JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into staging

Browse Source
This commit is contained in:
Franz Pletz 2017-11-19 19:39:04 +01:00
commit fa824e6c58
No known key found for this signature in database
GPG Key ID: 846FDED7792617B4
29 changed files with 300 additions and 361 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nixos/modules/services/x11/display-managers/gdm.nix
View File

@ -122,11 +122,8 @@ in
"rc-local.service"
"systemd-machined.service"
"systemd-user-sessions.service"
"getty@tty1.service"
];
systemd.services."getty@tty1".enable = false;
systemd.services.display-manager.conflicts = [ "getty@tty1.service" ];
systemd.services.display-manager.serviceConfig = {
# Restart = "always"; - already defined in xserver.nix
KillMode = "mixed";

1
nixos/release.nix
View File

@ -235,6 +235,7 @@ in rec {
tests.containers-tmpfs = callTest tests/containers-tmpfs.nix {};
tests.containers-hosts = callTest tests/containers-hosts.nix {};
tests.containers-macvlans = callTest tests/containers-macvlans.nix {};
tests.couchdb = callTest tests/couchdb.nix {};
tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; });
tests.docker-edge = hydraJob (import tests/docker-edge.nix { system = "x86_64-linux"; });
tests.dovecot = callTest tests/dovecot.nix {};

56
nixos/tests/couchdb.nix Normal file
View File

@ -0,0 +1,56 @@
import ./make-test.nix ({ pkgs, lib, ...}:
with lib;
{
name = "couchdb";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ fpletz ];
};
nodes = {
couchdb1 =
{ pkgs, config, ... }:
{ environment.systemPackages = with pkgs; [ jq ];
services.couchdb.enable = true;
};
couchdb2 =
{ pkgs, config, ... }:
{ environment.systemPackages = with pkgs; [ jq ];
services.couchdb.enable = true;
services.couchdb.package = pkgs.couchdb2;
};
};
testScript = let
curlJqCheck = action: path: jqexpr: result:
pkgs.writeScript "curl-jq-check-${action}-${path}.sh" ''
RESULT=$(curl -X ${action} http://127.0.0.1:5984/${path} | jq -r '${jqexpr}')
echo $RESULT >&2
if [ "$RESULT" != "${result}" ]; then
exit 1
fi
'';
in ''
startAll;
$couchdb1->waitForUnit("couchdb.service");
$couchdb1->waitUntilSucceeds("${curlJqCheck "GET" "" ".couchdb" "Welcome"}");
$couchdb1->waitUntilSucceeds("${curlJqCheck "GET" "_all_dbs" ". | length" "2"}");
$couchdb1->succeed("${curlJqCheck "PUT" "foo" ".ok" "true"}");
$couchdb1->succeed("${curlJqCheck "GET" "_all_dbs" ". | length" "3"}");
$couchdb1->succeed("${curlJqCheck "DELETE" "foo" ".ok" "true"}");
$couchdb1->succeed("${curlJqCheck "GET" "_all_dbs" ". | length" "2"}");
$couchdb2->waitForUnit("couchdb.service");
$couchdb2->waitUntilSucceeds("${curlJqCheck "GET" "" ".couchdb" "Welcome"}");
$couchdb2->waitUntilSucceeds("${curlJqCheck "GET" "_all_dbs" ". | length" "0"}");
$couchdb2->succeed("${curlJqCheck "PUT" "foo" ".ok" "true"}");
$couchdb2->succeed("${curlJqCheck "GET" "_all_dbs" ". | length" "1"}");
$couchdb2->succeed("${curlJqCheck "DELETE" "foo" ".ok" "true"}");
$couchdb2->succeed("${curlJqCheck "GET" "_all_dbs" ". | length" "0"}");
'';
})

4
pkgs/applications/editors/geany/default.nix
View File

@ -3,7 +3,7 @@
with stdenv.lib;
let
version = "1.31";
version = "1.32";
in
stdenv.mkDerivation rec {
@ -11,7 +11,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "http://download.geany.org/${name}.tar.bz2";
sha256 = "30fdb906bb76c4251a8bcf83ee267db28c26ef6ab867668a782cec1164a3aba5";
sha256 = "8b7be10b95d0614eb07f845ba2280f7c026eacd5739d8fac4d5d26606f8c3c2d";
};
NIX_LDFLAGS = if stdenv.isDarwin then "-lintl" else null;

4
pkgs/applications/networking/cluster/minikube/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, buildGoPackage, fetchFromGitHub, fetchurl, go-bindata, kubernetes, libvirt, qemu, docker-machine-kvm,
gpgme, makeWrapper }:
gpgme, makeWrapper, hostPlatform, vmnet }:
let
binPath = [ kubernetes ]
@ -36,7 +36,7 @@ in buildGoPackage rec {
# kubernetes is here only to shut up a loud warning when generating the completions below. minikube checks very eagerly
# that kubectl is on the $PATH, even if it doesn't use it at all to generate the completions
buildInputs = [ go-bindata makeWrapper kubernetes gpgme ];
buildInputs = [ go-bindata makeWrapper kubernetes gpgme ] ++ stdenv.lib.optional hostPlatform.isDarwin vmnet;
subPackages = [ "cmd/minikube" ];
preBuild = ''

