6)
- _res.options &= ~RES_USE_INET6;
+ h = gethostbyname2(name, family);
/* the function is supposed to return only the requested family */
if (h != NULL && h->h_addrtype != family)
diff --git a/sendmail/conf.c b/sendmail/conf.c
index c73334e..500dafb 100644
--- a/sendmail/conf.c
+++ b/sendmail/conf.c
@@ -4243,16 +4243,8 @@ sm_getipnodebyname(name, family, flags, err)
# else /* HAS_GETHOSTBYNAME2 */
bool resv6 = true;
- if (family == AF_INET6)
- {
- /* From RFC2133, section 6.1 */
- resv6 = bitset(RES_USE_INET6, _res.options);
- _res.options |= RES_USE_INET6;
- }
SM_SET_H_ERRNO(0);
- h = gethostbyname(name);
- if (!resv6)
- _res.options &= ~RES_USE_INET6;
+ h = gethostbyname2(name, family);
/* the function is supposed to return only the requested family */
if (h != NULL && h->h_addrtype != family)

View file

@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
"--with-libiconv-prefix=${libiconv}"
];
doCheck = true;
doCheck = false;
/* This seems to cause several random failures like these, which I assume
is because of bad or missing target dependencies in their build system:

View file

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, cmake, python, zlib }:
{ stdenv, fetchFromGitHub, cmake, python, zlib, fetchpatch }:
stdenv.mkDerivation rec {
pname = "seasocks";
@ -11,6 +11,13 @@ stdenv.mkDerivation rec {
sha256 = "1c2gc0k9wgbgn7y7wmq2ylp0gvdbmagc1x8c4jwbsncl1gy6x4g2";
};
patches = [
(fetchpatch {
url = "https://github.com/mattgodbolt/seasocks/commit/5753b50ce3b2232d166843450043f88a4a362422.patch";
sha256 = "1c20xjma8jdgcr5m321srpmys6b4jvqkazfqr668km3r2ck5xncl";
})
];
nativeBuildInputs = [ cmake ];
buildInputs = [ zlib python ];

View file

@ -16,6 +16,10 @@ stdenv.mkDerivation rec {
sha256 = "0val36yw987b1558iiyk3nqg0yy5k9y5wh49v91zj3cs58mmfyhc";
};
postPatch = ''
sed -i -e '/pid_t gettid/,+2d' libcoz/ccutil/thread.h
'';
postConfigure = ''
# This is currently hard-coded. Will be fixed in the next release.
sed -e "s|/usr/lib/|$out/lib/|" -i ./coz

View file

@ -1,4 +1,4 @@
{ stdenv, lib, fetchFromGitHub, which, openssl, readline }:
{ stdenv, lib, fetchFromGitHub, which, openssl, readline, fetchpatch }:
stdenv.mkDerivation rec {
pname = "eresi";
@ -11,6 +11,13 @@ stdenv.mkDerivation rec {
sha256 = "0a5a7mh2zw9lcdrl8n1mqccrc0xcgj7743l7l4kslkh722fxv625";
};
patches = [
(fetchpatch {
url = "https://github.com/thorkill/eresi/commit/a79406344cc21d594d27fa5ec5922abe9f7475e7.patch";
sha256 = "1mjjc6hj7r06iarvai7prcdvjk9g0k5vwrmkwcm7b8ivd5xzxp2z";
})
];
postPatch = ''
# Two occurences of fprintf() with only two arguments, which should really
# be fputs().

