3 files changed, 66 insertions, 0 deletions

diff --git a/pkgs/applications/emulators/zsnes/default.nix b/pkgs/applications/emulators/zsnes/default.nix
index 1583777a058..8e12d7cd7bb 100644
--- a/pkgs/applications/emulators/zsnes/default.nix
+++ b/pkgs/applications/emulators/zsnes/default.nix
@@ -23,6 +23,11 @@ in stdenv.mkDerivation {
     sha256 = "1gy79d5wdaacph0cc1amw7mqm7i0716n6mvav16p1svi26iz193v";
   };
 
+  patches = [
+    ./zlib-1.3.patch
+    ./fortify3.patch
+  ];
+
   buildInputs = [ nasm SDL zlib libpng ncurses libGLU libGL ];
 
   prePatch = ''
diff --git a/pkgs/applications/emulators/zsnes/fortify3.patch b/pkgs/applications/emulators/zsnes/fortify3.patch
new file mode 100644
index 00000000000..cbd55a1c7af
--- /dev/null
+++ b/pkgs/applications/emulators/zsnes/fortify3.patch
@@ -0,0 +1,20 @@
+pal16bxcl is an array of 256 dwords, not bytes:
+    src/endmem.asm:NEWSYM pal16bxcl, resd 256
+
+While at it fixes off-by-4 out of bounds exit.
+
+Detected by _FORTIFY_SOURCE=3:
+    *** buffer overflow detected ***: terminated
+    #7  0x08057c14 in memset (__len=2, __ch=255, __dest=<optimized out>) at ...-glibc-2.38-23-dev/include/bits/string_fortified.h:59
+#8  clearmem () at initc.c:1461
+--- a/src/initc.c
++++ b/src/initc.c
+@@ -1389,7 +1389,7 @@ extern unsigned char vidmemch8[4096];
+ extern unsigned char pal16b[1024];
+ extern unsigned char pal16bcl[1024];
+ extern unsigned char pal16bclha[1024];
+-extern unsigned char pal16bxcl[256];
++extern unsigned char pal16bxcl[1024];
+ extern unsigned char SPCRAM[65472];
+ unsigned char *SPCState = SPCRAM;
+ 
diff --git a/pkgs/applications/emulators/zsnes/zlib-1.3.patch b/pkgs/applications/emulators/zsnes/zlib-1.3.patch
new file mode 100644
index 00000000000..0c4771f0892
--- /dev/null
+++ b/pkgs/applications/emulators/zsnes/zlib-1.3.patch
@@ -0,0 +1,41 @@
+Add support for 2-digit zlib version like "1.3".
+--- a/src/acinclude.m4
++++ b/src/acinclude.m4
+@@ -67,7 +67,7 @@ char* my_strdup (char *str)
+ 
+ int main (int argc, char *argv[])
+ {
+-  int major, minor, micro, zlib_major_version, zlib_minor_version, zlib_micro_version;
++  int major, minor, micro, zlib_major_version, zlib_minor_version, zlib_micro_version = 0;
+ 
+   char *zlibver, *tmp_version;
+ 
+@@ -85,7 +85,7 @@ int main (int argc, char *argv[])
+     printf("%s, bad version string for\n\tmin_zlib_version... ", "$min_zlib_version");
+     exit(1);
+   }
+-  if (sscanf(zlibver, "%d.%d.%d", &zlib_major_version, &zlib_minor_version, &zlib_micro_version) != 3) {
++  if (sscanf(zlibver, "%d.%d.%d", &zlib_major_version, &zlib_minor_version, &zlib_micro_version) != 3 && sscanf(zlibver, "%d.%d", &zlib_major_version, &zlib_minor_version) != 2) {
+     printf("%s, bad version string given\n", zlibver);
+     puts("\tby zlib, sometimes due to very old zlibs that didnt correctly");
+     printf("\tdefine their version. Please upgrade if you are running an\n\told zlib... ");
+--- a/src/configure
++++ b/src/configure
+@@ -3817,7 +3817,7 @@ char* my_strdup (char *str)
+ 
+ int main (int argc, char *argv[])
+ {
+-  int major, minor, micro, zlib_major_version, zlib_minor_version, zlib_micro_version;
++  int major, minor, micro, zlib_major_version, zlib_minor_version, zlib_micro_version = 0;
+ 
+   char *zlibver, *tmp_version;
+ 
+@@ -3835,7 +3835,7 @@ int main (int argc, char *argv[])
+     printf("%s, bad version string for\n\tmin_zlib_version... ", "$min_zlib_version");
+     exit(1);
+   }
+-  if (sscanf(zlibver, "%d.%d.%d", &zlib_major_version, &zlib_minor_version, &zlib_micro_version) != 3) {
++  if (sscanf(zlibver, "%d.%d.%d", &zlib_major_version, &zlib_minor_version, &zlib_micro_version) != 3 && sscanf(zlibver, "%d.%d", &zlib_major_version, &zlib_minor_version) != 2) {
+     printf("%s, bad version string given\n", zlibver);
+     puts("\tby zlib, sometimes due to very old zlibs that didnt correctly");
+     printf("\tdefine their version. Please upgrade if you are running an\n\told zlib... ");