jshon: fix null termination in read_stream.

This fixes a somewhat critical (security?) bug. We are trying to get it merged upstream but have had no response from the ordinary maintainer in over a week. (See <https://github.com/keenerd/jshon/issues/53>.) fixes #23727
2017-03-10 21:59:38 +01:00 · 2017-03-10 21:59:38 +01:00 · 5d6ea2d64e
commit 5d6ea2d64e
parent b3c14bbf03
1 changed files with 12 additions and 3 deletions
--- a/pkgs/development/tools/parsing/jshon/default.nix
+++ b/pkgs/development/tools/parsing/jshon/default.nix
@ -1,4 +1,4 @@
-{ stdenv, lib, fetchFromGitHub, jansson }:
+{ stdenv, lib, fetchFromGitHub, fetchpatch, jansson }:

 stdenv.mkDerivation rec {
  name = "jshon-20140712";
@ -12,14 +12,23 @@ stdenv.mkDerivation rec {
    repo = "jshon";
  };

+  patches = [
+    # Fix null termination in read_stream.
+    # https://github.com/keenerd/jshon/issues/53
+    (fetchpatch {
+      url = https://github.com/mbrock/jshon/commit/32288dd186573ceb58164f30be1782d4580466d8.patch;
+      sha256 = "04rss2nprl9nqblc7smq0477n54hm801xgnnmvyzni313i1n6vhl";
+    })
+  ];
+
  buildInputs = [ jansson ];

-  patchPhase = 
+  patchPhase =
    ''
      substituteInPlace Makefile --replace "/usr/" "/"
    '';

-  preInstall = 
+  preInstall =
    ''
      export DESTDIR=$out
    '';