View file

@ -1,14 +1,14 @@
{ stdenv, fetchFromGitHub, cmake, libpfm, zlib, pkgconfig, python2Packages, which, procps, gdb, capnproto }:
{ stdenv, fetchFromGitHub, cmake, libpfm, zlib, pkgconfig, python3Packages, which, procps, gdb, capnproto }:
stdenv.mkDerivation rec {
version = "5.2.0";
version = "5.3.0";
pname = "rr";
src = fetchFromGitHub {
owner = "mozilla";
repo = "rr";
rev = version;
sha256 = "19jsnm8n2smalx2z60x9d8f6g4kdm7zghwyjfvwcxnslk1vn9dkc";
sha256 = "1x6l1xsdksnhz9v50p4r7hhmr077cq20kaywqy1jzdklvkjqzf64";
};
postPatch = ''
@ -23,7 +23,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkgconfig ];
buildInputs = [
cmake libpfm zlib python2Packages.python python2Packages.pexpect which procps gdb capnproto
cmake libpfm zlib python3Packages.python python3Packages.pexpect which procps gdb capnproto
];
propagatedBuildInputs = [ gdb ]; # needs GDB to replay programs at runtime
cmakeFlags = [

View file

@ -2,12 +2,12 @@
stdenv.mkDerivation {
pname = "gnulib";
version = "20190326";
version = "20190811";
src = fetchgit {
url = https://git.savannah.gnu.org/r/gnulib.git;
rev = "a18f7ce3c0aa760c33d46bbeb8e5b3a14cf24984";
sha256 = "04py5n3j17wyqv9wfsslcrxzapni9vmw6p5g0adzy2md3ygjw4x4";
rev = "6430babe47ece6953cf18ef07c1d8642c8588e89";
sha256 = "14kgykbjly03dlb25sllcfcrpk7zkypa449gr3zbqv4rhpmnzizg";
};
dontFixup = true;

View file

@ -13,7 +13,14 @@ stdenv.mkDerivation {
configureFlags = [ "--with-syscmd-shell=${stdenv.shell}" ];
# Upstream is aware of it; it may be in the next release.
patches = [ ./s_isdir.patch ]
patches =
[
./s_isdir.patch
(fetchurl {
url = "https://sources.debian.org/data/main/m/m4/1.4.18-2/debian/patches/01-fix-ftbfs-with-glibc-2.28.patch";
sha256 = "12lmdnbml9lfvy0khpjc42riicddaz7li8wmbnsam7zsw6al11qk";
})
]
++ stdenv.lib.optional stdenv.isDarwin ./darwin-secure-format.patch;
meta = {

View file

@ -1,20 +1,21 @@
{ stdenv, fetchurl, pkgconfig, libdrm, libpciaccess, cairo, xorgproto, udev
, libX11, libXext, libXv, libXrandr, glib, bison, libunwind, python3, kmod
, procps, utilmacros, gtk-doc, openssl, peg }:
, procps, utilmacros, gtk-doc, openssl, peg, elfutils
}:
stdenv.mkDerivation rec {
pname = "intel-gpu-tools";
version = "1.23";
version = "1.24";
src = fetchurl {
url = "https://xorg.freedesktop.org/archive/individual/app/igt-gpu-tools-${version}.tar.xz";
sha256 = "1l4s95m013p2wvddwr4cjqyvsgmc88zxx2887p1fbb1va5n0hjsd";
sha256 = "1gr1m18w73hmh6n9w2f6gky21qc0pls14bgxkhy95z7azrr7qdap";
};
nativeBuildInputs = [ pkgconfig utilmacros ];
buildInputs = [ libdrm libpciaccess cairo xorgproto udev libX11 kmod
libXext libXv libXrandr glib bison libunwind python3 procps
gtk-doc openssl peg ];
gtk-doc openssl peg elfutils ];
NIX_CFLAGS_COMPILE = [ "-Wno-error=array-bounds" ];

View file

@ -8,7 +8,7 @@ stdenv.mkDerivation rec {
sha256 = "1w4889h1ak7gy9w33kd4fgjlfpgmp6hzfya16p1pkc13bjf22mm0";
};
patches = [ ./pass-force.patch ];
patches = [ ./pass-force.patch ./fix-glibc-compilation.patch ];
nativeBuildInputs = [ flex ];
buildInputs = [ perl ];

