From f05bb6d23f2575374c8399a626aed36002302ff7 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 19 Jun 2016 23:05:08 -0500 Subject: [PATCH 01/11] gcc: fix darwin building - disable bootstrap builds on Darwin - remove xcrun calls - check if patchelf is available before using - apply darwin patch for gcc4.9 - fixes #16047 - fixes #14812 --- .../development/compilers/gcc/4.6/default.nix | 2 +- .../development/compilers/gcc/4.8/default.nix | 14 +++------- .../development/compilers/gcc/4.9/default.nix | 11 +------- pkgs/development/compilers/gcc/5/default.nix | 11 +------- pkgs/development/compilers/gcc/6/default.nix | 11 +------- pkgs/development/compilers/gcc/builder.sh | 26 ++++++++++--------- 6 files changed, 21 insertions(+), 54 deletions(-) diff --git a/pkgs/development/compilers/gcc/4.6/default.nix b/pkgs/development/compilers/gcc/4.6/default.nix index 7003f4335c8a..f912b4400f09 100644 --- a/pkgs/development/compilers/gcc/4.6/default.nix +++ b/pkgs/development/compilers/gcc/4.6/default.nix @@ -170,7 +170,7 @@ let version = "4.6.4"; "-stage-final"; crossNameAddon = if cross != null then "-${cross.config}" + stageNameAddon else ""; - bootstrap = cross == null && !stdenv.isArm && !stdenv.isMips; + bootstrap = cross == null && !stdenv.isArm && !stdenv.isMips && !stdenv.isDarwin; in diff --git a/pkgs/development/compilers/gcc/4.8/default.nix b/pkgs/development/compilers/gcc/4.8/default.nix index 6810b52574c6..3af123c677d0 100644 --- a/pkgs/development/compilers/gcc/4.8/default.nix +++ b/pkgs/development/compilers/gcc/4.8/default.nix @@ -70,7 +70,8 @@ let version = "4.8.5"; # The GNAT Makefiles did not pay attention to CFLAGS_FOR_TARGET for its # target libraries and tools. ++ optional langAda ../gnat-cflags.patch - ++ optional langFortran ../gfortran-driving.patch; + ++ optional langFortran ../gfortran-driving.patch + ++ optional stdenv.isDarwin ../gfortran-darwin-NXConstStr.patch; javaEcj = fetchurl { # The `$(top_srcdir)/ecj.jar' file is automatically picked up at @@ -197,7 +198,7 @@ let version = "4.8.5"; stageNameAddon = if crossStageStatic then "-stage-static" else "-stage-final"; crossNameAddon = if cross != null then "-${cross.config}" + stageNameAddon else ""; - bootstrap = cross == null && !stdenv.isArm && !stdenv.isMips; + bootstrap = cross == null && !stdenv.isArm && !stdenv.isMips && !stdenv.isDarwin; in @@ -304,15 +305,6 @@ stdenv.mkDerivation ({ export LDFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $LDFLAGS_FOR_TARGET" export CXXFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $CXXFLAGS_FOR_TARGET" export CFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $CFLAGS_FOR_TARGET" - '' + stdenv.lib.optionalString stdenv.isDarwin '' - if SDKROOT=$(/usr/bin/xcrun --show-sdk-path); then - configureFlagsArray+=(--with-native-system-header-dir=$SDKROOT/usr/include) - makeFlagsArray+=( \ - CFLAGS_FOR_BUILD=-F$SDKROOT/System/Library/Frameworks \ - CFLAGS_FOR_TARGET=-F$SDKROOT/System/Library/Frameworks \ - FLAGS_FOR_TARGET=-F$SDKROOT/System/Library/Frameworks \ - ) - fi ''; dontDisableStatic = true; diff --git a/pkgs/development/compilers/gcc/4.9/default.nix b/pkgs/development/compilers/gcc/4.9/default.nix index 195a7b03eed4..c0c3b77a1901 100644 --- a/pkgs/development/compilers/gcc/4.9/default.nix +++ b/pkgs/development/compilers/gcc/4.9/default.nix @@ -199,7 +199,7 @@ let version = "4.9.3"; stageNameAddon = if crossStageStatic then "-stage-static" else "-stage-final"; crossNameAddon = if cross != null then "-${cross.config}" + stageNameAddon else ""; - bootstrap = cross == null; + bootstrap = cross == null && !stdenv.isDarwin; in @@ -307,15 +307,6 @@ stdenv.mkDerivation ({ export LDFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $LDFLAGS_FOR_TARGET" export CXXFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $CXXFLAGS_FOR_TARGET" export CFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $CFLAGS_FOR_TARGET" - '' + stdenv.lib.optionalString stdenv.isDarwin '' - if SDKROOT=$(/usr/bin/xcrun --show-sdk-path); then - configureFlagsArray+=(--with-native-system-header-dir=$SDKROOT/usr/include) - makeFlagsArray+=( \ - CFLAGS_FOR_BUILD=-F$SDKROOT/System/Library/Frameworks \ - CFLAGS_FOR_TARGET=-F$SDKROOT/System/Library/Frameworks \ - FLAGS_FOR_TARGET=-F$SDKROOT/System/Library/Frameworks \ - ) - fi '' + stdenv.lib.optionalString (langJava || langGo) '' export lib=$out; diff --git a/pkgs/development/compilers/gcc/5/default.nix b/pkgs/development/compilers/gcc/5/default.nix index 9e0220ffc728..0e80a0da8e8d 100644 --- a/pkgs/development/compilers/gcc/5/default.nix +++ b/pkgs/development/compilers/gcc/5/default.nix @@ -198,7 +198,7 @@ let version = "5.3.0"; stageNameAddon = if crossStageStatic then "-stage-static" else "-stage-final"; crossNameAddon = if cross != null then "-${cross.config}" + stageNameAddon else ""; - bootstrap = cross == null; + bootstrap = cross == null && !stdenv.isDarwin; in @@ -306,15 +306,6 @@ stdenv.mkDerivation ({ export LDFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $LDFLAGS_FOR_TARGET" export CXXFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $CXXFLAGS_FOR_TARGET" export CFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $CFLAGS_FOR_TARGET" - '' + stdenv.lib.optionalString stdenv.isDarwin '' - if SDKROOT=$(/usr/bin/xcrun --show-sdk-path); then - configureFlagsArray+=(--with-native-system-header-dir=$SDKROOT/usr/include) - makeFlagsArray+=( \ - CFLAGS_FOR_BUILD=-F$SDKROOT/System/Library/Frameworks \ - CFLAGS_FOR_TARGET=-F$SDKROOT/System/Library/Frameworks \ - FLAGS_FOR_TARGET=-F$SDKROOT/System/Library/Frameworks \ - ) - fi ''; dontDisableStatic = true; diff --git a/pkgs/development/compilers/gcc/6/default.nix b/pkgs/development/compilers/gcc/6/default.nix index 6ca0f2f59f44..d7bcf8a26260 100644 --- a/pkgs/development/compilers/gcc/6/default.nix +++ b/pkgs/development/compilers/gcc/6/default.nix @@ -198,7 +198,7 @@ let version = "6.1.0"; stageNameAddon = if crossStageStatic then "-stage-static" else "-stage-final"; crossNameAddon = if cross != null then "-${cross.config}" + stageNameAddon else ""; - bootstrap = cross == null; + bootstrap = cross == null && !stdenv.isDarwin; in @@ -306,15 +306,6 @@ stdenv.mkDerivation ({ export LDFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $LDFLAGS_FOR_TARGET" export CXXFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $CXXFLAGS_FOR_TARGET" export CFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $CFLAGS_FOR_TARGET" - '' + stdenv.lib.optionalString stdenv.isDarwin '' - if SDKROOT=$(/usr/bin/xcrun --show-sdk-path); then - configureFlagsArray+=(--with-native-system-header-dir=$SDKROOT/usr/include) - makeFlagsArray+=( \ - CFLAGS_FOR_BUILD=-F$SDKROOT/System/Library/Frameworks \ - CFLAGS_FOR_TARGET=-F$SDKROOT/System/Library/Frameworks \ - FLAGS_FOR_TARGET=-F$SDKROOT/System/Library/Frameworks \ - ) - fi ''; dontDisableStatic = true; diff --git a/pkgs/development/compilers/gcc/builder.sh b/pkgs/development/compilers/gcc/builder.sh index 22107e72ef70..037ceae3d569 100644 --- a/pkgs/development/compilers/gcc/builder.sh +++ b/pkgs/development/compilers/gcc/builder.sh @@ -229,19 +229,21 @@ postInstall() { # More dependencies with the previous gcc or some libs (gccbug stores the build command line) rm -rf $out/bin/gccbug - # Take out the bootstrap-tools from the rpath, as it's not needed at all having $out - for i in $(find "$out"/libexec/gcc/*/*/* -type f -a \! -name '*.la'); do - PREV_RPATH=`patchelf --print-rpath "$i"` - NEW_RPATH=`echo "$PREV_RPATH" | sed 's,:[^:]*bootstrap-tools/lib,,g'` - patchelf --set-rpath "$NEW_RPATH" "$i" && echo OK - done + if type "patchelf"; then + # Take out the bootstrap-tools from the rpath, as it's not needed at all having $out + for i in $(find "$out"/libexec/gcc/*/*/* -type f -a \! -name '*.la'); do + PREV_RPATH=`patchelf --print-rpath "$i"` + NEW_RPATH=`echo "$PREV_RPATH" | sed 's,:[^:]*bootstrap-tools/lib,,g'` + patchelf --set-rpath "$NEW_RPATH" "$i" && echo OK + done - # For some reason the libs retain RPATH to $out - for i in "$lib"/lib/{libtsan,libasan,libubsan}.so.*.*.*; do - PREV_RPATH=`patchelf --print-rpath "$i"` - NEW_RPATH=`echo "$PREV_RPATH" | sed "s,:${out}[^:]*,,g"` - patchelf --set-rpath "$NEW_RPATH" "$i" && echo OK - done + # For some reason the libs retain RPATH to $out + for i in "$lib"/lib/{libtsan,libasan,libubsan}.so.*.*.*; do + PREV_RPATH=`patchelf --print-rpath "$i"` + NEW_RPATH=`echo "$PREV_RPATH" | sed "s,:${out}[^:]*,,g"` + patchelf --set-rpath "$NEW_RPATH" "$i" && echo OK + done + fi # Get rid of some "fixed" header files rm -rfv $out/lib/gcc/*/*/include-fixed/{root,linux} From d5dbeec3b09ff9a0917e08423e860d784a7e9efc Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Thu, 16 Jun 2016 19:42:15 -0500 Subject: [PATCH 02/11] json-glib: add libintl for darwin --- pkgs/development/libraries/json-glib/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/json-glib/default.nix b/pkgs/development/libraries/json-glib/default.nix index 5cfafc8e69ae..99dcb3776208 100644 --- a/pkgs/development/libraries/json-glib/default.nix +++ b/pkgs/development/libraries/json-glib/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, glib, pkgconfig, gobjectIntrospection, dbus }: +{ stdenv, fetchurl, glib, pkgconfig, gobjectIntrospection, dbus, libintlOrEmpty }: stdenv.mkDerivation rec { name = "json-glib-${minVer}.0"; @@ -13,6 +13,9 @@ stdenv.mkDerivation rec { propagatedBuildInputs = [ glib gobjectIntrospection ]; nativeBuildInputs = [ pkgconfig ]; + buildInputs = libintlOrEmpty; + + NIX_LDFLAGS = stdenv.lib.optionalString stdenv.isDarwin "-lintl"; meta = with stdenv.lib; { homepage = http://live.gnome.org/JsonGlib; From 14c038dd0390a9b24969f0138356b5c7520b9fdf Mon Sep 17 00:00:00 2001 From: Gabriel Ebner Date: Mon, 20 Jun 2016 18:23:39 +0200 Subject: [PATCH 03/11] file: 5.25 -> 5.28 --- pkgs/tools/misc/file/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/file/default.nix b/pkgs/tools/misc/file/default.nix index 749bf59fde96..b1e9990ea7d4 100644 --- a/pkgs/tools/misc/file/default.nix +++ b/pkgs/tools/misc/file/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, zlib }: stdenv.mkDerivation rec { - name = "file-5.25"; + name = "file-5.28"; buildInputs = [ zlib ]; @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { "ftp://ftp.astron.com/pub/file/${name}.tar.gz" "http://distfiles.macports.org/file/${name}.tar.gz" ]; - sha256 = "1jhfi5mivdnqvry5la5q919l503ahwdwbf3hjhiv97znccakhd9p"; + sha256 = "04p0w9ggqq6cqvwhyni0flji1z0rwrz896hmhkxd2mc6dca5xjqf"; }; meta = { From 325dafe82b74cf7d1c4883cd1ba4909741672eb0 Mon Sep 17 00:00:00 2001 From: Michiel Leenaars Date: Mon, 20 Jun 2016 13:38:33 +0200 Subject: [PATCH 04/11] gnutls: 3.4.11 -> 3.4.13 --- pkgs/development/libraries/gnutls/3.4.nix | 4 ++-- pkgs/development/libraries/gnutls/generic.nix | 8 ++++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/pkgs/development/libraries/gnutls/3.4.nix b/pkgs/development/libraries/gnutls/3.4.nix index 71c3010467ce..4882e5dda043 100644 --- a/pkgs/development/libraries/gnutls/3.4.nix +++ b/pkgs/development/libraries/gnutls/3.4.nix @@ -1,11 +1,11 @@ { callPackage, fetchurl, autoreconfHook, ... } @ args: callPackage ./generic.nix (args // rec { - version = "3.4.11"; + version = "3.4.13"; src = fetchurl { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-${version}.tar.xz"; - sha256 = "1f4sbb38xab46h67a3pm6kybgrahjx3vbrn66qq3cbc2jngrrvvh"; + sha256 = "0naqs9g5b577j1j7q55ma1vcn78jl2d98h3zrl5rh997wzl8cczx"; }; # This fixes some broken parallel dependencies diff --git a/pkgs/development/libraries/gnutls/generic.nix b/pkgs/development/libraries/gnutls/generic.nix index b54ea52b880b..3af07f4c6f9f 100644 --- a/pkgs/development/libraries/gnutls/generic.nix +++ b/pkgs/development/libraries/gnutls/generic.nix @@ -1,6 +1,6 @@ { lib, fetchurl, stdenv, zlib, lzo, libtasn1, nettle, pkgconfig, lzip , guileBindings, guile, perl, gmp, autogen, libidn, p11_kit, unbound, libiconv -, tpmSupport ? false, trousers +, tpmSupport ? false, trousers, nettools, bash # Version dependent args , version, src, patches ? [], postPatch ? "", nativeBuildInputs ? [] @@ -29,7 +29,7 @@ stdenv.mkDerivation { # for the actual fix. enableParallelBuilding = !guileBindings; - buildInputs = [ lzo lzip nettle libtasn1 libidn p11_kit zlib gmp autogen ] + buildInputs = [ lzo lzip nettle libtasn1 libidn p11_kit zlib gmp autogen nettools bash ] ++ lib.optional (stdenv.isFreeBSD || stdenv.isDarwin) libiconv ++ lib.optional (tpmSupport && stdenv.isLinux) trousers ++ [ unbound ] @@ -37,6 +37,10 @@ stdenv.mkDerivation { nativeBuildInputs = [ perl pkgconfig ] ++ nativeBuildInputs; + patchPhase = '' + patchShebangs . + ''; + # XXX: Gnulib's `test-select' fails on FreeBSD: # http://hydra.nixos.org/build/2962084/nixlog/1/raw . doCheck = (!stdenv.isFreeBSD && !stdenv.isDarwin); From 2cf31a1840888b224cc63522ffbf09ca4773ba76 Mon Sep 17 00:00:00 2001 From: Michiel Leenaars Date: Mon, 20 Jun 2016 14:17:13 +0200 Subject: [PATCH 05/11] gnutls35: init at 3.5.1 --- pkgs/development/libraries/gnutls/3.5.nix | 17 +++++++++++++++++ pkgs/top-level/all-packages.nix | 4 ++++ 2 files changed, 21 insertions(+) create mode 100644 pkgs/development/libraries/gnutls/3.5.nix diff --git a/pkgs/development/libraries/gnutls/3.5.nix b/pkgs/development/libraries/gnutls/3.5.nix new file mode 100644 index 000000000000..82bd437d721b --- /dev/null +++ b/pkgs/development/libraries/gnutls/3.5.nix @@ -0,0 +1,17 @@ +{ callPackage, fetchurl, autoreconfHook, ... } @ args: + +callPackage ./generic.nix (args // rec { + version = "3.5.1"; + + src = fetchurl { + url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-${version}.tar.xz"; + sha256 = "1gdxr1p1sigigwvangqf3v31i8fda07d6ngawykarhr7ls00yjmw"; + }; + + # This fixes some broken parallel dependencies + postPatch = '' + sed -i 's,^BUILT_SOURCES =,\0 systemkey-args.h,g' src/Makefile.am + ''; + + nativeBuildInputs = [ autoreconfHook ]; +}) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index dc47a12f10ad..8b615434cdc4 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7254,6 +7254,10 @@ in guileBindings = config.gnutls.guile or false; }; + gnutls35 = callPackage ../development/libraries/gnutls/3.5.nix { + guileBindings = config.gnutls.guile or false; + }; + gpac = callPackage ../applications/video/gpac { }; gpgme = callPackage ../development/libraries/gpgme { From 9f159b46948a6e8fdb2628a1533547b086121b13 Mon Sep 17 00:00:00 2001 From: Rahul Gopinath Date: Tue, 21 Jun 2016 00:53:26 -0700 Subject: [PATCH 06/11] libmicrohttpd: 0.9.44 -> 0.9.50 --- .../libraries/libmicrohttpd/default.nix | 24 ++++++++----------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/pkgs/development/libraries/libmicrohttpd/default.nix b/pkgs/development/libraries/libmicrohttpd/default.nix index c68187945334..7ee0cbe1bd94 100644 --- a/pkgs/development/libraries/libmicrohttpd/default.nix +++ b/pkgs/development/libraries/libmicrohttpd/default.nix @@ -1,29 +1,25 @@ -{ lib, stdenv, fetchurl, libgcrypt }: +{ stdenv, fetchurl, libgcrypt, curl, gnutls, pkgconfig }: stdenv.mkDerivation rec { - name = "libmicrohttpd-0.9.44"; + name = "libmicrohttpd-0.9.50"; src = fetchurl { url = "mirror://gnu/libmicrohttpd/${name}.tar.gz"; - sha256 = "07j1p21rvbrrfpxngk8xswzkmjkh94bp1971xfjh1p0ja709qwzj"; + sha256 = "1mzbqr6sqisppz88mh73bbh5sw57g8l87qvhcjdx5pmbd183idni"; }; outputs = [ "dev" "out" "docdev" ]; + buildInputs = [ libgcrypt curl gnutls pkgconfig ]; - buildInputs = [ libgcrypt ]; - - preCheck = + preCheck = '' # Since `localhost' can't be resolved in a chroot, work around it. - '' for i in "src/test"*"/"*.[ch] - do - sed -i "$i" -es/localhost/127.0.0.1/g - done - ''; + sed -ie 's/localhost/127.0.0.1/g' src/test*/*.[ch] + ''; # Disabled because the tests can time-out. doCheck = false; - meta = { + meta = with stdenv.lib; { description = "Embeddable HTTP server library"; longDescription = '' @@ -31,10 +27,10 @@ stdenv.mkDerivation rec { it easy to run an HTTP server as part of another application. ''; - license = lib.licenses.lgpl2Plus; + license = licenses.lgpl2Plus; homepage = http://www.gnu.org/software/libmicrohttpd/; - maintainers = [ lib.maintainers.eelco ]; + maintainers = [ maintainers.eelco maintainers.vrthra ]; }; } From c26bbf0b87c33a7fc6459483a8dfd41faa53097e Mon Sep 17 00:00:00 2001 From: Wout Mertens Date: Tue, 21 Jun 2016 21:58:39 +0200 Subject: [PATCH 07/11] coreutils: single binary build --- pkgs/tools/misc/coreutils/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/misc/coreutils/default.nix b/pkgs/tools/misc/coreutils/default.nix index 1ad4f473e9d0..d08dd303341b 100644 --- a/pkgs/tools/misc/coreutils/default.nix +++ b/pkgs/tools/misc/coreutils/default.nix @@ -30,7 +30,8 @@ let outputs = [ "out" "info" ]; nativeBuildInputs = [ perl xz.bin ]; - configureFlags = optionalString stdenv.isSunOS "ac_cv_func_inotify_init=no"; + configureFlags = [ "--enable-single-binary" ] + ++ optional stdenv.isSunOS "ac_cv_func_inotify_init=no"; buildInputs = [ gmp ] ++ optional aclSupport acl From 91c13172721c979710f33906a7a56c0a67cb8214 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Thu, 23 Jun 2016 12:11:21 +0200 Subject: [PATCH 08/11] glibc: fixup retaining bootstrap-tools reference https://github.com/NixOS/nixpkgs/pull/15867#issuecomment-227949096 --- pkgs/development/libraries/glibc/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pkgs/development/libraries/glibc/default.nix b/pkgs/development/libraries/glibc/default.nix index 0ea6b4b938b2..2a1652a55011 100644 --- a/pkgs/development/libraries/glibc/default.nix +++ b/pkgs/development/libraries/glibc/default.nix @@ -72,6 +72,14 @@ in # Get rid of more unnecessary stuff. rm -rf $out/var $out/sbin/sln + # For some reason these aren't stripped otherwise and retain reference + # to bootstrap-tools; on cross-arm this stripping would break objects. + if [ -z "$crossConfig" ]; then + for i in "$out"/lib/*.a; do + strip -S "$i" + done + fi + # Put libraries for static linking in a separate output. Note # that libc_nonshared.a and libpthread_nonshared.a are required # for dynamically-linked applications. From 964fd18676adf0afe5cabeb25fa693b0f4b08c60 Mon Sep 17 00:00:00 2001 From: Alexander Ried Date: Fri, 24 Jun 2016 17:54:57 +0200 Subject: [PATCH 09/11] expat: 2.1.1 -> 2.2.0 security patches have been integrated upstream --- .../libraries/expat/CVE-2015-1283-refix.patch | 37 - .../expat/CVE-2016-0718-v2-2-1.patch | 755 ------------------ pkgs/development/libraries/expat/default.nix | 6 +- 3 files changed, 2 insertions(+), 796 deletions(-) delete mode 100644 pkgs/development/libraries/expat/CVE-2015-1283-refix.patch delete mode 100644 pkgs/development/libraries/expat/CVE-2016-0718-v2-2-1.patch diff --git a/pkgs/development/libraries/expat/CVE-2015-1283-refix.patch b/pkgs/development/libraries/expat/CVE-2015-1283-refix.patch deleted file mode 100644 index db9747ea0b38..000000000000 --- a/pkgs/development/libraries/expat/CVE-2015-1283-refix.