lfam pushed a commit to branch wip-ungrafting
in repository guix.
commit e0376cc9a6b1d92d4ea994ca0556b0b8f49799f2
Author: Leo Famulari <l...@famulari.name>
AuthorDate: Mon May 17 11:31:50 2021 -0400
gnu: zziplib: Absorb grafted replacement.
* gnu/packages/compression.scm (zziplib): Update to 0.13.72.
[source]: Remove obsolete patch.
[arguments]: Remove field.
[native-inputs]: Replace python-2 with python.
[build-system]: Use cmake-build-system.
(zziplib/fixed): Remove variable.
* gnu/packages/patches/zziplib-CVE-2018-16548.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
gnu/local.mk | 3 +-
gnu/packages/compression.scm | 62 +++--------------------
gnu/packages/patches/zziplib-CVE-2018-16548.patch | 49 ------------------
3 files changed, 7 insertions(+), 107 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index a5820b5..fde94f6 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1841,8 +1841,7 @@ dist_patch_DATA =
\
%D%/packages/patches/yggdrasil-extra-config.patch \
%D%/packages/patches/ytnef-CVE-2021-3403.patch \
%D%/packages/patches/ytnef-CVE-2021-3404.patch \
- %D%/packages/patches/zstd-CVE-2021-24031_CVE-2021-24032.patch \
- %D%/packages/patches/zziplib-CVE-2018-16548.patch
+ %D%/packages/patches/zstd-CVE-2021-24031_CVE-2021-24032.patch
MISC_DISTRO_FILES = \
%D%/packages/ld-wrapper.in
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 23a8710..0acd9f2 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -1760,39 +1760,23 @@ timestamps in the file header with a fixed time (1
January 2008).
(define-public zziplib
(package
(name "zziplib")
- (version "0.13.69")
- (home-page "https://github.com/gdraheim/zziplib";)
+ (version "0.13.72")
(source (origin
(method git-fetch)
- (uri (git-reference (url home-page)
+ (uri (git-reference (url "https://github.com/gdraheim/zziplib";)
(commit (string-append "v" version))))
(file-name (git-file-name name version))
- (patches (search-patches "zziplib-CVE-2018-16548.patch"))
(sha256
(base32
- "0fbk9k7ryas2wh2ykwkvm1pbi40i88rfvc3dydh9xyd7w2jcki92"))))
- (replacement zziplib/fixed)
- (build-system gnu-build-system)
- (arguments
- `(#:phases (modify-phases %standard-phases
- (add-before 'check 'make-files-writable
- (lambda _
- (for-each make-file-writable
- (find-files "test" #:directories? #t))
- #t)))
-
- ;; XXX: The default test target attempts to download external resources
and
- ;; fails without error: <https://github.com/gdraheim/zziplib/issues/53>.
- ;; To prevent confusing log messages, just run a simple zip test that
works.
- #:test-target "check-readme"))
+ "0i6bpa2b13z19alm6ig80364dnin1w28cvif18k6wkkb0w3dzp8y"))))
+ (build-system cmake-build-system)
(inputs
`(("zlib" ,zlib)))
(native-inputs `(("perl" ,perl) ; for the documentation
("pkg-config" ,pkg-config)
- ;; for the documentation; Python 3 not supported,
- ;;
http://forums.gentoo.org/viewtopic-t-863161-start-0.html
- ("python" ,python-2)
+ ("python" ,python)
("zip" ,zip))) ; to create test files
+ (home-page "https://github.com/gdraheim/zziplib";)
(synopsis "Library for accessing zip files")
(description
"ZZipLib is a library based on zlib for accessing zip files.")
@@ -1800,40 +1784,6 @@ timestamps in the file header with a fixed time (1
January 2008).
;; files carry the Zlib license; see "docs/copying.html" for details.