View file

@ -0,0 +1,24 @@
diff --git a/user/drbdadm_adjust.c b/user/drbdadm_adjust.c
index cb23270..3a751ca 100644
--- a/user/drbdadm_adjust.c
+++ b/user/drbdadm_adjust.c
@@ -29,6 +29,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
+#include <sys/sysmacros.h>
#include <unistd.h>
#include <fcntl.h>
diff --git a/user/legacy/drbdadm_adjust.c b/user/legacy/drbdadm_adjust.c
index c79163c..6990ffb 100644
--- a/user/legacy/drbdadm_adjust.c
+++ b/user/legacy/drbdadm_adjust.c
@@ -27,6 +27,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
+#include <sys/sysmacros.h>
#include <unistd.h>
#include <fcntl.h>

View file

@ -24,6 +24,11 @@ stdenv.mkDerivation rec {
sha256 = "09rcmlf04aka0yzr25imadi0fl4nlbsxcahs7fhvzx4nql4halqw";
};
postPatch = ''
substituteInPlace main.cpp \
--replace "<stropts.h>" "<sys/ioctl.h>"
'';
hardeningDisable = [ "format" ];
buildInputs = [

View file

@ -15,6 +15,8 @@ stdenv.mkDerivation rec {
substituteInPlace po/Makefile \
--replace /usr/bin/install install --replace /usr/share /share
substituteInPlace newrole/Makefile --replace /usr/share /share
sed -i -e '39i#include <crypt.h>' run_init/run_init.c
'';
nativeBuildInputs = [ gettext ];

View file

@ -1,48 +0,0 @@
diff --git a/src/gstreamer-1.0/gsttcamsrc.cpp b/src/gstreamer-1.0/gsttcamsrc.cpp
index d482e1e..e36afd8 100644
--- a/src/gstreamer-1.0/gsttcamsrc.cpp
+++ b/src/gstreamer-1.0/gsttcamsrc.cpp
@@ -1112,6 +1112,7 @@ bool gst_tcam_src_init_camera (GstTcamSrc* self)
static void gst_tcam_src_close_camera (GstTcamSrc* self)
{
+ GST_INFO("Closing device");
if (self->device != NULL)
{
self->device->dev->stop_stream();
@@ -1156,7 +1157,7 @@ static gboolean gst_tcam_src_stop (GstBaseSrc* src)
self->device->dev->stop_stream();
gst_element_send_event(GST_ELEMENT(self), gst_event_new_eos());
- GST_DEBUG_OBJECT (self, "Stopped acquisition");
+ GST_DEBUG("Stopped acquisition");
return TRUE;
}
@@ -1556,6 +1557,18 @@ static void gst_tcam_src_get_property (GObject* object,
}
+static gboolean gst_tcam_src_unlock (GstBaseSrc* src)
+{
+ GstTcamSrc* self = GST_TCAM_SRC(src);
+
+ self->is_running = FALSE;
+
+ self->cv.notify_all();
+
+ return TRUE;
+}
+
+
static void gst_tcam_src_class_init (GstTcamSrcClass* klass)
{
GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
@@ -1616,6 +1629,7 @@ static void gst_tcam_src_class_init (GstTcamSrcClass* klass)
gstbasesrc_class->fixate = gst_tcam_src_fixate_caps;
gstbasesrc_class->start = gst_tcam_src_start;
gstbasesrc_class->stop = gst_tcam_src_stop;
+ gstbasesrc_class->unlock = gst_tcam_src_unlock;
gstbasesrc_class->negotiate = gst_tcam_src_negotiate;
gstbasesrc_class->get_times = gst_tcam_src_get_times;

