From 5d6ea2d64e759e30c5864ca2950c0b5ad9070437 Mon Sep 17 00:00:00 2001
From: Daniel Brockman <daniel@brockman.se>
Date: Fri, 10 Mar 2017 21:59:38 +0100
Subject: [PATCH] jshon: fix null termination in read_stream.

This fixes a somewhat critical (security?) bug.

We are trying to get it merged upstream but have had no response from
the ordinary maintainer in over a week.

(See <https://github.com/keenerd/jshon/issues/53>.)

fixes #23727
---
 pkgs/development/tools/parsing/jshon/default.nix | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/pkgs/development/tools/parsing/jshon/default.nix b/pkgs/development/tools/parsing/jshon/default.nix
index 4b35ba0cce2..5406b4e9a0e 100644
--- a/pkgs/development/tools/parsing/jshon/default.nix
+++ b/pkgs/development/tools/parsing/jshon/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchFromGitHub, jansson }:
+{ stdenv, lib, fetchFromGitHub, fetchpatch, jansson }:
 
 stdenv.mkDerivation rec {
   name = "jshon-20140712";
@@ -12,14 +12,23 @@ stdenv.mkDerivation rec {
     repo = "jshon";
   };
 
+  patches = [
+    # Fix null termination in read_stream.
+    # https://github.com/keenerd/jshon/issues/53
+    (fetchpatch {
+      url = https://github.com/mbrock/jshon/commit/32288dd186573ceb58164f30be1782d4580466d8.patch;
+      sha256 = "04rss2nprl9nqblc7smq0477n54hm801xgnnmvyzni313i1n6vhl";
+    })
+  ];
+
   buildInputs = [ jansson ];
 
-  patchPhase = 
+  patchPhase =
     ''
       substituteInPlace Makefile --replace "/usr/" "/"
     '';
 
-  preInstall = 
+  preInstall =
     ''
       export DESTDIR=$out
     '';