4
pkgs/applications/networking/corebird/default.nix
View File

@ -3,14 +3,14 @@
, glib_networking }:
stdenv.mkDerivation rec {
version = "1.7.1";
version = "1.7.2";
name = "corebird-${version}";
src = fetchFromGitHub {
owner = "baedert";
repo = "corebird";
rev = version;
sha256 = "1g6wkzrl6j0mmgafpv0jpqa906s1x7p5hmiqdgs9qwm7q2wlwrqd";
sha256 = "0mydxxga4h1663xchb3543rk3k8frlmlyy5wz20zh38fpdlkhyf1";
};
preConfigure = ''

4
pkgs/applications/networking/gmailieer/default.nix
View File

@ -2,13 +2,13 @@
python3Packages.buildPythonApplication rec {
name = "gmailieer";
version = "0.3";
version = "0.4";
src = fetchFromGitHub {
owner = "gauteh";
repo = "gmailieer";
rev = "v${version}";
sha256 = "1app783gf0p9p196nqsgbyl6s1bp304dfav86fqiq86h1scld787";
sha256 = "0vpc8nrh3cx91pcw45jjr2jllkqbx6w2khq7nyqv59gc4q5mz0p2";
};
propagatedBuildInputs = with python3Packages; [

4
pkgs/applications/networking/mailreaders/notmuch/default.nix
View File

@ -12,7 +12,7 @@
with stdenv.lib;
stdenv.mkDerivation rec {
version = "0.25";
version = "0.25.2";
name = "notmuch-${version}";
passthru = {
@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "http://notmuchmail.org/releases/${name}.tar.gz";
sha256 = "02z6d87ip1hkipz8d7w0sfklg8dd5fd5vlgp768640ixg0gqvlk5";
sha256 = "0ai6vbs9wzwfz7jcphgqsqpcbq137l34xhmcli4h5c8n82fvmdp4";
};
nativeBuildInputs = [ pkgconfig ];

1
pkgs/desktops/gnome-3/core/gdm/default.nix
View File

@ -14,6 +14,7 @@ stdenv.mkDerivation rec {
configureFlags = [ "--sysconfdir=/etc"
"--localstatedir=/var"
"--with-plymouth=yes"
"--with-initial-vt=7"
"--with-systemdsystemunitdir=$(out)/etc/systemd/system" ];
nativeBuildInputs = [ autoreconfHook pkgconfig ];

53
pkgs/development/libraries/audiofile/default.nix
View File

@ -1,4 +1,14 @@
{ stdenv, fetchurl, alsaLib, AudioUnit, CoreServices }:
{ stdenv, fetchurl, fetchpatch, alsaLib, AudioUnit, CoreServices }:
let
fetchDebianPatch = { name, debname, sha256 }:
fetchpatch {
inherit sha256 name;
url = "https://anonscm.debian.org/cgit/pkg-multimedia/audiofile.git/plain/debian/patches/${debname}?h=debian/0.3.6-4";
};
in
stdenv.mkDerivation rec {
name = "audiofile-0.3.6";
@ -15,7 +25,46 @@ stdenv.mkDerivation rec {
sha256 = "0rb927zknk9kmhprd8rdr4azql4gn2dp75a36iazx2xhkbqhvind";
};
patches = [ ./CVE-2015-7747.patch ./gcc-6.patch ];
patches = [
./gcc-6.patch
./CVE-2015-7747.patch
(fetchDebianPatch {
name = "CVE-2017-6829.patch";
debname = "04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch";
sha256 = "04qxl51i64c53v69q2kx61qdq474f4vapk8rq97cipj7yrar392m";
})
(fetchDebianPatch {
name = "CVE-2017-6827+CVE-2017-6828+CVE-2017-6832+CVE-2017-6835+CVE-2017-6837.patch";
debname = "05_Always-check-the-number-of-coefficients.patch";
sha256 = "1ih03kfkabffi6ymp6832q470i28rsds78941vzqlshnqjb2nnxw";
})
(fetchDebianPatch {
name = "CVE-2017-6839.patch";
debname = "06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch";
sha256 = "0a8s2z8rljlj03p7l1is9s4fml8vyzvyvfrh1m6xj5a8vbi635d0";
})
(fetchDebianPatch {
name = "CVE-2017-6830+CVE-2017-6834+CVE-2017-6836+CVE-2017-6838.patch";
debname = "07_Check-for-multiplication-overflow-in-sfconvert.patch";
sha256 = "0rfba8rkasl5ycvc0kqlzinkl3rvyrrjvjhpc45h423wmjk2za2l";
})
(fetchDebianPatch {
name = "audiofile-fix-multiplyCheckOverflow-signature.patch";
debname = "08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch";
sha256 = "032p5jqp7q7jgc5axdnazz00zm7hd26z6m5j55ifs0sykr5lwldb";
})
(fetchDebianPatch {
name = "CVE-2017-6831.patch";
debname = "09_Actually-fail-when-error-occurs-in-parseFormat.patch";
sha256 = "0csikmj8cbiy6cigg0rmh67jrr0sgm56dfrnrxnac3m9635nxlac";
})
(fetchDebianPatch {
name = "CVE-2017-6833.patch";
debname = "10_Check-for-division-by-zero-in-BlockCodec-runPull.patch";
sha256 = "1rlislkjawq98bbcf1dgl741zd508wwsg85r37ca7pfdf6wgl6z7";
})
];
meta = with stdenv.lib; {
description = "Library for reading and writing audio files in various formats";