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 29a11774d8ebbafe8418b4a5ffb4cc1160b194a1 Mon Sep 17 00:00:00 2001 -From: Pascal Cuoq -Date: Sun, 15 May 2016 09:05:46 +0200 -Subject: [PATCH] Avoid relying on undefined behavior in CVE-2015-1283 fix. It - does not really work: https://godbolt.org/g/Zl8gdF - ---- - expat/lib/xmlparse.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/lib/xmlparse.c b/lib/xmlparse.c -index 13e080d..cdb12ef 100644 ---- a/lib/xmlparse.c -+++ b/lib/xmlparse.c -@@ -1693,7 +1693,8 @@ XML_GetBuffer(XML_Parser parser, int len) - } - - if (len > bufferLim - bufferEnd) { -- int neededSize = len + (int)(bufferEnd - bufferPtr); -+ /* Do not invoke signed arithmetic overflow: */ -+ int neededSize = (int) ((unsigned)len + (unsigned)(bufferEnd - bufferPtr)); - if (neededSize < 0) { - errorCode = XML_ERROR_NO_MEMORY; - return NULL; -@@ -1725,7 +1726,8 @@ XML_GetBuffer(XML_Parser parser, int len) - if (bufferSize == 0) - bufferSize = INIT_BUFFER_SIZE; - do { -- bufferSize *= 2; -+ /* Do not invoke signed arithmetic overflow: */ -+ bufferSize = (int) (2U * (unsigned) bufferSize); - } while (bufferSize < neededSize && bufferSize > 0); - if (bufferSize <= 0) { - errorCode = XML_ERROR_NO_MEMORY; --- -2.8.2 - diff --git a/pkgs/development/libraries/expat/CVE-2016-0718-v2-2-1.patch b/pkgs/development/libraries/expat/CVE-2016-0718-v2-2-1.patch deleted file mode 100644 index 92ff2682684e..000000000000 --- a/pkgs/development/libraries/expat/CVE-2016-0718-v2-2-1.patch +++ /dev/null @@ -1,755 +0,0 @@ -From cdfcb1b5c95e93b00ae9e9d25708b4a3bee72c15 Mon Sep 17 00:00:00 2001 -From: Sebastian Pipping -Date: Mon, 2 May 2016 00:02:44 +0200 -Subject: [PATCH] Address CVE-2016-0718 (/patch/ version 2.2.1) - -* Out of bounds memory access when doing text conversion on malformed input -* Integer overflow related to memory allocation - -Reported by Gustavo Grieco - -Patch credits go to -* Christian Heimes -* Karl Waclawek -* Gustavo Grieco -* Sebastian Pipping -* Pascal Cuoq ---- - expat/lib/xmlparse.c | 34 +++++++++----- - expat/lib/xmltok.c | 115 +++++++++++++++++++++++++++++++++++------------- - expat/lib/xmltok.h | 10 ++++- - expat/lib/xmltok_impl.c | 62 +++++++++++++------------- - 4 files changed, 146 insertions(+), 75 deletions(-) - -diff --git a/lib/xmlparse.c b/lib/xmlparse.c -index e308c79..13e080d 100644 ---- a/lib/xmlparse.c -+++ b/lib/xmlparse.c -@@ -2426,11 +2426,11 @@ doContent(XML_Parser parser, - for (;;) { - int bufSize; - int convLen; -- XmlConvert(enc, -+ const enum XML_Convert_Result convert_res = XmlConvert(enc, - &fromPtr, rawNameEnd, - (ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1); - convLen = (int)(toPtr - (XML_Char *)tag->buf); -- if (fromPtr == rawNameEnd) { -+ if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) { - tag->name.strLen = convLen; - break; - } -@@ -2651,11 +2651,11 @@ doContent(XML_Parser parser, - if (MUST_CONVERT(enc, s)) { - for (;;) { - ICHAR *dataPtr = (ICHAR *)dataBuf; -- XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); -+ const enum XML_Convert_Result convert_res = XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); - *eventEndPP = s; - charDataHandler(handlerArg, dataBuf, - (int)(dataPtr - (ICHAR *)dataBuf)); -- if (s == next) -+ if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) - break; - *eventPP = s; - } -@@ -3261,11 +3261,11 @@ doCdataSection(XML_Parser parser, - if (MUST_CONVERT(enc, s)) { - for (;;) { - ICHAR *dataPtr = (ICHAR *)dataBuf; -- XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); -+ const enum XML_Convert_Result convert_res = XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); - *eventEndPP = next; - charDataHandler(handlerArg, dataBuf, - (int)(dataPtr - (ICHAR *)dataBuf)); -- if (s == next) -+ if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) - break; - *eventPP = s; - } -@@ -5342,6 +5342,7 @@ reportDefault(XML_Parser parser, const ENCODING *enc, - const char *s, const char *end) - { - if (MUST_CONVERT(enc, s)) { -+ enum XML_Convert_Result convert_res; - const char **eventPP; - const char **eventEndPP; - if (enc == encoding) { -@@ -5354,11 +5355,11 @@ reportDefault(XML_Parser parser, const ENCODING *enc, - } - do { - ICHAR *dataPtr = (ICHAR *)dataBuf; -- XmlConvert(enc, &s, end, &dataPtr, (ICHAR *)dataBufEnd); -+ convert_res = XmlConvert(enc, &s, end, &dataPtr, (ICHAR *)dataBufEnd); - *eventEndPP = s; - defaultHandler(handlerArg, dataBuf, (int)(dataPtr - (ICHAR *)dataBuf)); - *eventPP = s; -- } while (s != end); -+ } while ((convert_res != XML_CONVERT_COMPLETED) && (convert_res != XML_CONVERT_INPUT_INCOMPLETE)); - } - else - defaultHandler(handlerArg, (XML_Char *)s, (int)((XML_Char *)end - (XML_Char *)s)); -@@ -6163,8 +6164,8 @@ poolAppend(STRING_POOL *pool, const ENCODING *enc, - if (!pool->ptr && !poolGrow(pool)) - return NULL; - for (;;) { -- XmlConvert(enc, &ptr, end, (ICHAR **)&(pool->ptr), (ICHAR *)pool->end); -- if (ptr == end) -+ const enum XML_Convert_Result convert_res = XmlConvert(enc, &ptr, end, (ICHAR **)&(pool->ptr), (ICHAR *)pool->end); -+ if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) - break; - if (!poolGrow(pool)) - return NULL; -@@ -6248,8 +6249,13 @@ poolGrow(STRING_POOL *pool) - } - } - if (pool->blocks && pool->start == pool->blocks->s) { -- int blockSize = (int)(pool->end - pool->start)*2; -- BLOCK *temp = (BLOCK *) -+ BLOCK *temp; -+ int blockSize = (int)((unsigned)(pool->end - pool->start)*2U); -+ -+ if (blockSize < 0) -+ return XML_FALSE; -+ -+ temp = (BLOCK *) - pool->mem->realloc_fcn(pool->blocks, - (offsetof(BLOCK, s) - + blockSize * sizeof(XML_Char))); -@@ -6264,6 +6270,10 @@ poolGrow(STRING_POOL *pool) - else { - BLOCK *tem; - int blockSize = (int)(pool->end - pool->start); -+ -+ if (blockSize < 0) -+ return XML_FALSE; -+ - if (blockSize < INIT_BLOCK_SIZE) - blockSize = INIT_BLOCK_SIZE; - else -diff --git a/lib/xmltok.c b/lib/xmltok.c -index bf09dfc..cb98ce1 100644 ---- a/lib/xmltok.c -+++ b/lib/xmltok.c -@@ -318,39 +318,55 @@ enum { /* UTF8_cvalN is value of masked first byte of N byte sequence */ - UTF8_cval4 = 0xf0 - }; - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - utf8_toUtf8(const ENCODING *enc, - const char **fromP, const char *fromLim, - char **toP, const char *toLim) - { -+ enum XML_Convert_Result res = XML_CONVERT_COMPLETED; - char *to; - const char *from; - if (fromLim - *fromP > toLim - *toP) { - /* Avoid copying partial characters. */ -+ res = XML_CONVERT_OUTPUT_EXHAUSTED; - for (fromLim = *fromP + (toLim - *toP); fromLim > *fromP; fromLim--) - if (((unsigned char)fromLim[-1] & 0xc0) != 0x80) - break; - } -- for (to = *toP, from = *fromP; from != fromLim; from++, to++) -+ for (to = *toP, from = *fromP; (from < fromLim) && (to < toLim); from++, to++) - *to = *from; - *fromP = from; - *toP = to; -+ -+ if ((to == toLim) && (from < fromLim)) -+ return XML_CONVERT_OUTPUT_EXHAUSTED; -+ else -+ return res; - } - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - utf8_toUtf16(const ENCODING *enc, - const char **fromP, const char *fromLim, - unsigned short **toP, const unsigned short *toLim) - { -+ enum XML_Convert_Result res = XML_CONVERT_COMPLETED; - unsigned short *to = *toP; - const char *from = *fromP; -- while (from != fromLim && to != toLim) { -+ while (from < fromLim && to < toLim) { - switch (((struct normal_encoding *)enc)->type[(unsigned char)*from]) { - case BT_LEAD2: -+ if (fromLim - from < 2) { -+ res = XML_CONVERT_INPUT_INCOMPLETE; -+ break; -+ } - *to++ = (unsigned short)(((from[0] & 0x1f) << 6) | (from[1] & 0x3f)); - from += 2; - break; - case BT_LEAD3: -+ if (fromLim - from < 3) { -+ res = XML_CONVERT_INPUT_INCOMPLETE; -+ break; -+ } - *to++ = (unsigned short)(((from[0] & 0xf) << 12) - | ((from[1] & 0x3f) << 6) | (from[2] & 0x3f)); - from += 3; -@@ -358,8 +374,14 @@ utf8_toUtf16(const ENCODING *enc, - case BT_LEAD4: - { - unsigned long n; -- if (to + 1 == toLim) -+ if (toLim - to < 2) { -+ res = XML_CONVERT_OUTPUT_EXHAUSTED; - goto after; -+ } -+ if (fromLim - from < 4) { -+ res = XML_CONVERT_INPUT_INCOMPLETE; -+ goto after; -+ } - n = ((from[0] & 0x7) << 18) | ((from[1] & 0x3f) << 12) - | ((from[2] & 0x3f) << 6) | (from[3] & 0x3f); - n -= 0x10000; -@@ -377,6 +399,7 @@ utf8_toUtf16(const ENCODING *enc, - after: - *fromP = from; - *toP = to; -+ return res; - } - - #ifdef XML_NS -@@ -425,7 +448,7 @@ static const struct normal_encoding internal_utf8_encoding = { - STANDARD_VTABLE(sb_) NORMAL_VTABLE(utf8_) - }; - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - latin1_toUtf8(const ENCODING *enc, - const char **fromP, const char *fromLim, - char **toP, const char *toLim) -@@ -433,30 +456,35 @@ latin1_toUtf8(const ENCODING *enc, - for (;;) { - unsigned char c; - if (*fromP == fromLim) -- break; -+ return XML_CONVERT_COMPLETED; - c = (unsigned char)**fromP; - if (c & 0x80) { - if (toLim - *toP < 2) -- break; -+ return XML_CONVERT_OUTPUT_EXHAUSTED; - *(*toP)++ = (char)((c >> 6) | UTF8_cval2); - *(*toP)++ = (char)((c & 0x3f) | 0x80); - (*fromP)++; - } - else { - if (*toP == toLim) -- break; -+ return XML_CONVERT_OUTPUT_EXHAUSTED; - *(*toP)++ = *(*fromP)++; - } - } - } - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - latin1_toUtf16(const ENCODING *enc, - const char **fromP, const char *fromLim, - unsigned short **toP, const unsigned short *toLim) - { -- while (*fromP != fromLim && *toP != toLim) -+ while (*fromP < fromLim && *toP < toLim) - *(*toP)++ = (unsigned char)*(*fromP)++; -+ -+ if ((*toP == toLim) && (*fromP < fromLim)) -+ return XML_CONVERT_OUTPUT_EXHAUSTED; -+ else -+ return XML_CONVERT_COMPLETED; - } - - #ifdef XML_NS -@@ -483,13 +511,18 @@ static const struct normal_encoding latin1_encoding = { - STANDARD_VTABLE(sb_) - }; - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - ascii_toUtf8(const ENCODING *enc, - const char **fromP, const char *fromLim, - char **toP, const char *toLim) - { -- while (*fromP != fromLim && *toP != toLim) -+ while (*fromP < fromLim && *toP < toLim) - *(*toP)++ = *(*fromP)++; -+ -+ if ((*toP == toLim) && (*fromP < fromLim)) -+ return XML_CONVERT_OUTPUT_EXHAUSTED; -+ else -+ return XML_CONVERT_COMPLETED; - } - - #ifdef XML_NS -@@ -536,13 +569,14 @@ unicode_byte_type(char hi, char lo) - } - - #define DEFINE_UTF16_TO_UTF8(E) \ --static void PTRCALL \ -+static enum XML_Convert_Result PTRCALL \ - E ## toUtf8(const ENCODING *enc, \ - const char **fromP, const char *fromLim, \ - char **toP, const char *toLim) \ - { \ -- const char *from; \ -- for (from = *fromP; from != fromLim; from += 2) { \ -+ const char *from = *fromP; \ -+ fromLim = from + (((fromLim - from) >> 1) << 1); /* shrink to even */ \ -+ for (; from < fromLim; from += 2) { \ - int plane; \ - unsigned char lo2; \ - unsigned char lo = GET_LO(from); \ -@@ -552,7 +586,7 @@ E ## toUtf8(const ENCODING *enc, \ - if (lo < 0x80) { \ - if (*toP == toLim) { \ - *fromP = from; \ -- return; \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ - } \ - *(*toP)++ = lo; \ - break; \ -@@ -562,7 +596,7 @@ E ## toUtf8(const ENCODING *enc, \ - case 0x4: case 0x5: case 0x6: case 0x7: \ - if (toLim - *toP < 2) { \ - *fromP = from; \ -- return; \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ - } \ - *(*toP)++ = ((lo >> 6) | (hi << 2) | UTF8_cval2); \ - *(*toP)++ = ((lo & 0x3f) | 0x80); \ -@@ -570,7 +604,7 @@ E ## toUtf8(const ENCODING *enc, \ - default: \ - if (toLim - *toP < 3) { \ - *fromP = from; \ -- return; \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ - } \ - /* 16 bits divided 4, 6, 6 amongst 3 bytes */ \ - *(*toP)++ = ((hi >> 4) | UTF8_cval3); \ -@@ -580,7 +614,11 @@ E ## toUtf8(const ENCODING *enc, \ - case 0xD8: case 0xD9: case 0xDA: case 0xDB: \ - if (toLim - *toP < 4) { \ - *fromP = from; \ -- return; \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ -+ } \ -+ if (fromLim - from < 4) { \ -+ *fromP = from; \ -+ return XML_CONVERT_INPUT_INCOMPLETE; \ - } \ - plane = (((hi & 0x3) << 2) | ((lo >> 6) & 0x3)) + 1; \ - *(*toP)++ = ((plane >> 2) | UTF8_cval4); \ -@@ -596,20 +634,32 @@ E ## toUtf8(const ENCODING *enc, \ - } \ - } \ - *fromP = from; \ -+ if (from < fromLim) \ -+ return XML_CONVERT_INPUT_INCOMPLETE; \ -+ else \ -+ return XML_CONVERT_COMPLETED; \ - } - - #define DEFINE_UTF16_TO_UTF16(E) \ --static void PTRCALL \ -+static enum XML_Convert_Result PTRCALL \ - E ## toUtf16(const ENCODING *enc, \ - const char **fromP, const char *fromLim, \ - unsigned short **toP, const unsigned short *toLim) \ - { \ -+ enum XML_Convert_Result res = XML_CONVERT_COMPLETED; \ -+ fromLim = *fromP + (((fromLim - *fromP) >> 1) << 1); /* shrink to even */ \ - /* Avoid copying first half only of surrogate */ \ - if (fromLim - *fromP > ((toLim - *toP) << 1) \ -- && (GET_HI(fromLim - 2) & 0xF8) == 0xD8) \ -+ && (GET_HI(fromLim - 2) & 0xF8) == 0xD8) { \ - fromLim -= 2; \ -- for (; *fromP != fromLim && *toP != toLim; *fromP += 2) \ -+ res = XML_CONVERT_INPUT_INCOMPLETE; \ -+ } \ -+ for (; *fromP < fromLim && *toP < toLim; *fromP += 2) \ - *(*toP)++ = (GET_HI(*fromP) << 8) | GET_LO(*fromP); \ -+ if ((*toP == toLim) && (*fromP < fromLim)) \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ -+ else \ -+ return res; \ - } - - #define SET2(ptr, ch) \ -@@ -1288,7 +1338,7 @@ unknown_isInvalid(const ENCODING *enc, const char *p) - return (c & ~0xFFFF) || checkCharRefNumber(c) < 0; - } - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - unknown_toUtf8(const ENCODING *enc, - const char **fromP, const char *fromLim, - char **toP, const char *toLim) -@@ -1299,21 +1349,21 @@ unknown_toUtf8(const ENCODING *enc, - const char *utf8; - int n; - if (*fromP == fromLim) -- break; -+ return XML_CONVERT_COMPLETED; - utf8 = uenc->utf8[(unsigned char)**fromP]; - n = *utf8++; - if (n == 0) { - int c = uenc->convert(uenc->userData, *fromP); - n = XmlUtf8Encode(c, buf); - if (n > toLim - *toP) -- break; -+ return XML_CONVERT_OUTPUT_EXHAUSTED; - utf8 = buf; - *fromP += (AS_NORMAL_ENCODING(enc)->type[(unsigned char)**fromP] - - (BT_LEAD2 - 2)); - } - else { - if (n > toLim - *toP) -- break; -+ return XML_CONVERT_OUTPUT_EXHAUSTED; - (*fromP)++; - } - do { -@@ -1322,13 +1372,13 @@ unknown_toUtf8(const ENCODING *enc, - } - } - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - unknown_toUtf16(const ENCODING *enc, - const char **fromP, const char *fromLim, - unsigned short **toP, const unsigned short *toLim) - { - const struct unknown_encoding *uenc = AS_UNKNOWN_ENCODING(enc); -- while (*fromP != fromLim && *toP != toLim) { -+ while (*fromP < fromLim && *toP < toLim) { - unsigned short c = uenc->utf16[(unsigned char)**fromP]; - if (c == 0) { - c = (unsigned short) -@@ -1340,6 +1390,11 @@ unknown_toUtf16(const ENCODING *enc, - (*fromP)++; - *(*toP)++ = c; - } -+ -+ if ((*toP == toLim) && (*fromP < fromLim)) -+ return XML_CONVERT_OUTPUT_EXHAUSTED; -+ else -+ return XML_CONVERT_COMPLETED; - } - - ENCODING * -@@ -1503,7 +1558,7 @@ initScan(const ENCODING * const *encodingTable, - { - const ENCODING **encPtr; - -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - encPtr = enc->encPtr; - if (ptr + 1 == end) { -diff --git a/lib/xmltok.h b/lib/xmltok.h -index ca867aa..752007e 100644 ---- a/lib/xmltok.h -+++ b/lib/xmltok.h -@@ -130,6 +130,12 @@ typedef int (PTRCALL *SCANNER)(const ENCODING *, - const char *, - const char **); - -+enum XML_Convert_Result { -+ XML_CONVERT_COMPLETED = 0, -+ XML_CONVERT_INPUT_INCOMPLETE = 1, -+ XML_CONVERT_OUTPUT_EXHAUSTED = 2 /* and therefore potentially input remaining as well */ -+}; -+ - struct encoding { - SCANNER scanners[XML_N_STATES]; - SCANNER literalScanners[XML_N_LITERAL_TYPES]; -@@ -158,12 +164,12 @@ struct encoding { - const char *ptr, - const char *end, - const char **badPtr); -- void (PTRCALL *utf8Convert)(const ENCODING *enc, -+ enum XML_Convert_Result (PTRCALL *utf8Convert)(const ENCODING *enc, - const char **fromP, - const char *fromLim, - char **toP, - const char *toLim); -- void (PTRCALL *utf16Convert)(const ENCODING *enc, -+ enum XML_Convert_Result (PTRCALL *utf16Convert)(const ENCODING *enc, - const char **fromP, - const char *fromLim, - unsigned short **toP, -diff --git a/lib/xmltok_impl.c b/lib/xmltok_impl.c -index 9c2895b..6c5a3ba 100644 ---- a/lib/xmltok_impl.c -+++ b/lib/xmltok_impl.c -@@ -93,13 +93,13 @@ static int PTRCALL - PREFIX(scanComment)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { -- if (ptr != end) { -+ if (ptr < end) { - if (!CHAR_MATCHES(enc, ptr, ASCII_MINUS)) { - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } - ptr += MINBPC(enc); -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - INVALID_CASES(ptr, nextTokPtr) - case BT_MINUS: -@@ -147,7 +147,7 @@ PREFIX(scanDecl)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_PERCNT: - if (ptr + MINBPC(enc) == end) -@@ -233,7 +233,7 @@ PREFIX(scanPi)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_S: case BT_CR: case BT_LF: -@@ -242,7 +242,7 @@ PREFIX(scanPi)(const ENCODING *enc, const char *ptr, - return XML_TOK_INVALID; - } - ptr += MINBPC(enc); -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - INVALID_CASES(ptr, nextTokPtr) - case BT_QUEST: -@@ -305,7 +305,7 @@ static int PTRCALL - PREFIX(cdataSectionTok)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - if (MINBPC(enc) > 1) { - size_t n = end - ptr; -@@ -348,7 +348,7 @@ PREFIX(cdataSectionTok)(const ENCODING *enc, const char *ptr, - ptr += MINBPC(enc); - break; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: \ -@@ -391,11 +391,11 @@ PREFIX(scanEndTag)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_S: case BT_CR: case BT_LF: -- for (ptr += MINBPC(enc); ptr != end; ptr += MINBPC(enc)) { -+ for (ptr += MINBPC(enc); ptr < end; ptr += MINBPC(enc)) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_S: case BT_CR: case BT_LF: - break; -@@ -432,7 +432,7 @@ static int PTRCALL - PREFIX(scanHexCharRef)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { -- if (ptr != end) { -+ if (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_DIGIT: - case BT_HEX: -@@ -441,7 +441,7 @@ PREFIX(scanHexCharRef)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- for (ptr += MINBPC(enc); ptr != end; ptr += MINBPC(enc)) { -+ for (ptr += MINBPC(enc); ptr < end; ptr += MINBPC(enc)) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_DIGIT: - case BT_HEX: -@@ -464,7 +464,7 @@ static int PTRCALL - PREFIX(scanCharRef)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { -- if (ptr != end) { -+ if (ptr < end) { - if (CHAR_MATCHES(enc, ptr, ASCII_x)) - return PREFIX(scanHexCharRef)(enc, ptr + MINBPC(enc), end, nextTokPtr); - switch (BYTE_TYPE(enc, ptr)) { -@@ -474,7 +474,7 @@ PREFIX(scanCharRef)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- for (ptr += MINBPC(enc); ptr != end; ptr += MINBPC(enc)) { -+ for (ptr += MINBPC(enc); ptr < end; ptr += MINBPC(enc)) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_DIGIT: - break; -@@ -506,7 +506,7 @@ PREFIX(scanRef)(const ENCODING *enc, const char *ptr, const char *end, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_SEMI: -@@ -529,7 +529,7 @@ PREFIX(scanAtts)(const ENCODING *enc, const char *ptr, const char *end, - #ifdef XML_NS - int hadColon = 0; - #endif -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - #ifdef XML_NS -@@ -716,7 +716,7 @@ PREFIX(scanLt)(const ENCODING *enc, const char *ptr, const char *end, - hadColon = 0; - #endif - /* we have a start-tag */ -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - #ifdef XML_NS -@@ -740,7 +740,7 @@ PREFIX(scanLt)(const ENCODING *enc, const char *ptr, const char *end, - case BT_S: case BT_CR: case BT_LF: - { - ptr += MINBPC(enc); -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NMSTRT_CASES(enc, ptr, end, nextTokPtr) - case BT_GT: -@@ -785,7 +785,7 @@ static int PTRCALL - PREFIX(contentTok)(const ENCODING *enc, const char *ptr, const char *end, - const char **nextTokPtr) - { -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - if (MINBPC(enc) > 1) { - size_t n = end - ptr; -@@ -832,7 +832,7 @@ PREFIX(contentTok)(const ENCODING *enc, const char *ptr, const char *end, - ptr += MINBPC(enc); - break; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: \ -@@ -895,7 +895,7 @@ PREFIX(scanPercent)(const ENCODING *enc, const char *ptr, const char *end, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_SEMI: -@@ -921,7 +921,7 @@ PREFIX(scanPoundName)(const ENCODING *enc, const char *ptr, const char *end, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_CR: case BT_LF: case BT_S: -@@ -941,7 +941,7 @@ PREFIX(scanLit)(int open, const ENCODING *enc, - const char *ptr, const char *end, - const char **nextTokPtr) - { -- while (ptr != end) { -+ while (ptr < end) { - int t = BYTE_TYPE(enc, ptr); - switch (t) { - INVALID_CASES(ptr, nextTokPtr) -@@ -973,7 +973,7 @@ PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end, - const char **nextTokPtr) - { - int tok; -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - if (MINBPC(enc) > 1) { - size_t n = end - ptr; -@@ -1141,7 +1141,7 @@ PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_GT: case BT_RPAR: case BT_COMMA: -@@ -1204,10 +1204,10 @@ PREFIX(attributeValueTok)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { - const char *start; -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - start = ptr; -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: ptr += n; break; -@@ -1262,10 +1262,10 @@ PREFIX(entityValueTok)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { - const char *start; -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - start = ptr; -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: ptr += n; break; -@@ -1326,7 +1326,7 @@ PREFIX(ignoreSectionTok)(const ENCODING *enc, const char *ptr, - end = ptr + n; - } - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - INVALID_CASES(ptr, nextTokPtr) - case BT_LT: -@@ -1373,7 +1373,7 @@ PREFIX(isPublicId)(const ENCODING *enc, const char *ptr, const char *end, - { - ptr += MINBPC(enc); - end -= MINBPC(enc); -- for (; ptr != end; ptr += MINBPC(enc)) { -+ for (; ptr < end; ptr += MINBPC(enc)) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_DIGIT: - case BT_HEX: -@@ -1760,7 +1760,7 @@ PREFIX(updatePosition)(const ENCODING *enc, - case BT_CR: - pos->lineNumber++; - ptr += MINBPC(enc); -- if (ptr != end && BYTE_TYPE(enc, ptr) == BT_LF) -+ if (ptr < end && BYTE_TYPE(enc, ptr) == BT_LF) - ptr += MINBPC(enc); - pos->columnNumber = (XML_Size)-1; - break; --- -2.8.2 - diff --git a/pkgs/development/libraries/expat/default.nix b/pkgs/development/libraries/expat/default.nix index 1b663fc21a9e..be5772798b4c 100644 --- a/pkgs/development/libraries/expat/default.nix +++ b/pkgs/development/libraries/expat/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl }: stdenv.mkDerivation rec { - name = "expat-2.1.1"; + name = "expat-2.2.0"; src = fetchurl { url = "mirror://sourceforge/expat/${name}.tar.bz2"; - sha256 = "0ryyjgvy7jq0qb7a9mhc1giy3bzn56aiwrs8dpydqngplbjq9xdg"; + sha256 = "1zq4lnwjlw8s9mmachwfvfjf2x3lk24jm41746ykhdcvs7r0zrfr"; }; outputs = [ "dev" "out" ]; # TODO: fix referrers @@ -15,8 +15,6 @@ stdenv.mkDerivation rec { outputMan = "dev"; # tiny page for a dev tool - patches = [ ./CVE-2015-1283-refix.patch ./CVE-2016-0718-v2-2-1.patch ]; - doCheck = true; meta = with stdenv.lib; { From 19e80fa19d01fb0f15d6b99c860c7a9b0de264b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Mon, 27 Jun 2016 17:02:19 +0200 Subject: [PATCH 10/11] pypy: fix pyexpat