View file

@ -11,17 +11,23 @@
, gobject-introspection
, gst_all_1
, libwebcam
, libunwind
, gstreamer
, elfutils
, orc
, python3
, libuuid
}:
stdenv.mkDerivation rec {
pname = "tiscamera";
version = "0.9.1";
version = "0.11.1";
src = fetchFromGitHub {
owner = "TheImagingSource";
repo = pname;
rev = "v-${pname}-${version}";
sha256 = "143yp6bpzj3rqfnrcnlrcwggay37fg6rkphh4w9y9v7v4wllzf87";
sha256 = "07vp6khgl6qd3a4519dmx1s5bfw7pld793p50pjn29fqh91fm93g";
};
nativeBuildInputs = [
@ -39,6 +45,12 @@ stdenv.mkDerivation rec {
gst_all_1.gstreamer
gst_all_1.gst-plugins-base
libwebcam
libunwind
gstreamer
elfutils
orc
python3
libuuid
];
@ -50,13 +62,8 @@ stdenv.mkDerivation rec {
"-DBUILD_LIBUSB=ON"
];
patches = [
./allow-pipeline-stop-in-trigger-mode.patch # To be removed next release.
];
postPatch = ''
substituteInPlace ./data/udev/80-theimagingsource-cameras.rules \
substituteInPlace ./data/udev/80-theimagingsource-cameras.rules.in \
--replace "/usr/bin/uvcdynctrl" "${libwebcam}/bin/uvcdynctrl" \
--replace "/path/to/tiscamera/uvc-extensions" "$out/share/uvcdynctrl/data/199e"
@ -94,4 +101,4 @@ stdenv.mkDerivation rec {
platforms = platforms.linux;
maintainers = with maintainers; [ jraygauthier ];
};
}
}

View file

@ -13,6 +13,7 @@ stdenv.mkDerivation rec {
postPatch = ''
substituteInPlace diod/xattr.c --replace attr/xattr.h sys/xattr.h
sed -i -e '/sys\/types\.h>/a #include <sys/sysmacros.h>' diod/ops.c
'';
buildInputs = [ munge lua libcap perl ncurses ];

View file

@ -24,6 +24,11 @@ let
sha256 = "11y434w68cpk7shs2r22hyrpcrqi8vx02cw7v5x79qxvnmdxv2an";
};
glibc230-fix = fetchpatch {
url = "https://github.com/Ma27/foundationdb/commit/e133cb974b9a9e4e1dc2d4ac15881d31225c0197.patch";
sha256 = "1v9q2fyc73msigcykjnbmfig45zcrkrzcg87b0r6mxpnby8iryl1";
};
in with builtins; {
# Older versions use the bespoke 'vsmake' build system
@ -78,6 +83,7 @@ in with builtins; {
patches = [
./patches/clang-libcxx.patch
./patches/suppress-clang-warnings.patch
glibc230-fix
];
};

View file

@ -42,6 +42,10 @@ stdenv.mkDerivation rec {
./0002-scons-envs-patch.patch
];
postPatch = ''
sed -i -e '17i#include <sys/sysmacros.h>' serial.c
'';
# - leapfetch=no disables going online at build time to fetch leap-seconds
# info. See <gpsd-src>/build.txt for more info.
preBuild = ''

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "lwan";
version = "0.2";
version = "0.3";
src = fetchFromGitHub {
owner = "lpereira";
repo = pname;
rev = "v${version}";
sha256 = "1z1g6bmdsf7zj809sq6jqkpzkdnx1jch84kk67h0v2x6lxhdpv5r";
sha256 = "1znkcsbxw3r10prqvf2x27w1wmm9kd485pj59c364wlvqdhidwqr";
};
nativeBuildInputs = [ cmake pkgconfig ];

View file

@ -0,0 +1,34 @@
From a6a61d0dc018101a9a8d0a664f31140d7e38db0e Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Fri, 17 Jan 2020 01:42:40 +0100
Subject: [PATCH] Fix build with glibc 2.30
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1842923
---
src/dns/dns_str_resflags.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/dns/dns_str_resflags.c b/src/dns/dns_str_resflags.c
index 5f2cce5..df32345 100644
--- a/src/dns/dns_str_resflags.c
+++ b/src/dns/dns_str_resflags.c
@@ -60,10 +60,16 @@ static const LONG_NAME_MASK resflag_table[] = {
"RES_DEFNAMES", RES_DEFNAMES,
"RES_STAYOPEN", RES_STAYOPEN,
"RES_DNSRCH", RES_DNSRCH,
+#ifdef RES_INSECURE1
"RES_INSECURE1", RES_INSECURE1,
+#endif
+#ifdef RES_INSECURE2
"RES_INSECURE2", RES_INSECURE2,
+#endif
"RES_NOALIASES", RES_NOALIASES,
+#ifdef RES_USE_INET6
"RES_USE_INET6", RES_USE_INET6,
+#endif
#ifdef RES_ROTATE
"RES_ROTATE", RES_ROTATE,
#endif
--
2.23.1

