Merge branch 'master' into core-updates

This commit is contained in:
Mark H Weaver 2015-01-06 12:57:15 -05:00
commit 23800e4736
41 changed files with 1132 additions and 195 deletions

View file

@ -73,7 +73,7 @@ if test "x$guix_build_daemon" = "xyes"; then
dnl Chroot support.
AC_CHECK_FUNCS([chroot unshare])
AC_CHECK_HEADERS([sched.h sys/param.h sys/mount.h])
AC_CHECK_HEADERS([sched.h sys/param.h sys/mount.h tr1/unordered_set])
dnl lutimes and lchown: used when canonicalizing store items.
dnl posix_fallocate: used when extracting archives.

View file

@ -10,7 +10,7 @@
@include version.texi
@copying
Copyright @copyright{} 2012, 2013, 2014 Ludovic Courtès@*
Copyright @copyright{} 2012, 2013, 2014, 2015 Ludovic Courtès@*
Copyright @copyright{} 2013, 2014 Andreas Enge@*
Copyright @copyright{} 2013 Nikita Karetnikov
@ -830,16 +830,15 @@ current generation of the user's default profile. Thus, users can add
@file{$HOME/.guix-profile/bin} to their @code{PATH} environment
variable, and so on.
In a multi-user setup, user profiles must be stored in a place
registered as a @dfn{garbage-collector root}, which
@file{$HOME/.guix-profile} points to (@pxref{Invoking guix gc}). That
directory is normally
In a multi-user setup, user profiles are stored in a place registered as
a @dfn{garbage-collector root}, which @file{$HOME/.guix-profile} points
to (@pxref{Invoking guix gc}). That directory is normally
@code{@var{localstatedir}/profiles/per-user/@var{user}}, where
@var{localstatedir} is the value passed to @code{configure} as
@code{--localstatedir}, and @var{user} is the user name. It must be
created by @code{root}, with @var{user} as the owner. When it does not
exist, or is not owned by @var{user}, @command{guix package} emits an
error about it.
@code{--localstatedir}, and @var{user} is the user name. The
@file{per-user} directory is created when @command{guix-daemon} is
started, and the @var{user} sub-directory is created by @command{guix
package}.
The @var{options} can be among the following:

View file

@ -1,5 +1,5 @@
# GNU Guix --- Functional package management for GNU
# Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
# Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
# Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
# Copyright © 2013, 2014 Mark H Weaver <mhw@netris.org>
#
@ -339,6 +339,11 @@ dist_patch_DATA = \
gnu/packages/patches/clucene-pkgconfig.patch \
gnu/packages/patches/cmake-fix-tests.patch \
gnu/packages/patches/coreutils-dummy-man.patch \
gnu/packages/patches/cpio-CVE-2014-9112-pt1.patch \
gnu/packages/patches/cpio-CVE-2014-9112-pt2.patch \
gnu/packages/patches/cpio-CVE-2014-9112-pt3.patch \
gnu/packages/patches/cpio-CVE-2014-9112-pt4.patch \
gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch \
gnu/packages/patches/cpio-gets-undeclared.patch \
gnu/packages/patches/cssc-gets-undeclared.patch \
gnu/packages/patches/cssc-missing-include.patch \
@ -402,6 +407,7 @@ dist_patch_DATA = \
gnu/packages/patches/libtheora-config-guess.patch \
gnu/packages/patches/libtool-skip-tests.patch \
gnu/packages/patches/libtool-skip-tests-for-mips.patch \
gnu/packages/patches/libtool-2.4-skip-tests.patch \
gnu/packages/patches/libssh-CVE-2014-0017.patch \
gnu/packages/patches/lm-sensors-hwmon-attrs.patch \
gnu/packages/patches/luit-posix.patch \
@ -410,11 +416,11 @@ dist_patch_DATA = \
gnu/packages/patches/mc-fix-ncurses-build.patch \
gnu/packages/patches/mcron-install.patch \
gnu/packages/patches/mhash-keygen-test-segfault.patch \
gnu/packages/patches/minetest-subgame-env-var.patch \
gnu/packages/patches/mit-krb5-init-fix.patch \
gnu/packages/patches/mpc123-initialize-ao.patch \
gnu/packages/patches/module-init-tools-moduledir.patch \
gnu/packages/patches/mupdf-buildsystem-fix.patch \
gnu/packages/patches/mutt-CVE-2014-9116.patch \
gnu/packages/patches/net-tools-bitrot.patch \
gnu/packages/patches/nvi-assume-preserve-path.patch \
gnu/packages/patches/orpheus-cast-errors-and-includes.patch \
@ -456,6 +462,9 @@ dist_patch_DATA = \
gnu/packages/patches/texi2html-document-encoding.patch \
gnu/packages/patches/texi2html-i18n.patch \
gnu/packages/patches/udev-gir-libtool.patch \
gnu/packages/patches/unzip-CVE-2014-8139.patch \
gnu/packages/patches/unzip-CVE-2014-8140.patch \
gnu/packages/patches/unzip-CVE-2014-8141.patch \
gnu/packages/patches/util-linux-perl.patch \
gnu/packages/patches/vpnc-script.patch \
gnu/packages/patches/vtk-mesa-10.patch \

