summary refs log tree commit diff
path: root/pkgs/development/libraries/libunwind
diff options
context:
space:
mode:
authorVladimír Čunát <vcunat@gmail.com>2015-09-01 20:33:27 +0200
committerVladimír Čunát <vcunat@gmail.com>2015-09-02 05:23:55 +0200
commit2dccca399c9a6d96c4d5344c1f0af29d8d8a2c9f (patch)
tree0bf11c16c74322caa953847597c099c64690cffd /pkgs/development/libraries/libunwind
parent54c4aab6621662e7d8f386c1da53107d56813e32 (diff)
downloadnixpkgs-2dccca399c9a6d96c4d5344c1f0af29d8d8a2c9f.tar
nixpkgs-2dccca399c9a6d96c4d5344c1f0af29d8d8a2c9f.tar.gz
nixpkgs-2dccca399c9a6d96c4d5344c1f0af29d8d8a2c9f.tar.bz2
nixpkgs-2dccca399c9a6d96c4d5344c1f0af29d8d8a2c9f.tar.lz
nixpkgs-2dccca399c9a6d96c4d5344c1f0af29d8d8a2c9f.tar.xz
nixpkgs-2dccca399c9a6d96c4d5344c1f0af29d8d8a2c9f.tar.zst
nixpkgs-2dccca399c9a6d96c4d5344c1f0af29d8d8a2c9f.zip
libunwind: security fix for CVE-2015-3239
Thanks to the monitor. Low security and high rebuild impact, but still...
Diffstat (limited to 'pkgs/development/libraries/libunwind')
-rw-r--r--pkgs/development/libraries/libunwind/cve-2015-3239.patch15
-rw-r--r--pkgs/development/libraries/libunwind/default.nix6
2 files changed, 18 insertions, 3 deletions
diff --git a/pkgs/development/libraries/libunwind/cve-2015-3239.patch b/pkgs/development/libraries/libunwind/cve-2015-3239.patch
new file mode 100644
index 00000000000..247b2dab44f
--- /dev/null
+++ b/pkgs/development/libraries/libunwind/cve-2015-3239.patch
@@ -0,0 +1,15 @@
+http://git.savannah.gnu.org/cgit/libunwind.git/commit/?id=396b6c7ab737e2bff244d640601c436a26260ca1
+
+diff --git a/include/dwarf_i.h b/include/dwarf_i.h
+index 0e72845..86dcdb8 100644
+--- a/include/dwarf_i.h
++++ b/include/dwarf_i.h
+@@ -20,7 +20,7 @@
+ extern const uint8_t dwarf_to_unw_regnum_map[DWARF_REGNUM_MAP_LENGTH];
+ /* REG is evaluated multiple times; it better be side-effects free!  */
+ # define dwarf_to_unw_regnum(reg)					  \
+-  (((reg) <= DWARF_REGNUM_MAP_LENGTH) ? dwarf_to_unw_regnum_map[reg] : 0)
++  (((reg) < DWARF_REGNUM_MAP_LENGTH) ? dwarf_to_unw_regnum_map[reg] : 0)
+ #endif
+ 
+ #ifdef UNW_LOCAL_ONLY
diff --git a/pkgs/development/libraries/libunwind/default.nix b/pkgs/development/libraries/libunwind/default.nix
index 91895114ea0..ecaa643b143 100644
--- a/pkgs/development/libraries/libunwind/default.nix
+++ b/pkgs/development/libraries/libunwind/default.nix
@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation rec {
   name = "libunwind-1.1";
-  
+
   src = fetchurl {
     url = "mirror://savannah/libunwind/${name}.tar.gz";
     sha256 = "16nhx2pahh9d62mvszc88q226q5lwjankij276fxwrm8wb50zzlx";
   };
 
-  patches = [ ./libunwind-1.1-lzma.patch ];
+  patches = [ ./libunwind-1.1-lzma.patch ./cve-2015-3239.patch ];
 
   postPatch = ''
     sed -i -e '/LIBLZMA/s:-lzma:-llzma:' configure
@@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
       sed -i 's,-llzma,${xz}/lib/liblzma.la,' $file
     done
   '';
-  
+
   meta = with stdenv.lib; {
     homepage = http://www.nongnu.org/libunwind;
     description = "A portable and efficient API to determine the call-chain of a program";
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-05 05:56:17 +0000