View file

@ -48,6 +48,7 @@ in stdenv.mkDerivation rec {
./postfix-3.0-no-warnings.patch
./post-install-script.patch
./relative-symlinks.patch
./0001-Fix-build-with-glibc-2.30.patch
];
postPatch = stdenv.lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) ''

View file

@ -35,6 +35,7 @@ stdenv.mkDerivation rec {
Config
sed -i -e s,/usr/bin/perl,${perl}/bin/perl, \
templates/src/*.pl
sed -i -e '/<stropts.h>/d' lib/os_linux.h
'' + /* html-tidy updates */ ''
substituteInPlace ./session/html_secure_tidy.c \
--replace buffio.h tidybuffio.h

View file

@ -5,7 +5,7 @@
executable = true;
};
bootstrapTools = import <nix/fetchurl.nix> {
url = http://nixos-arm.dezgeg.me/bootstrap-aarch64-2017-03-11-bb3ef8/bootstrap-tools.tar.xz;
sha256 = "1075d5n4yclbhgisi6ba50601mw3fhivlkjs462qlnq8hh0xc7nq";
url = http://tarballs.nixos.org/stdenv-linux/aarch64/c5aabb0d603e2c1ea05f5a93b3be82437f5ebf31/bootstrap-tools.tar.xz;
sha256 = "d3f1bf2a1495b97f45359d5623bdb1f8eb75db43d3bf2059fc127b210f059358";
};
}

View file

@ -6,7 +6,7 @@
};
bootstrapTools = import <nix/fetchurl.nix> {
url = http://tarballs.nixos.org/stdenv-linux/i686/4907fc9e8d0d82b28b3c56e3a478a2882f1d700f/bootstrap-tools.tar.xz;
sha256 = "cf920d26d94335f5cb46e247455d0e5389765d16a2b8fc233b792a655b5b58aa";
url = http://tarballs.nixos.org/stdenv-linux/i686/c5aabb0d603e2c1ea05f5a93b3be82437f5ebf31/bootstrap-tools.tar.xz;
sha256 = "b9bf20315f8c5c0411679c5326084420b522046057a0850367c67d9514794f1c";
};
}

View file

@ -3,7 +3,7 @@
{
bootstrapTools = import <nix/fetchurl.nix> {
url = http://tarballs.nixos.org/stdenv-linux/x86_64/4907fc9e8d0d82b28b3c56e3a478a2882f1d700f/bootstrap-tools.tar.xz;
sha256 = "abe3f0727dd771a60b7922892d308da1bc7b082afc13440880862f0c8823c09f";
url = http://tarballs.nixos.org/stdenv-linux/x86_64/c5aabb0d603e2c1ea05f5a93b3be82437f5ebf31/bootstrap-tools.tar.xz;
sha256 = "a5ce9c155ed09397614646c9717fc7cd94b1023d7b76b618d409e4fefd6e9d39";
};
}