View file

@ -287,13 +287,6 @@ (define* (mount-file-system spec #:key (root "/root"))
(mount source mount-point type (mount-flags->bit-mask flags)
(if options
(string->pointer options)
%null-pointer))
;; Update /etc/mtab.
(mkdir-p (string-append root "/etc"))
(let ((port (open-file (string-append root "/etc/mtab") "a")))
(format port "~a ~a ~a ~a 0 0~%"
source mount-point type (or options "rw"))
(close-port port))))))
%null-pointer))))))
;;; file-systems.scm ends here

View file

@ -275,7 +275,10 @@ (define (mark-as-not-killable pid)
(check-file-system root type)
(mount root "/root" type)))
(copy-file "/proc/mounts" "/root/etc/mtab"))
;; Make sure /root/etc/mtab is a symlink to /proc/self/mounts.
(when (file-exists? "/root/etc/mtab")
(delete-file "/root/etc/mtab"))
(symlink "/proc/self/mounts" "/root/etc/mtab"))
(define (switch-root root)
"Switch to ROOT as the root file system, in a way similar to what

View file

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;;
@ -64,11 +64,6 @@ (define-module (gnu packages)
;; and an extra environment variable. One advantage of this setup is
;; that everything just works in an auto-compilation setting.
(define %patch-path
(make-parameter
(map (cut string-append <> "/gnu/packages/patches")
%load-path)))
(define %bootstrap-binaries-path
(make-parameter
(map (cut string-append <> "/gnu/packages/bootstrap")
@ -104,6 +99,16 @@ (define %package-module-path
(make-parameter
(append environment `((,%distro-root-directory . "gnu/packages"))))))
(define %patch-path
;; Define it after '%package-module-path' so that '%load-path' contains user
;; directories, allowing patches in $GUIX_PACKAGE_PATH to be found.
(make-parameter
(map (lambda (directory)
(if (string=? directory %distro-root-directory)
(string-append directory "/gnu/packages/patches")
directory))
%load-path)))
(define* (scheme-files directory)
"Return the list of Scheme files found under DIRECTORY, recursively. The
returned list is sorted in alphabetical order."

