Merge pull request #3144 from wmertens/source-missing-fixes
Source missing fixes
This commit is contained in:
commit
37e8ebc456
@ -1,23 +1,25 @@
|
||||
{ stdenv, fetchurl }:
|
||||
{ stdenv, fetchgit }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "makeself-2.1.5";
|
||||
src = fetchurl {
|
||||
url = "http://megastep.org/makeself/makeself.run";
|
||||
sha256 = "0khs19xpid4ng0igrjyz3vsi6a5xyixrrrhgdxpdhd2wnf5nc9w2";
|
||||
name = "makeself-2.2.0";
|
||||
src = fetchgit {
|
||||
url = "https://github.com/megastep/makeself.git";
|
||||
rev = "b836b9281ae99abe1865608b065551da56c80719";
|
||||
sha256 = "f7c97f0f8ad8128f2f1b54383319f2cc44cbb05b60ced222784debdf326f23ad";
|
||||
};
|
||||
unpackPhase = "sh ${src}";
|
||||
installPhase = ''
|
||||
cd ${name}
|
||||
mkdir -p $out/{bin,share/{${name},man/man1}}
|
||||
mv makeself.lsm README $out/share/${name}
|
||||
mv makeself.lsm README.md $out/share/${name}
|
||||
mv makeself.sh $out/bin/makeself
|
||||
mv makeself.1 $out/share/man/man1/
|
||||
mv makeself-header.sh $out/share/${name}
|
||||
sed -e 's|HEADER=`dirname $0`/makeself-header.sh|HEADER=`dirname $0`/../share/${name}/makeself-header.sh|' -i $out/bin/makeself
|
||||
'';
|
||||
meta = {
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://megastep.org/makeself;
|
||||
description = "Utility to create self-extracting packages";
|
||||
license = licenses.gpl2;
|
||||
maintainer = maintainers.wmertens;
|
||||
platforms = platforms.all;
|
||||
};
|
||||
}
|
||||
|
@ -11,11 +11,8 @@ stdenv.mkDerivation rec {
|
||||
|
||||
patches = [
|
||||
./alt.patch
|
||||
( fetchurl { # CVE-2012-2738
|
||||
url = "http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/x11-libs/"
|
||||
+ "vte/files/vte-0.28.2-limit-arguments.patch?revision=1.1";
|
||||
sha256 = "1s8agx74wa7wlv9ybd5h3dp4hzf4ddg7piyan37g2ab3fnvg4jhn";
|
||||
} )
|
||||
# CVE-2012-2738
|
||||
./vte-0.28.2-limit-arguments.patch
|
||||
];
|
||||
|
||||
buildInputs = [ intltool pkgconfig glib gtk ncurses ] ++
|
||||
|
@ -0,0 +1,40 @@
|
||||
From feeee4b5832b17641e505b7083e0d299fdae318e Mon Sep 17 00:00:00 2001
|
||||
From: Christian Persch <chpe@gnome.org>
|
||||
Date: Sat, 19 May 2012 17:36:09 +0000
|
||||
Subject: emulation: Limit integer arguments to 65535
|
||||
|
||||
To guard against malicious sequences containing excessively big numbers,
|
||||
limit all parsed numbers to 16 bit range. Doing this here in the parsing
|
||||
routine is a catch-all guard; this doesn't preclude enforcing
|
||||
more stringent limits in the handlers themselves.
|
||||
|
||||
https://bugzilla.gnome.org/show_bug.cgi?id=676090
|
||||
---
|
||||
diff --git a/src/table.c b/src/table.c
|
||||
index 140e8c8..85cf631 100644
|
||||
--- a/src/table.c
|
||||
+++ b/src/table.c
|
||||
@@ -550,7 +550,7 @@ _vte_table_extract_numbers(GValueArray **array,
|
||||
if (G_UNLIKELY (*array == NULL)) {
|
||||
*array = g_value_array_new(1);
|
||||
}
|
||||
- g_value_set_long(&value, total);
|
||||
+ g_value_set_long(&value, CLAMP (total, 0, G_MAXUSHORT));
|
||||
g_value_array_append(*array, &value);
|
||||
} while (i++ < arginfo->length);
|
||||
g_value_unset(&value);
|
||||
diff --git a/src/vteseq.c b/src/vteseq.c
|
||||
index 457c06a..46def5b 100644
|
||||
--- a/src/vteseq.c
|
||||
+++ b/src/vteseq.c
|
||||
@@ -557,7 +557,7 @@ vte_sequence_handler_multiple(VteTerminal *terminal,
|
||||
GValueArray *params,
|
||||
VteTerminalSequenceHandler handler)
|
||||
{
|
||||
- vte_sequence_handler_multiple_limited(terminal, params, handler, G_MAXLONG);
|
||||
+ vte_sequence_handler_multiple_limited(terminal, params, handler, G_MAXUSHORT);
|
||||
}
|
||||
|
||||
static void
|
||||
--
|
||||
cgit v0.9.0.2
|
Loading…
Reference in New Issue
Block a user