29
pkgs/development/libraries/libsndfile/default.nix
View File

@ -11,25 +11,30 @@ stdenv.mkDerivation rec {
};
patches = [
# CVE-2017-12562
(fetchurl {
url = "https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8.patch";
sha256 = "1jg3wq30wdn9nv52mcyv6jyi4d80h4r1h9p96czcria7l91yh4sy";
name = "CVE-2017-12562.patch";
url = "https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8.patch";
sha256 = "1jg3wq30wdn9nv52mcyv6jyi4d80h4r1h9p96czcria7l91yh4sy";
})
# CVE-2017-6892
(fetchurl {
url = "https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748.patch";
sha256 = "05xkmz2ihc1zcj73sbmj1ikrv9qlcym2bkp1v6ak7w53ky619mwq";
name = "CVE-2017-6892.patch";
url = "https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748.patch";
sha256 = "05xkmz2ihc1zcj73sbmj1ikrv9qlcym2bkp1v6ak7w53ky619mwq";
})
# CVE-2017-8361, CVE-2017-8363, CVE-2017-8363
(fetchurl {
url = "https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3.patch";
sha256 = "0ccndnvjzx5fw18zvy03vnb29rr81h5vsh1m16msqbxk8ibndln2";
name = "CVE-2017-8361+CVE-2017-8363+CVE-2017-8365.patch";
url = "https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3.patch";
sha256 = "0ccndnvjzx5fw18zvy03vnb29rr81h5vsh1m16msqbxk8ibndln2";
})
# CVE-2017-8362
(fetchurl {
url = "https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808.patch";
sha256 = "1xyv30ga71cpy4wx5f76sc4dma91la2lcc6s9f3pk9rndyi7gj9x";
name = "CVE-2017-8362.patch";
url = "https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808.patch";
sha256 = "1xyv30ga71cpy4wx5f76sc4dma91la2lcc6s9f3pk9rndyi7gj9x";
})
(fetchurl {
name = "CVE-2017-14634.patch";
url = "https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788.patch";
sha256 = "0kc7vp22qsxidhvmlc6nfamw7k92n0hcfpmwhb3gaksjamwhb2df";
})
];

37
pkgs/development/libraries/openjpeg/2.1.nix
View File

@ -1,37 +1,8 @@
{ callPackage, fetchpatch, ... } @ args:
callPackage ./generic.nix (args // rec {
version = "2.1.2";
branch = "2.1";
revision = "v2.1.2";
sha256 = "0kdcl9sqjz0vagli4ad6bxq1r8ma086m0prpkm5x3dxp37hpjp8h";
patches = [
# Fetched from https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
# Referenced from https://bugzilla.redhat.com/show_bug.cgi?id=1405135
# Put in our source code to make sure we don't lose it, since that
# referenced commit is someone else's fork, and not actually up-stream.
./CVE-2016-9580-and-CVE-2016-9581.patch
(fetchpatch {
url = "https://bugzilla.suse.com/attachment.cgi?id=707359&action=diff&context=patch&collapsed=&headers=1&format=raw";
name = "CVE-2016-9112.patch";
sha256 = "18hqx73wdzfybr5n5k6pzhbhdlmawiqbjci8n82zykxiyfgp18pd";
})
(fetchpatch {
url = "https://bugzilla.suse.com/attachment.cgi?id=707354&action=diff&context=patch&collapsed=&headers=1&format=raw";
name = "CVE-2016-9114.patch";
sha256 = "0qam3arw9kdbh4501xim2pyldl708dnpyjwvjmwc9gc7hcq4gfi3";
})
(fetchpatch {
url = "https://bugzilla.suse.com/attachment.cgi?id=707356&action=diff&context=patch&collapsed=&headers=1&format=raw";
name = "CVE-2016-9116.patch";
sha256 = "0yyb3pxqi5sr44a48bacngzp206j4z49lzkg6hbkz1nra9na61a3";
})
(fetchpatch {
url = "https://bugzilla.suse.com/attachment.cgi?id=707358&action=diff&context=patch&collapsed=&headers=1&format=raw";
name = "CVE-2016-9118.patch";
sha256 = "125n8bmh07y7697s0y82ypb39rxgj0bdn8rcywbvamscagwg2wy9";
})
];
version = "2.3.0";
branch = "2.3";
revision = "v${version}";
sha256 = "08plxrnfl33sn2vh5nwbsngyv6b1sfpplvx881crm1v1ai10m2lz";
})

242
pkgs/development/libraries/openjpeg/CVE-2016-9580-and-CVE-2016-9581.patch
View File