View file

@ -226,6 +226,28 @@ in
ccWrapperStdenv
gcc-unwrapped coreutils gnugrep
perl gnum4 bison;
dejagnu = super.dejagnu.overrideAttrs (a: { doCheck = false; } );
# We need libidn2 and its dependency libunistring as glibc dependency.
# To avoid the cycle, we build against bootstrap libc, nuke references,
# and use the result as input for our final glibc. We also pass this pair
# through, so the final package-set uses exactly the same builds.
libunistring = super.libunistring.overrideAttrs (attrs: {
postFixup = attrs.postFixup or "" + ''
${self.nukeReferences}/bin/nuke-refs "$out"/lib/lib*.so.*.*
'';
# Apparently iconv won't work with bootstrap glibc, but it will be used
# with glibc built later where we keep *this* build of libunistring,
# so we need to trick it into supporting libiconv.
am_cv_func_iconv_works = "yes";
});
libidn2 = super.libidn2.overrideAttrs (attrs: {
postFixup = attrs.postFixup or "" + ''
${self.nukeReferences}/bin/nuke-refs -e '${lib.getLib self.libunistring}' \
"$out"/lib/lib*.so.*.*
'';
});
# This also contains the full, dynamically linked, final Glibc.
binutils = prevStage.binutils.override {
# Rewrap the binutils with the new glibc, so both the next
@ -246,7 +268,7 @@ in
inherit (prevStage)
ccWrapperStdenv
binutils coreutils gnugrep
perl patchelf linuxHeaders gnum4 bison;
perl patchelf linuxHeaders gnum4 bison libidn2 libunistring;
${localSystem.libc} = getLibc prevStage;
# Link GCC statically against GMP etc. This makes sense because
# these builds of the libraries are only used by GCC, so it
@ -276,7 +298,7 @@ in
# because gcc (since JAR support) already depends on zlib, and
# then if we already have a zlib we want to use that for the
# other purposes (binutils and top-level pkgs) too.
inherit (prevStage) gettext gnum4 bison gmp perl texinfo zlib linuxHeaders;
inherit (prevStage) gettext gnum4 bison gmp perl texinfo zlib linuxHeaders libidn2 libunistring;
${localSystem.libc} = getLibc prevStage;
binutils = super.binutils.override {
# Don't use stdenv's shell but our own
@ -362,7 +384,7 @@ in
]
# Library dependencies
++ map getLib (
[ attr acl zlib pcre ]
[ attr acl zlib pcre libidn2 libunistring ]
++ lib.optional (gawk.libsigsegv != null) gawk.libsigsegv
)
# More complicated cases
@ -377,7 +399,7 @@ in
inherit (prevStage)
gzip bzip2 xz bash coreutils diffutils findutils gawk
gnumake gnused gnutar gnugrep gnupatch patchelf
attr acl zlib pcre;
attr acl zlib pcre libunistring libidn2;
${localSystem.libc} = getLibc prevStage;
} // lib.optionalAttrs (super.stdenv.targetPlatform == localSystem) {
# Need to get rid of these when cross-compiling.

View file

@ -25,6 +25,10 @@ stdenv.mkDerivation rec {
url = "https://sources.debian.org/data/main/s/sharutils/1:4.15.2-2+deb9u1/debian/patches/01-fix-heap-buffer-overflow-cve-2018-1000097.patch";
sha256 = "19g0sxc8g79aj5gd5idz5409311253jf2q8wqkasf0handdvsbxx";
})
(fetchurl {
url = "https://sources.debian.org/data/main/s/sharutils/1:4.15.2-4/debian/patches/02-fix-ftbfs-with-glibc-2.28.patch";
sha256 = "15kpjqnfs98n6irmkh8pw7masr08xala7gx024agv7zv14722vkc";
})
];
postPatch = let

View file

@ -1,5 +1,6 @@
{ stdenv, fetchurl
, linkStatic ? (stdenv.hostPlatform.system == "i686-cygwin")
, autoreconfHook
}:
stdenv.mkDerivation rec {
@ -20,6 +21,8 @@ stdenv.mkDerivation rec {
sha256 = "0b5b5p8c7bslc6fslcr1nj9136412v3qcvbg6yxi9argq9g72v8c";
};
nativeBuildInputs = [ autoreconfHook ];
patches = [
./CVE-2016-3189.patch
./cve-2019-12900.patch

View file

@ -14,6 +14,7 @@ stdenv.mkDerivation rec {
url = https://sourceforge.net/p/ext4magic/tickets/10/attachment/ext4magic-0.3.2-i_dir_acl.patch;
sha256 = "1accydd8kigid68yir2fbihm3r3x8ws3iyznp25snkx41w6y6x8c";
})
./glibc-fix.patch
];
buildInputs = [ file libuuid e2fsprogs zlib bzip2 ];

