From 4041fc3e850aa1691160a7e8ae1c2cdd2b48355f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <vcunat@gmail.com>
Date: Mon, 6 Apr 2015 12:11:51 +0200
Subject: [PATCH] libzip: fix CVE-2015-2331 by Debian patch

Rebuild impact seems low, except for LibreOffice.
---
 pkgs/development/libraries/libzip/default.nix | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/libzip/default.nix b/pkgs/development/libraries/libzip/default.nix
index be50a58c54a..4af9278c7b1 100644
--- a/pkgs/development/libraries/libzip/default.nix
+++ b/pkgs/development/libraries/libzip/default.nix
@@ -2,12 +2,21 @@
 
 stdenv.mkDerivation rec {
   name = "libzip-0.11.2";
-  
+
   src = fetchurl {
     url = "http://www.nih.at/libzip/${name}.tar.gz";
     sha256 = "1mcqrz37vjrfr4gnss37z1m7xih9x9miq3mms78zf7wn7as1znw3";
   };
-  
+
+  # fix CVE-2015-2331 taken from Debian patch:
+  # https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=12;filename=libzip-0.11.2-1.2-nmu.diff;att=1;bug=780756
+  postPatch = ''
+    substituteInPlace lib/zip_dirent.c --replace \
+      'else if ((cd->entry=(struct zip_entry *)' \
+      'else if (nentry > ((size_t)-1)/sizeof(*(cd->entry)) || (cd->entry=(struct zip_entry *)'
+    cat lib/zip_dirent.c
+  '';
+
   propagatedBuildInputs = [ zlib ];
 
   # At least mysqlWorkbench cannot find zipconf.h; I think also openoffice