@ -1,242 +0,0 @@
From cadff5fb6e73398de26a92e96d3d7cac893af255 Mon Sep 17 00:00:00 2001
From: szukw000 <szukw000@arcor.de>
Date: Fri, 9 Dec 2016 08:29:55 +0100
Subject: [PATCH] These changes repair bugs of #871 and #872
---
src/bin/jp2/converttif.c | 107 +++++++++++++++++++++++++++++++----------------
1 file changed, 70 insertions(+), 37 deletions(-)
diff --git a/src/bin/jp2/converttif.c b/src/bin/jp2/converttif.c
index 143d3be..c690f8b 100644
--- a/src/bin/jp2/converttif.c
+++ b/src/bin/jp2/converttif.c
@@ -553,20 +553,18 @@ static void tif_32sto16u(const OPJ_INT32* pSrc, OPJ_UINT16* pDst, OPJ_SIZE_T len
int imagetotif(opj_image_t * image, const char *outfile)
{
- int width, height;
- int bps,adjust, sgnd;
- int tiPhoto;
+ uint32 width, height, bps, tiPhoto;
+ int adjust, sgnd;
TIFF *tif;
tdata_t buf;
- tsize_t strip_size;
+ tmsize_t strip_size, rowStride;
OPJ_UINT32 i, numcomps;
- OPJ_SIZE_T rowStride;
OPJ_INT32* buffer32s = NULL;
OPJ_INT32 const* planes[4];
convert_32s_PXCX cvtPxToCx = NULL;
convert_32sXXx_C1R cvt32sToTif = NULL;
- bps = (int)image->comps[0].prec;
+ bps = (uint32)image->comps[0].prec;
planes[0] = image->comps[0].data;
numcomps = image->numcomps;
@@ -674,13 +672,13 @@ int imagetotif(opj_image_t * image, const char *outfile)
break;
}
sgnd = (int)image->comps[0].sgnd;
- adjust = sgnd ? 1 << (image->comps[0].prec - 1) : 0;
- width = (int)image->comps[0].w;
- height = (int)image->comps[0].h;
+ adjust = sgnd ? (int)(1 << (image->comps[0].prec - 1)) : 0;
+ width = (uint32)image->comps[0].w;
+ height = (uint32)image->comps[0].h;
TIFFSetField(tif, TIFFTAG_IMAGEWIDTH, width);
TIFFSetField(tif, TIFFTAG_IMAGELENGTH, height);
- TIFFSetField(tif, TIFFTAG_SAMPLESPERPIXEL, numcomps);
+ TIFFSetField(tif, TIFFTAG_SAMPLESPERPIXEL, (uint32)numcomps);
TIFFSetField(tif, TIFFTAG_BITSPERSAMPLE, bps);
TIFFSetField(tif, TIFFTAG_ORIENTATION, ORIENTATION_TOPLEFT);
TIFFSetField(tif, TIFFTAG_PLANARCONFIG, PLANARCONFIG_CONTIG);
@@ -688,8 +686,8 @@ int imagetotif(opj_image_t * image, const char *outfile)
TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, 1);
strip_size = TIFFStripSize(tif);
- rowStride = ((OPJ_SIZE_T)width * numcomps * (OPJ_SIZE_T)bps + 7U) / 8U;
- if (rowStride != (OPJ_SIZE_T)strip_size) {
+ rowStride = (width * numcomps * bps + 7U) / 8U;
+ if (rowStride != strip_size) {
fprintf(stderr, "Invalid TIFF strip size\n");
TIFFClose(tif);
return 1;
@@ -699,7 +697,7 @@ int imagetotif(opj_image_t * image, const char *outfile)
TIFFClose(tif);
return 1;
}
- buffer32s = (OPJ_INT32 *)malloc((OPJ_SIZE_T)width * numcomps * sizeof(OPJ_INT32));
+ buffer32s = (OPJ_INT32 *)malloc((OPJ_SIZE_T)(width * numcomps * sizeof(OPJ_INT32)));
if (buffer32s == NULL) {
_TIFFfree(buf);
TIFFClose(tif);
@@ -1211,20 +1209,19 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
TIFF *tif;
tdata_t buf;
tstrip_t strip;
- tsize_t strip_size;
+ tmsize_t strip_size;
int j, currentPlane, numcomps = 0, w, h;
OPJ_COLOR_SPACE color_space = OPJ_CLRSPC_UNKNOWN;
opj_image_cmptparm_t cmptparm[4]; /* RGBA */
opj_image_t *image = NULL;
int has_alpha = 0;
- unsigned short tiBps, tiPhoto, tiSf, tiSpp, tiPC;
- unsigned int tiWidth, tiHeight;
+ uint32 tiBps, tiPhoto, tiSf, tiSpp, tiPC, tiWidth, tiHeight;
OPJ_BOOL is_cinema = OPJ_IS_CINEMA(parameters->rsiz);
convert_XXx32s_C1R cvtTifTo32s = NULL;
convert_32s_CXPX cvtCxToPx = NULL;
OPJ_INT32* buffer32s = NULL;
OPJ_INT32* planes[4];
- OPJ_SIZE_T rowStride;
+ tmsize_t rowStride;
tif = TIFFOpen(filename, "r");
@@ -1243,22 +1240,35 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
TIFFGetField(tif, TIFFTAG_SAMPLESPERPIXEL, &tiSpp);
TIFFGetField(tif, TIFFTAG_PHOTOMETRIC, &tiPhoto);
TIFFGetField(tif, TIFFTAG_PLANARCONFIG, &tiPC);
- w= (int)tiWidth;
- h= (int)tiHeight;
-
- if(tiBps > 16U) {
- fprintf(stderr,"tiftoimage: Bits=%d, Only 1 to 16 bits implemented\n",tiBps);
- fprintf(stderr,"\tAborting\n");
+
+ if(tiSpp == 0 || tiSpp > 4) { /* should be 1 ... 4 */
+ fprintf(stderr,"tiftoimage: Bad value for samples per pixel == %hu.\n"