View file

@ -0,0 +1,12 @@
diff --git a/src/recover.c b/src/recover.c
index 41b4aee..30b5d8f 100644
--- a/src/recover.c
+++ b/src/recover.c
@@ -24,6 +24,7 @@
#include <errno.h>
#include <fcntl.h>
#include <utime.h>
+#include <sys/sysmacros.h>
#ifndef O_LARGEFILE
#define O_LARGEFILE 0

View file

@ -1,4 +1,4 @@
{ stdenv, fetchurl, libuuid, autoreconfHook }:
{ stdenv, fetchurl, fetchpatch, libuuid, autoreconfHook }:
stdenv.mkDerivation rec {
name = "jfsutils-1.1.15";
@ -13,6 +13,12 @@ stdenv.mkDerivation rec {
./hardening-format.patch
# required for cross-compilation
./ar-fix.patch
# fix for glibc>=2.28
(fetchpatch {
name = "add_sysmacros.patch";
url = "https://sources.debian.org/data/main/j/jfsutils/1.1.15-4/debian/patches/add_sysmacros.patch";
sha256 = "1qcwvxs4d0d24w5x98z59arqfx2n7f0d9xaqhjcg6w8n34vkhnyc";
})
];
nativeBuildInputs = [ autoreconfHook ];

View file

@ -24,6 +24,7 @@ stdenv.mkDerivation rec {
sed -e '38i#include <string.h>' -i wrudf/wrudf-cdrw.c
sed -e '12i#include <string.h>' -i wrudf/wrudf-cdr.c
sed -e '37i#include <stdlib.h>' -i wrudf/ide-pc.c
sed -e '46i#include <sys/sysmacros.h>' -i mkudffs/main.c
sed -e "s@\$(DESTDIR)/lib/udev/rules.d@$out/lib/udev/rules.d@" -i pktsetup/Makefile.am
'';

View file

@ -1,4 +1,4 @@
{ stdenv, fetchurl, tcl, makeWrapper }:
{ stdenv, fetchurl, tcl, makeWrapper, autoreconfHook }:
stdenv.mkDerivation rec {
version = "5.45.4";
@ -10,11 +10,11 @@ stdenv.mkDerivation rec {
};
buildInputs = [ tcl ];
nativeBuildInputs = [ makeWrapper ];
nativeBuildInputs = [ makeWrapper autoreconfHook ];
hardeningDisable = [ "format" ];
patchPhase = ''
postPatch = ''
sed -i "s,/bin/stty,$(type -p stty),g" configure
'';

View file

@ -50,5 +50,6 @@ stdenv.mkDerivation rec {
maintainers = [ ];
platforms = stdenv.lib.platforms.all;
broken = true;
};
}

View file

@ -35,5 +35,6 @@ stdenv.mkDerivation {
license = licenses.bsd3;
maintainers = with maintainers; [ pSub ];
platforms = with platforms; linux;
broken = true;
};
}

View file

@ -26,5 +26,6 @@ stdenv.mkDerivation rec {
license = licenses.bsd3;
platforms = platforms.all;
maintainers = with maintainers; [ zimbatm ];
broken = true; # 2020-01-28
};
}

View file

@ -8,6 +8,10 @@ stdenv.mkDerivation {
sha256 = "1z8b26n23k0sjbxgrix646b06cnpndpq7cbcj0ilsvvdx5ms81jk";
};
postPatch = ''
sed -i -e '/<stropts.h>/d' lib/pty.c
'';
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ gtk2 readline ncurses gettext openssl ];

View file

@ -10,10 +10,17 @@ stdenv.mkDerivation rec {
};
patches =
[ ( substituteAll {
[
# fix for glibc>=2.28
(fetchurl {
url = "https://github.com/paulusmack/ppp/commit/3c7b86229f7bd2600d74db14b1fe5b3896be3875.patch";
sha256 = "0qlbi247lx3injpy8a1gcij9yilik0vfaibkpvdp88k3sa1rs69z";
})
( substituteAll {
src = ./nix-purity.patch;
inherit libpcap;
glibc = stdenv.cc.libc.dev or stdenv.cc.libc;
openssl = openssl.dev;
})
# Without nonpriv.patch, pppd --version doesn't work when not run as
# root.