tests with expat-2.2.0 /cc #16477. /cc @domenKozar (don't know who better), as I still experience test failures of different kind: =================================== FAILURES =================================== _______________________________________ _______________________________________ Traceback (most recent call last): File "/tmp/nix-build-pypy-5.1.1.drv-0/pypy-pypy-b0a649e90b66/pypy/tool/pytest/run-script/regrverbose.py", line 14, in indirect_test() File "/tmp/nix-build-pypy-5.1.1.drv-0/pypy-pypy-b0a649e90b66/lib-python/2.7/test/test_ctypes.py", line 10, in test_main skipped, testcases = ctypes.test.get_tests(ctypes.test, "test_*.py", verbosity=0) File "/tmp/nix-build-pypy-5.1.1.drv-0/pypy-pypy-b0a649e90b66/lib-python/2.7/ctypes/test/__init__.py", line 72, in get_tests mod = __import__(modname, globals(), locals(), ['*']) File "/tmp/nix-build-pypy-5.1.1.drv-0/pypy-pypy-b0a649e90b66/lib-python/2.7/ctypes/test/test_python_api.py", line 9, in from _ctypes import PyObj_FromPtr ImportError: cannot import name 'PyObj_FromPtr' =========================== short test summary info ============================ FAIL lib-python/2.7/test/test_ctypes.py::unmodified 9 tests deselected by '-knot ( test_ssl or test_urllib2net or test_urllibnet or test_urllib2_localnet or test_socket or test_shutil or test_zipfile64 or test_epoll )' ======= 1 failed, 341 passed, 51 skipped, 9 deselected in 550.97 seconds ======= --- pkgs/development/interpreters/pypy/default.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pkgs/development/interpreters/pypy/default.nix b/pkgs/development/interpreters/pypy/default.nix index 708c251e4aff..f07e53e592f5 100644 --- a/pkgs/development/interpreters/pypy/default.nix +++ b/pkgs/development/interpreters/pypy/default.nix @@ -21,6 +21,17 @@ let sha256 = "1dmckvffanmh0b50pq34shnw05r55gjxn43kgvnkz5kkvvsbxdg1"; }; + # http://bugs.python.org/issue27369 + postPatch = let + expatch = fetchurl { + name = "tests-expat-2.2.0.patch"; + url = "http://bugs.python.org/file43514/0001-Fix-Python-2.7.11-tests-for-Expat-2.2.0.patch"; + sha256 = "1j3pa7ly9xrhp8jjwg5l77z7i3y68gx8f8jchqk6zc39d9glq3il"; + }; + in '' + patch lib-python/2.7/test/test_pyexpat.py < '${expatch}' + ''; + buildInputs = [ bzip2 openssl pkgconfig pythonFull libffi ncurses expat sqlite tk tcl xlibsWrapper libX11 makeWrapper gdbm db ] ++ stdenv.lib.optional (stdenv ? cc && stdenv.cc.libc != null) stdenv.cc.libc ++ stdenv.lib.optional zlibSupport zlib; From f4792cdc0cffc0d1843f5d8bb3e458546646f67c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Tue, 28 Jun 2016 09:48:56 +0200 Subject: [PATCH 11/11] make-bootstrap-tools*: fixup after #16406 Our coreutils now uses single-binary-build mode where, by default, simple shebang scripts are used for all the binaries. That doesn't work e.g. with the Linux unpacker which only handles standard binaries and symlinks. Let's use the symlinked mode instead for boostrapping. This does NOT change any stdenv hashes. I only tested the case most important to me: $ nix-build pkgs/top-level/release.nix -A stdenvBootstrapTools.x86_64-linux.test --- pkgs/stdenv/darwin/make-bootstrap-tools.nix | 6 ++++-- pkgs/stdenv/linux/make-bootstrap-tools-cross.nix | 4 +++- pkgs/stdenv/linux/make-bootstrap-tools.nix | 4 +++- pkgs/tools/misc/coreutils/default.nix | 5 ++++- 4 files changed, 14 insertions(+), 5 deletions(-) diff --git a/pkgs/stdenv/darwin/make-bootstrap-tools.nix b/pkgs/stdenv/darwin/make-bootstrap-tools.nix index 40f26dc2450b..43775d0350b8 100644 --- a/pkgs/stdenv/darwin/make-bootstrap-tools.nix +++ b/pkgs/stdenv/darwin/make-bootstrap-tools.nix @@ -3,9 +3,11 @@ with import ../../.. { inherit system; }; rec { - # We want coreutils without ACL support. - coreutils_ = coreutils.override (orig: { + coreutils_ = coreutils.override (args: { + # We want coreutils without ACL support. aclSupport = false; + # Our tooling currently can't handle scripts in bin/, only ELFs and symlinks. + singleBinary = "symlinks"; }); build = stdenv.mkDerivation { diff --git a/pkgs/stdenv/linux/make-bootstrap-tools-cross.nix b/pkgs/stdenv/linux/make-bootstrap-tools-cross.nix index 16099dfb3d39..6dfe1bf41e4f 100644 --- a/pkgs/stdenv/linux/make-bootstrap-tools-cross.nix +++ b/pkgs/stdenv/linux/make-bootstrap-tools-cross.nix @@ -87,9 +87,11 @@ in rec { - # We want coreutils without ACL support. coreutilsMinimal = (pkgs.coreutils.override (args: { + # We want coreutils without ACL support. aclSupport = false; + # Our tooling currently can't handle scripts in bin/, only ELFs and symlinks. + singleBinary = "symlinks"; })).crossDrv; curlMinimal = (pkgs.curl.override { diff --git a/pkgs/stdenv/linux/make-bootstrap-tools.nix b/pkgs/stdenv/linux/make-bootstrap-tools.nix index 8ffeebaa962e..866906662aea 100644 --- a/pkgs/stdenv/linux/make-bootstrap-tools.nix +++ b/pkgs/stdenv/linux/make-bootstrap-tools.nix @@ -5,9 +5,11 @@ with import ../../.. {inherit system;}; rec { - # We want coreutils without ACL support. coreutilsMinimal = coreutils.override (args: { + # We want coreutils without ACL support. aclSupport = false; + # Our tooling currently can't handle scripts in bin/, only ELFs and symlinks. + singleBinary = "symlinks"; }); tarMinimal = gnutar.override { acl = null; }; diff --git a/pkgs/tools/misc/coreutils/default.nix b/pkgs/tools/misc/coreutils/default.nix index d08dd303341b..4ed43a189882 100644 --- a/pkgs/tools/misc/coreutils/default.nix +++ b/pkgs/tools/misc/coreutils/default.nix @@ -3,6 +3,7 @@ , selinuxSupport? false, libselinux ? null, libsepol ? null , autoconf, automake114x, texinfo , withPrefix ? false +, singleBinary ? true # you can also pass "symlinks", for example }: assert aclSupport -> acl != null; @@ -30,7 +31,9 @@ let outputs = [ "out" "info" ]; nativeBuildInputs = [ perl xz.bin ]; - configureFlags = [ "--enable-single-binary" ] + configureFlags = + optional (singleBinary != false) + ("--enable-single-binary" + optionalString (isString singleBinary) "=${singleBinary}") ++ optional stdenv.isSunOS "ac_cv_func_inotify_init=no"; buildInputs = [ gmp ]