View file

@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org>
;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
;;;
;;; This file is part of GNU Guix.
@ -161,14 +161,14 @@ (define* (autoconf-wrapper #:optional (autoconf autoconf))
(define-public automake
(package
(name "automake")
(version "1.14.1")
(version "1.15")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/automake/automake-"
version ".tar.xz"))
(sha256
(base32
"0s86rzdayj1licgj35q0mnynv5xa8f4p32m36blc5jk9id5z1d59"))
"0dl6vfi2lzz8alnklwxzfz624b95hb1ipjvd3mk177flmddcf24r"))
(patches
(list (search-patch "automake-skip-amhello-tests.patch")))))
(build-system gnu-build-system)
@ -291,3 +291,29 @@ (define-public libtool
complexity of working with shared libraries across platforms.")
(license gpl3+)
(home-page "http://www.gnu.org/software/libtool/")))
(define-public libtool-2.4.4
(package (inherit libtool)
(version "2.4.4")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/libtool/libtool-"
version ".tar.xz"))
(sha256
(base32
"0v3zq08qxv7k5067mpqrkjkjl3wphhg06i696mka90mzadc5nad8"))
(patches
(list (search-patch "libtool-2.4-skip-tests.patch")))))
(native-inputs `(("automake" ,automake) ;some tests rely on 'aclocal'
("autoconf" ,(autoconf-wrapper)) ;others on 'autom4te'
,@(package-native-inputs libtool)))
(arguments
;; XXX: There are test failures on mips64el-linux starting from 2.4.4:
;; <http://hydra.gnu.org/build/181662>.
(if (string-prefix? "mips64el"
(or (%current-target-system) (%current-system)))
`(#:tests? #f
,@(package-arguments libtool))
(package-arguments libtool)))))

View file

@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -19,6 +20,7 @@
(define-module (gnu packages cpio)
#:use-module (guix licenses)
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu))
@ -34,8 +36,19 @@ (define-public cpio
(sha256
(base32
"1gavgpzqwgkpagjxw72xgxz52y1ifgz0ckqh8g7cckz7jvyhp0mv"))
(patches (list (search-patch "cpio-gets-undeclared.patch")))))
(patches (list (search-patch "cpio-CVE-2014-9112-pt1.patch")
(search-patch "cpio-CVE-2014-9112-pt2.patch")
(search-patch "cpio-CVE-2014-9112-pt3.patch")
(search-patch "cpio-CVE-2014-9112-pt4.patch")
(search-patch "cpio-CVE-2014-9112-pt5.patch")
(search-patch "cpio-gets-undeclared.patch")))))
(build-system gnu-build-system)
;; FIXME: autoconf is needed to run autom4te, to update to test suite
;; after the CVE-2014-9112 patches. Remove this when cpio is
;; updated to post-2.11.
(native-inputs `(("autoconf" ,autoconf)))
(home-page "https://www.gnu.org/software/cpio/")
(synopsis "Manage cpio and tar file archives")
(description

View file

@ -638,7 +638,7 @@ (define-public irrlicht
(define minetest-data
(package
(name "minetest-data")
(version "0.4.10")
(version "0.4.11")
(source (origin
(method url-fetch)
(uri (string-append
@ -646,7 +646,7 @@ (define minetest-data
version ".tar.gz"))
(sha256
(base32
"09mr71kl7mf4ihszqz1vnwk814p7fvqknad150iic2340a7qzf0i"))))
"0hzb27srv6f2j84dpxx2p0p0aaq9vdp5jvbrfpklb5q5ssdjxvc6"))))
(build-system trivial-build-system)
(native-inputs
`(("source" ,source)
@ -678,7 +678,7 @@ (define minetest-data
(define-public minetest
(package
(name "minetest")
(version "0.4.10")
(version "0.4.11")
(source (origin
(method url-fetch)
(uri (string-append
@ -686,10 +686,7 @@ (define-public minetest
version ".tar.gz"))
(sha256
(base32
"1xxv0g83iqszjgwnbdcbsprqg76cb6jnbsh5qhm7lcwx4wy2y2k2"))
;; This patch will be included in future upstream releases.
;; See: https://github.com/minetest/minetest/commit/fd5eaae2babb322f8a3e2acab55a12e218814c8e
(patches (list (search-patch "minetest-subgame-env-var.patch")))))
"0h223svzkvp63b77nqfxy7k8whw4543gahs3kxd3x4myi5ax5z5f"))))
(build-system cmake-build-system)
(arguments
'(#:modules ((guix build utils)