(license (list license:lgpl2.0+ license:mpl1.1))))
-(define-public zziplib/fixed
- (package
- (inherit zziplib)
- (name "zziplib")
- (version "0.13.72")
- (home-page "https://github.com/gdraheim/zziplib";)
- (source (origin
- (method git-fetch)
- (uri (git-reference (url home-page)
- (commit (string-append "v" version))))
- (file-name (git-file-name name version))
- (sha256
- (base32
- "0i6bpa2b13z19alm6ig80364dnin1w28cvif18k6wkkb0w3dzp8y"))))
- (arguments
- `(#:phases
- (modify-phases %standard-phases
- (add-after 'install 'install-compatibility-symlinks
- (lambda* (#:key outputs #:allow-other-keys)
- (with-directory-excursion
- (string-append (assoc-ref outputs "out") "/lib")
- (map (lambda (lib new-symlink)
- (symlink lib new-symlink))
- (list "libzzip.so.13" "libzzipfseeko.so.13"
- "libzzipmmapped.so.13" "libzzipwrap.so.13")
- (list "libzzip-0.so.13" "libzzipfseeko-0.so.13"
- "libzzipmmapped-0.so.13" "libzzipwrap-0.so.13")))
- #t)))))
- (native-inputs
- `(("python" ,python)
- ,@(alist-delete "python"
- (package-native-inputs zziplib))))
- (build-system cmake-build-system)))
-
(define-public libzip
(package
(name "libzip")
diff --git a/gnu/packages/patches/zziplib-CVE-2018-16548.patch
b/gnu/packages/patches/zziplib-CVE-2018-16548.patch
deleted file mode 100644
index a17c6a9..0000000
--- a/gnu/packages/patches/zziplib-CVE-2018-16548.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-The following 3 patches applied to 0.13.69 in this order, combined:
-https://github.com/gdraheim/zziplib/commit/9411bde3e4a70a81ff3ffd256b71927b2d90dcbb.patch
-https://github.com/gdraheim/zziplib/commit/d2e5d5c53212e54a97ad64b793a4389193fec687.patch
-https://github.com/gdraheim/zziplib/commit/0e1dadb05c1473b9df2d7b8f298dab801778ef99.patch
-
-diff --git a/test/test.zip b/test/test.zip
-index 2c992ea..952d475 100644
-Binary files a/test/test.zip and b/test/test.zip differ
-diff --git a/zzip/zip.c b/zzip/zip.c
-index 14e2e06..f97a40a 100644
---- a/zzip/zip.c
-+++ b/zzip/zip.c
-@@ -472,9 +472,15 @@ __zzip_parse_root_directory(int fd,
- } else
- {
- if (io->fd.seeks(fd, zz_rootseek + zz_offset, SEEK_SET) < 0)
-+ {
-+ free(hdr0);
- return ZZIP_DIR_SEEK;
-+ }
- if (io->fd.read(fd, &dirent, sizeof(dirent)) < __sizeof(dirent))
-+ {
-+ free(hdr0);
- return ZZIP_DIR_READ;
-+ }
- d = &dirent;
- }
-
-@@ -574,11 +580,18 @@ __zzip_parse_root_directory(int fd,
-
- if (hdr_return)
- *hdr_return = hdr0;
-+ else
-+ {
-+ /* If it is not assigned to *hdr_return, it will never be free()'d
*/
-+ free(hdr0);
-+ }
- } /* else zero (sane) entries */
-+ else
-+ free(hdr0);
- # ifndef ZZIP_ALLOW_MODULO_ENTRIES
-- return (entries != zz_entries ? ZZIP_CORRUPTED : 0);
-+ return (entries != zz_entries) ? ZZIP_CORRUPTED : 0;
- # else
-- return ((entries & (unsigned)0xFFFF) != zz_entries ? ZZIP_CORRUPTED : 0);
-+ return ((entries & (unsigned)0xFFFF) != zz_entries) ? ZZIP_CORRUPTED : 0;
- # endif
- }
-