View file

@ -1,8 +1,8 @@
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 060db6a..c151c62 100644
index 1ebebec..bf90c62 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -117,7 +117,7 @@ CFLAGS += -DHAS_SHADOW
@@ -120,7 +120,7 @@ CFLAGS += -DHAS_SHADOW
#LIBS += -lshadow $(LIBS)
endif
@ -11,7 +11,16 @@ index 060db6a..c151c62 100644
CFLAGS += -DHAVE_CRYPT_H=1
LIBS += -lcrypt
endif
@@ -169,7 +169,7 @@ LIBS += -ldl
@@ -132,7 +132,7 @@ endif
ifdef NEEDDES
ifndef USE_CRYPT
-CFLAGS += -I/usr/include/openssl
+CFLAGS += -I@openssl@/include/openssl
LIBS += -lcrypto
else
CFLAGS += -DUSE_CRYPT=1
@@ -178,7 +178,7 @@ LIBS += -ldl
endif
ifdef FILTER

View file

@ -0,0 +1,25 @@
From e799a7e0a64696e4ef6c088d36e4db09f8323581 Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Sun, 19 Jan 2020 22:37:04 +0100
Subject: [PATCH] Fix build for glibc>=2.28
The major/minor macros are defined in <sys/sysmacros.h> now.
---
lib/io.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/io.h b/lib/io.h
index 8703cc8..e3d0d10 100644
--- a/lib/io.h
+++ b/lib/io.h
@@ -33,6 +33,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
+#include <sys/sysmacros.h>
void read_all(int fd, void *buf, size_t len);
--
2.23.1

View file

@ -10,6 +10,8 @@ stdenv.mkDerivation rec {
sourceRoot = "${name}/trunk";
patches = [ ./0001-Fix-build-for-glibc-2.28.patch ];
nativeBuildInputs = [ autoreconfHook pkgconfig ];
buildInputs = [ glib jansson ];

View file

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitLab, pam, xmlsec, autoreconfHook, pkgconfig, libxml2, gtk-doc, perl, gengetopt, bison, help2man }:
{ stdenv, fetchFromGitLab, fetchpatch, pam, xmlsec, autoreconfHook, pkgconfig, libxml2, gtk-doc, perl, gengetopt, bison, help2man }:
let
securityDependency =
@ -15,6 +15,15 @@ in stdenv.mkDerivation {
sha256 = "0n2sl444723f1k0sjmc0mzdwslx51yxac39c2cx2bl3ykacgfv74";
};
patches = [
# fix for glibc>=2.28
(fetchpatch {
name = "new_glibc_check.patch";
url = "https://sources.debian.org/data/main/o/oath-toolkit/2.6.1-1.3/debian/patches/new-glibc-check.patch";
sha256 = "0h75xyy3xsl485v7w27yqkks6z9sgsjmrv6wiswy15fdj5wyciv3";
})
];
buildInputs = [ securityDependency libxml2 perl gengetopt bison ];
nativeBuildInputs = [ autoreconfHook gtk-doc help2man pkgconfig ];

View file

@ -8113,6 +8113,8 @@ in
# PGO seems to speed up compilation by gcc by ~10%, see #445 discussion
profiledCompiler = with stdenv; (!isDarwin && (isi686 || isx86_64));
enableLTO = !stdenv.isi686;
libcCross = if stdenv.targetPlatform != stdenv.buildPlatform then libcCross else null;
threadsCross = if stdenv.targetPlatform != stdenv.buildPlatform then threadsCross else null;
@ -24479,6 +24481,8 @@ in
pspp = callPackage ../applications/science/math/pspp { };
ssw = callPackage ../applications/misc/ssw { };
pynac = callPackage ../applications/science/math/pynac { };
singular = callPackage ../applications/science/math/singular { };