View file

@ -279,7 +279,29 @@ (define-public gcc-4.9
version "/gcc-" version ".tar.bz2"))
(sha256
(base32
"1pbjp4blk2ycaa6r3jmw4ky5f1s9ji3klbqgv8zs2sl5jn1cj810"))))))
"1pbjp4blk2ycaa6r3jmw4ky5f1s9ji3klbqgv8zs2sl5jn1cj810"))))
;; TODO: In core-updates, improve the 'pre-configure phase of the main
;; 'gcc' package so that the 'join-two-line-dynamic-linker-defns phase is
;; no longer needed here. Then the entire 'arguments' override below can
;; be removed.
(arguments
(substitute-keyword-arguments (package-arguments gcc-4.7)
((#:phases phases)
`(alist-cons-before
'pre-configure 'join-two-line-dynamic-linker-defns
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((libc (assoc-ref inputs "libc")))
(when libc
;; Join two-line definitions of GLIBC_DYNAMIC_LINKER* into a
;; single line, to allow the 'pre-configure phase to work
;; properly.
(substitute* (find-files "gcc/config"
"^linux(64|-elf)?\\.h$")
(("(#define GLIBC_DYNAMIC_LINKER[^ ]*.*)\\\\\n$" _ line)
line)))
#t))
,phases))))))
(define* (custom-gcc gcc name languages #:key (separate-lib-output? #t))
"Return a custom version of GCC that supports LANGUAGES."

View file

@ -20,6 +20,7 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages gl)
#:use-module (ice-9 match)
#:use-module ((guix licenses) #:prefix l:)
#:use-module (guix packages)
#:use-module (guix download)
@ -161,9 +162,17 @@ (define-public mesa
("python" ,python-2))) ; incompatible with Python 3 (print syntax)
(arguments
`(#:configure-flags
`(;; drop r300 from default gallium drivers, as it requires llvm
'(;; drop r300 from default gallium drivers, as it requires llvm
"--with-gallium-drivers=r600,svga,swrast"
"--enable-xa")
"--enable-xa"
;; on non-intel systems, drop i915 and i965
;; from the default dri drivers
,@(match (%current-system)
((or "x86_64-linux" "i686-linux")
'())
(_
'("--with-dri-drivers=nouveau,r200,radeon,swrast"))))
#:phases (alist-cons-after
'unpack 'add-missing-m4-files
(lambda _

View file

@ -301,6 +301,18 @@ (define-public icon-naming-utils
(inputs
`(("perl" ,perl)
("perl-xml-simple" ,perl-xml-simple)))
(arguments
'(#:phases
(alist-cons-after
'install 'set-load-paths
;; Tell 'icon-name-mapping' where XML::Simple is.
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(prog (string-append out "/libexec/icon-name-mapping")))
(wrap-program
prog
`("PERL5LIB" = ,(list (getenv "PERL5LIB"))))))
%standard-phases)))
(home-page "http://tango.freedesktop.org/Standard_Icon_Naming_Specification")
(synopsis
"Utility to implement the Freedesktop Icon Naming Specification")

View file

@ -174,7 +174,8 @@ (define-public mutt
version ".tar.gz")))
(sha256
(base32
"0dzx4qk50pjfsb6cs5jahng96a52k12f7pm0sc78iqdrawg71w1s"))))
"0dzx4qk50pjfsb6cs5jahng96a52k12f7pm0sc78iqdrawg71w1s"))
(patches (list (search-patch "mutt-CVE-2014-9116.patch")))))
(build-system gnu-build-system)
(inputs
`(("cyrus-sasl" ,cyrus-sasl)