+ "\tAborting.\n", tiSpp);
+ TIFFClose(tif);
+ return NULL;
+ }
+ if(tiBps > 16U || tiBps == 0) {
+ fprintf(stderr,"tiftoimage: Bad values for Bits == %d.\n"
+ "\tMax. 16 Bits are allowed here.\n\tAborting.\n",tiBps);
TIFFClose(tif);
return NULL;
}
if(tiPhoto != PHOTOMETRIC_MINISBLACK && tiPhoto != PHOTOMETRIC_RGB) {
- fprintf(stderr,"tiftoimage: Bad color format %d.\n\tOnly RGB(A) and GRAY(A) has been implemented\n",(int) tiPhoto);
+ fprintf(stderr,"tiftoimage: Bad color format %d.\n"
+ "\tOnly RGB(A) and GRAY(A) has been implemented\n",(int) tiPhoto);
fprintf(stderr,"\tAborting\n");
TIFFClose(tif);
return NULL;
}
-
+ if(tiWidth == 0 || tiHeight == 0) {
+ fprintf(stderr,"tiftoimage: Bad values for width(%u) "
+ "and/or height(%u)\n\tAborting.\n",tiWidth,tiHeight);
+ TIFFClose(tif);
+ return NULL;
+ }
+ w= (int)tiWidth;
+ h= (int)tiHeight;
+
switch (tiBps) {
case 1:
case 2:
@@ -1312,7 +1322,7 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
TIFFGetFieldDefaulted(tif, TIFFTAG_EXTRASAMPLES,
&extrasamples, &sampleinfo);
-
+
if(extrasamples >= 1)
{
switch(sampleinfo[0])
@@ -1333,7 +1343,7 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
else /* extrasamples == 0 */
if(tiSpp == 4 || tiSpp == 2) has_alpha = 1;
}
-
+
/* initialize image components */
memset(&cmptparm[0], 0, 4 * sizeof(opj_image_cmptparm_t));
@@ -1346,7 +1356,7 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
} else {
is_cinema = 0U;
}
-
+
if(tiPhoto == PHOTOMETRIC_RGB) /* RGB(A) */
{
numcomps = 3 + has_alpha;
@@ -1384,10 +1394,24 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
image->x0 = (OPJ_UINT32)parameters->image_offset_x0;
image->y0 = (OPJ_UINT32)parameters->image_offset_y0;
image->x1 = !image->x0 ? (OPJ_UINT32)(w - 1) * (OPJ_UINT32)subsampling_dx + 1 :
- image->x0 + (OPJ_UINT32)(w - 1) * (OPJ_UINT32)subsampling_dx + 1;
+ image->x0 + (OPJ_UINT32)(w - 1) * (OPJ_UINT32)subsampling_dx + 1;
+ if(image->x1 <= image->x0) {
+ fprintf(stderr,"tiftoimage: Bad value for image->x1(%d) vs. "
+ "image->x0(%d)\n\tAborting.\n",image->x1,image->x0);
+ TIFFClose(tif);
+ opj_image_destroy(image);
+ return NULL;
+ }
image->y1 = !image->y0 ? (OPJ_UINT32)(h - 1) * (OPJ_UINT32)subsampling_dy + 1 :
- image->y0 + (OPJ_UINT32)(h - 1) * (OPJ_UINT32)subsampling_dy + 1;
-
+ image->y0 + (OPJ_UINT32)(h - 1) * (OPJ_UINT32)subsampling_dy + 1;
+ if(image->y1 <= image->y0) {
+ fprintf(stderr,"tiftoimage: Bad value for image->y1(%d) vs. "
+ "image->y0(%d)\n\tAborting.\n",image->y1,image->y0);
+ TIFFClose(tif);
+ opj_image_destroy(image);
+ return NULL;
+ }
+
for(j = 0; j < numcomps; j++)
{
planes[j] = image->comps[j].data;
@@ -1395,15 +1419,15 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
image->comps[numcomps - 1].alpha = (OPJ_UINT16)(1 - (numcomps & 1));
strip_size = TIFFStripSize(tif);
-
+
buf = _TIFFmalloc(strip_size);
if (buf == NULL) {
TIFFClose(tif);
opj_image_destroy(image);
return NULL;
}
- rowStride = ((OPJ_SIZE_T)w * tiSpp * tiBps + 7U) / 8U;
- buffer32s = (OPJ_INT32 *)malloc((OPJ_SIZE_T)w * tiSpp * sizeof(OPJ_INT32));
+ rowStride = (w * tiSpp * tiBps + 7U) / 8U;
+ buffer32s = (OPJ_INT32 *)malloc((OPJ_SIZE_T)(w * tiSpp * sizeof(OPJ_INT32)));
if (buffer32s == NULL) {
_TIFFfree(buf);
TIFFClose(tif);
@@ -1421,11 +1445,20 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
for(; (h > 0) && (strip < TIFFNumberOfStrips(tif)); strip++)
{
const OPJ_UINT8 *dat8;
- OPJ_SIZE_T ssize;
+ tmsize_t ssize;
- ssize = (OPJ_SIZE_T)TIFFReadEncodedStrip(tif, strip, buf, strip_size);
+ ssize = TIFFReadEncodedStrip(tif, strip, buf, strip_size);
+ if(ssize < 1 || ssize > strip_size) {
+ fprintf(stderr,"tiftoimage: Bad value for ssize(%ld) "
+ "vs. strip_size(%ld).\n\tAborting.\n",ssize,strip_size);
+ _TIFFfree(buf);
+ _TIFFfree(buffer32s);
+ TIFFClose(tif);
+ opj_image_destroy(image);
+ return NULL;
+ }
dat8 = (const OPJ_UINT8*)buf;
-
+
while (ssize >= rowStride) {
cvtTifTo32s(dat8, buffer32s, (OPJ_SIZE_T)w * tiSpp);
cvtCxToPx(buffer32s, planes, (OPJ_SIZE_T)w);