View file

@ -0,0 +1,231 @@
Partially fix CVE-2014-9112, part 1/5. Backported to 2.11.
From 746f3ff670dcfcdd28fcc990e79cd6fccc7ae48d Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org.ua>
Date: Mon, 01 Dec 2014 13:15:28 +0000
Subject: Fix memory overrun on reading improperly created link records.
See http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
* src/copyin.c (get_link_name): New function.
(list_file, copyin_link): use get_link_name
* tests/symlink-bad-length.at: New file.
* tests/symlink-long.at: New file.
* tests/Makefile.am: Add new files.
* tests/testsuite.at: Likewise.
---
diff --git a/src/copyin.c b/src/copyin.c
index 38d809f..c502c7d 100644
--- a/src/copyin.c
+++ b/src/copyin.c
@@ -124,10 +124,30 @@ tape_skip_padding (int in_file_des, off_t offset)
if (pad != 0)
tape_toss_input (in_file_des, pad);
}
-
+
+static char *
+get_link_name (struct cpio_file_stat *file_hdr, int in_file_des)
+{
+ off_t n = file_hdr->c_filesize + 1;
+ char *link_name;
+
+ if (n == 0 || n > SIZE_MAX)
+ {
+ error (0, 0, _("%s: stored filename length too big"), file_hdr->c_name);
+ link_name = NULL;
+ }
+ else
+ {
+ link_name = xmalloc (n);
+ tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
+ link_name[file_hdr->c_filesize] = '\0';
+ tape_skip_padding (in_file_des, file_hdr->c_filesize);
+ }
+ return link_name;
+}
static void
-list_file(struct cpio_file_stat* file_hdr, int in_file_des)
+list_file (struct cpio_file_stat* file_hdr, int in_file_des)
{
if (verbose_flag)
{
@@ -136,21 +156,16 @@ list_file(struct cpio_file_stat* file_hdr, int in_file_des)
{
if (archive_format != arf_tar && archive_format != arf_ustar)
{
- char *link_name = NULL; /* Name of hard and symbolic links. */
-
- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
- link_name[file_hdr->c_filesize] = '\0';
- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
- long_format (file_hdr, link_name);
- free (link_name);
- tape_skip_padding (in_file_des, file_hdr->c_filesize);
- return;
+ char *link_name = get_link_name (file_hdr, in_file_des);
+ if (link_name)
+ {
+ long_format (file_hdr, link_name);
+ free (link_name);
+ }
}
else
- {
- long_format (file_hdr, file_hdr->c_tar_linkname);
- return;
- }
+ long_format (file_hdr, file_hdr->c_tar_linkname);
+ return;
}
else
#endif
@@ -650,10 +665,7 @@ copyin_link(struct cpio_file_stat *file_
if (archive_format != arf_tar && archive_format != arf_ustar)
{
- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
- link_name[file_hdr->c_filesize] = '\0';
- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
- tape_skip_padding (in_file_des, file_hdr->c_filesize);
+ link_name = get_link_name (file_hdr, in_file_des);
}
else
{
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 3f714d1..b4ca92d 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -52,6 +52,8 @@ TESTSUITE_AT = \
setstat04.at\
setstat05.at\
symlink.at\
+ symlink-bad-length.at\
+ symlink-long.at\
version.at
TESTSUITE = $(srcdir)/testsuite
diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at
new file mode 100644
index 0000000..6f804b1
--- a/dev/null
+++ b/tests/symlink-bad-length.at
@@ -0,0 +1,49 @@
+# Process this file with autom4te to create testsuite. -*- Autotest -*-
+# Copyright (C) 2014 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 USA.
+
+# Cpio v2.11 did segfault with badly set symlink length.
+# References:
+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
+
+AT_SETUP([symlink-bad-length])
+AT_KEYWORDS([symlink-long copyout])
+
+AT_DATA([ARCHIVE.base64],
+[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv
+JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF
+UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+])
+
+AT_CHECK([
+base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
+cpio -ntv < ARCHIVE
+test $? -eq 2
+],
+[0],
+[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE
+],[cpio: LINK: stored filename length too big
+cpio: premature end of file
+])
+
+AT_CLEANUP
diff --git a/tests/symlink-long.at b/tests/symlink-long.at
new file mode 100644
index 0000000..d3def2d
--- a/dev/null
+++ b/tests/symlink-long.at
@@ -0,0 +1,46 @@
+# Process this file with autom4te to create testsuite. -*- Autotest -*-
+# Copyright (C) 2014 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 USA.
+
+# Cpio v2.11.90 changed the way symlink name is read from archive.
+# References:
+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
+
+AT_SETUP([symlink-long])
+AT_KEYWORDS([symlink-long copyout])
+
+AT_CHECK([
+
+# len(dirname) > READBUFSIZE
+dirname=
+for i in {1..52}; do
+ dirname="xxxxxxxxx/$dirname"
+ mkdir "$dirname"
+done
+ln -s "$dirname" x || AT_SKIP_TEST
+
+echo x | cpio -o > ar
+list=`cpio -tv < ar | sed 's|.*-> ||'`
+test "$list" = "$dirname" && echo success || echo fail
+],
+[0],
+[success
+],[2 blocks
+2 blocks
+])
+
+AT_CLEANUP
diff --git a/tests/testsuite.at b/tests/testsuite.at
index e67689f..3b5377e 100644
--- a/tests/testsuite.at
+++ b/tests/testsuite.at
@@ -31,6 +31,8 @@ m4_include([version.at])
m4_include([inout.at])
m4_include([symlink.at])
+m4_include([symlink-bad-length.at])
+m4_include([symlink-long.at])
m4_include([interdir.at])
m4_include([setstat01.at])
--
cgit v0.9.0.2