20
pkgs/development/python-modules/pyamf/default.nix Normal file
View File

@ -0,0 +1,20 @@
{ stdenv, fetchPypi, buildPythonPackage, defusedxml }:
buildPythonPackage rec {
name = "${pname}-${version}";
pname = "PyAMF";
version = "0.8.0";
src = fetchPypi {
inherit pname version;
sha256 = "1r3lp9gkph48g9lijby5rs5daa3lhxs204r14zw4kvp3hf4xcm84";
};
propagatedBuildInputs = [ defusedxml ];
meta = with stdenv.lib; {
description = "AMF (Action Message Format) support for Python";
homepage = https://pypi.python.org/pypi/PyAMF;
license = licenses.mit;
};
}

41
pkgs/development/tools/database/schemaspy/default.nix Normal file
View File

@ -0,0 +1,41 @@
{ lib, stdenv, fetchurl, jre, makeWrapper, graphviz }:
stdenv.mkDerivation rec {
version = "6.0.0-rc2";
name = "schemaspy-${version}";
src = fetchurl {
url = "https://github.com/schemaspy/schemaspy/releases/download/v${version}/${name}.jar";
sha256 = "0ph1l62hy163m2hgybhkccqbcj6brna1vdbr7536zc37lzjxq9rn";
};
unpackPhase = "true";
buildInputs = [
jre
];
nativeBuildInputs = [
makeWrapper
];
wrappedPath = lib.makeBinPath [
graphviz
];
installPhase = ''
install -D ${src} "$out/share/java/${name}.jar"
makeWrapper ${jre}/bin/java $out/bin/schemaspy \
--add-flags "-jar $out/share/java/${name}.jar" \
--prefix PATH : "$wrappedPath"
'';
meta = with lib; {
homepage = "http://schemaspy.org";
description = "Document your database simply and easily";
license = licenses.mit;
maintainers = with maintainers; [ jraygauthier ];
};
}

7
pkgs/servers/http/couchdb/2.0.0.nix
View File

@ -3,14 +3,15 @@
stdenv.mkDerivation rec {
name = "couchdb-${version}";
version = "2.0.0";
version = "2.1.1";
src = fetchurl {
url = "mirror://apache/couchdb/source/${version}/apache-${name}.tar.gz";
sha256 = "1jkfx6g9anrgmkhrkcn50axcamragranwsciw1rhmi86rglkrbyc";
sha256 = "1k3v9v05417087b6fcj5yv03wl6i61xqrrhp0prl9b3ir2mmbwnm";
};
buildInputs = [ erlang icu openssl spidermonkey makeWrapper ];
nativeBuildInputs = [ makeWrapper ];
buildInputs = [ erlang icu openssl spidermonkey ];
patches = [ ./jsapi.patch ];
postPatch = ''

22
pkgs/servers/http/couchdb/default.nix
View File

@ -3,30 +3,18 @@
stdenv.mkDerivation rec {
name = "couchdb-${version}";
version = "1.6.1";
version = "1.7.1";
src = fetchurl {
url = "mirror://apache/couchdb/source/${version}/apache-${name}.tar.gz";
sha256 = "09w6ijj9l5jzh81nvc3hrlqp345ajg3haj353g9kxkik6wbinq2s";
sha256 = "1b9cbdrmh1i71mrwvhm17v4cf7lckpil1vvq7lpmxyn6zfk0l84i";
};
buildInputs = [ erlang icu openssl spidermonkey curl help2man sphinx which
file pkgconfig ];
/* This patch removes the `-Werror` flag as there are warnings due to
* _BSD_SOURCE being deprecated in glibc >= 2.20
*/
patchPhase = ''
patch src/couchdb/priv/Makefile.in <<EOF
392c392
< couchjs_CFLAGS = -g -Wall -Werror -D_BSD_SOURCE \$(CURL_CFLAGS) \$(JS_CFLAGS)
---
> couchjs_CFLAGS = -g -Wall -D_BSD_SOURCE \$(CURL_CFLAGS) \$(JS_CFLAGS)
EOF
'';
nativeBuildInputs = [ help2man which file pkgconfig sphinx ];
buildInputs = [ erlang icu openssl spidermonkey curl ];
postInstall = ''
sed -i -e "s|\`getopt|\`${getopt}/bin/getopt|" $out/bin/couchdb
substituteInPlace $out/bin/couchdb --replace getopt "${getopt}/bin/getopt"
'';
/*

4
pkgs/servers/monitoring/zabbix/2.0.nix
View File

@ -5,12 +5,12 @@ assert enableJabber -> minmay != null;
let
version = "2.0.11";
version = "2.0.21";
branch = "2.0";
src = fetchurl {
url = "mirror://sourceforge/zabbix/zabbix-${version}.tar.gz";
sha256 = "1vqxlqwhnz02wrca08vrqbq8k19qp84hbdplmqk7d9699njim46i";
sha256 = "14g22x2zy5xqnh2xg23xy5gjd49d1i8pks7pkidwdwa9acwgfx71";
};
preConfigure =

4
pkgs/servers/monitoring/zabbix/2.2.nix
View File

@ -10,12 +10,12 @@ assert enableJabber -> minmay != null;
let
version = "2.2.16";
version = "2.2.20";
branch = "2.2";
src = fetchurl {
url = "mirror://sourceforge/zabbix/zabbix-${version}.tar.gz";
sha256 = "0hc0y3p8p6pxri7w3n311ry3m5hb440kgwwkiqlihbhsq73xiz1w";
sha256 = "00pfpyj3vydwx9dn0bklh1p5j0bp2awi4hvv4kgliyav8l0416hk";
};
preConfigure =

5
pkgs/servers/owncloud/default.nix
View File

@ -32,11 +32,6 @@ let
in {
owncloud705 = common {
versiona = "7.0.5";
sha256 = "1j21b7ljvbhni9l0b1cpzlhsjy36scyas1l1j222mqdg2srfsi9y";
};
owncloud70 = common {
versiona = "7.0.15";
sha256 = "1b2a0fccxlkqyyzsymx7qw8qbhsks3i6h1ybvxv8nn8hgw33nqv7";

10
pkgs/tools/misc/yle-dl/default.nix
View File

@ -2,16 +2,20 @@
pythonPackages.buildPythonApplication rec {
name = "yle-dl-${version}";
version = "2.20";
version = "2.27";
src = fetchFromGitHub {
owner = "aajanki";
repo = "yle-dl";
rev = version;
sha256 = "06wzv230hfh3w9gs245kff8666bsfbax3ibr5zxj3h5z4qhhf9if";
sha256 = "1wxl074vxy7dlnk3ykcgnk3ms7bwh0zs7b9pxwhx5hsd894c8fpg";
};
pythonPath = [ rtmpdump php ] ++ (with pythonPackages; [ pycrypto ]);
propagatedBuildInputs = with pythonPackages; [ lxml pyamf pycrypto requests ];
pythonPath = [ rtmpdump php ];
doCheck = false; # tests require network access
checkInputs = with pythonPackages; [ pytest pytestrunner ];
meta = with stdenv.lib; {
description = "Downloads videos from Yle (Finnish Broadcasting Company) servers";

2
pkgs/tools/text/bcat/Gemfile Normal file
View File

@ -0,0 +1,2 @@
source 'http://rubygems.org'
gem 'bcat'

15
pkgs/tools/text/bcat/Gemfile.lock Normal file
View File

@ -0,0 +1,15 @@
GEM
remote: http://rubygems.org/
specs:
bcat (0.6.2)
rack (~> 1.0)
rack (1.6.8)
PLATFORMS
ruby
DEPENDENCIES
bcat
BUNDLED WITH
1.15.4

15
pkgs/tools/text/bcat/default.nix Normal file
View File

@ -0,0 +1,15 @@
{ lib, bundlerApp }:
bundlerApp {
pname = "bcat";
gemdir = ./.;
exes = [ "bcat" "btee" "a2h" ];
meta = with lib; {
description = "Pipe to browser utility";
homepage = http://rtomayko.github.com/bcat/;
license = licenses.mit;
maintainers = [ maintainers.jraygauthier ];
platforms = platforms.unix;
};
}

19
pkgs/tools/text/bcat/gemset.nix Normal file
View File

@ -0,0 +1,19 @@
{
bcat = {
dependencies = ["rack"];
source = {
remotes = ["http://rubygems.org"];
sha256 = "0w2wwlngcs7f4lmvifixrb89bjkw2lx8z0nn72w360hz394ic651";
type = "gem";
};
version = "0.6.2";
};
rack = {
source = {
remotes = ["http://rubygems.org"];
sha256 = "19m7aixb2ri7p1n0iqaqx8ldi97xdhvbxijbyrrcdcl6fv5prqza";
type = "gem";
};
version = "1.6.8";
};
}

19
pkgs/tools/text/ruby-zoom/Gemfile.lock
View File

@ -1,16 +1,15 @@
GEM
remote: https://rubygems.org/
specs:
djinni (2.0.1)
fagin (~> 0.1, >= 0.1.2)
ruby-terminfo (~> 0.1, >= 0.1.1)
fagin (0.1.2)
hilighter (0.1.7)
djinni (2.1.1)
fagin (~> 1.0, >= 1.0.0)
fagin (1.0.0)
hilighter (1.1.0)
json_config (0.1.2)
ruby-terminfo (0.1.1)
ruby-zoom (4.1.0)
djinni (~> 2.0, >= 2.0.1)
hilighter (~> 0.1, >= 0.1.3)
ruby-zoom (5.0.1)
djinni (~> 2.1, >= 2.1.1)
fagin (~> 1.0, >= 1.0.0)
hilighter (~> 1.1, >= 1.1.0)
json_config (~> 0.1, >= 0.1.2)
scoobydoo (~> 0.1, >= 0.1.4)
scoobydoo (0.1.4)
@ -22,4 +21,4 @@ DEPENDENCIES
ruby-zoom
BUNDLED WITH
1.13.1
1.14.6

26
pkgs/tools/text/ruby-zoom/gemset.nix
View File

@ -1,27 +1,28 @@
{
djinni = {
dependencies = ["fagin"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0wl4q4qs1nyla5n2b2ys6n3i35gvli8xb8mxz2xv0ik306cikqm6";
sha256 = "00zfgd7zx2p9xjc64xm4iwdxq2bb6n1z09nw815c2f4lvlaq269f";
type = "gem";
};
version = "2.0.1";
version = "2.1.1";
};
fagin = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "17d419vkfr26gdbad97fg2ikskhn82vs3bnxlzd27w6lwyf13qxk";
sha256 = "0jryqrgb5jvz0m7p91c2bhn6gdwxn9jfdaq3cfkirc3y7yfzv131";
type = "gem";
};
version = "0.1.2";
version = "1.0.0";
};
hilighter = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1a9a9clgd6kx63a82msjzi6abznfqivsgmds7qaqwb1dsl1nznbh";
sha256 = "0sy59nfcfk4p1fnrdkipi0mvsj9db17chrx7lb2jg3majbr1wz59";
type = "gem";
};
version = "0.1.7";
version = "1.1.0";
};
json_config = {
source = {
@ -31,21 +32,14 @@
};
version = "0.1.2";
};
ruby-terminfo = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0rl4ic5pzvrpgd42z0c1s2n3j39c9znksblxxvmhkzrc0ckyg2cm";
type = "gem";
};
version = "0.1.1";
};
ruby-zoom = {
dependencies = ["djinni" "fagin" "hilighter" "json_config" "scoobydoo"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "132pk0zp3rayvvbccfs5ksigg9zpflp9734b4r0jz5aimmv2qpvp";
sha256 = "0115kbz6l8srzizs77k9l0585lg93x90kg49jjpan7ssm786q05j";
type = "gem";
};
version = "4.1.0";
version = "5.0.1";
};
scoobydoo = {
source = {

8
pkgs/top-level/all-packages.nix
View File

@ -713,6 +713,8 @@ with pkgs;
bdf2psf = callPackage ../tools/misc/bdf2psf { };
bcat = callPackage ../tools/text/bcat {};
bcache-tools = callPackage ../tools/filesystems/bcache-tools { };
bchunk = callPackage ../tools/cd-dvd/bchunk { };
@ -7602,6 +7604,8 @@ with pkgs;
shellcheck = haskell.lib.justStaticExecutables haskellPackages.ShellCheck;
schemaspy = callPackage ../development/tools/database/schemaspy { };
shncpd = callPackage ../tools/networking/shncpd { };
sigrok-cli = callPackage ../development/tools/sigrok-cli { };
@ -15667,7 +15671,9 @@ with pkgs;
minidjvu = callPackage ../applications/graphics/minidjvu { };
minikube = callPackage ../applications/networking/cluster/minikube { };
minikube = callPackage ../applications/networking/cluster/minikube {
inherit (darwin.apple_sdk.frameworks) vmnet;
};
minitube = callPackage ../applications/video/minitube { };

2
pkgs/top-level/python-packages.nix
View File

@ -220,6 +220,8 @@ in {
pyaes = callPackage ../development/python-modules/pyaes { };
pyamf = callPackage ../development/python-modules/pyamf { };
pyatspi = if isPy3k then callPackage ../development/python-modules/pyatspi { } else throw "pyatspi not supported for interpreter ${python.executable}";
pycairo = callPackage ../development/python-modules/pycairo { };