View file

@ -0,0 +1,51 @@
Partially fix CVE-2014-9112, part 2/5.
From 54d1c42ac2cb91389fca04a5018ad573e4ae265a Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org.ua>
Date: Mon, 01 Dec 2014 19:10:39 +0000
Subject: Bugfix
* src/copyin.c (get_link_name): Fix range checking.
* tests/symlink-bad-length.at: Change expected error message.
---
diff --git a/src/copyin.c b/src/copyin.c
index c502c7d..042cc41 100644
--- a/src/copyin.c
+++ b/src/copyin.c
@@ -128,17 +128,17 @@ tape_skip_padding (int in_file_des, off_t offset)
static char *
get_link_name (struct cpio_file_stat *file_hdr, int in_file_des)
{
- off_t n = file_hdr->c_filesize + 1;
char *link_name;
- if (n == 0 || n > SIZE_MAX)
+ if (file_hdr->c_filesize < 0 || file_hdr->c_filesize > SIZE_MAX-1)
{
- error (0, 0, _("%s: stored filename length too big"), file_hdr->c_name);
+ error (0, 0, _("%s: stored filename length is out of range"),
+ file_hdr->c_name);
link_name = NULL;
}
else
{
- link_name = xmalloc (n);
+ link_name = xmalloc (file_hdr->c_filesize);
tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
link_name[file_hdr->c_filesize] = '\0';
tape_skip_padding (in_file_des, file_hdr->c_filesize);
diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at
index 6f804b1..cbf4aa7 100644
--- a/tests/symlink-bad-length.at
+++ b/tests/symlink-bad-length.at
@@ -42,7 +42,7 @@ test $? -eq 2
],
[0],
[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE
-],[cpio: LINK: stored filename length too big
+],[cpio: LINK: stored filename length is out of range
cpio: premature end of file
])
--
cgit v0.9.0.2

View file

@ -0,0 +1,23 @@
Partially fix CVE-2014-9112, part 3/5.
From 58df4f1b44a1142bba500f980fd26806413b1728 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org.ua>
Date: Tue, 02 Dec 2014 09:33:29 +0000
Subject: Fix typo
---
diff --git a/src/copyin.c b/src/copyin.c
index 042cc41..264bfcb 100644
--- a/src/copyin.c
+++ b/src/copyin.c
@@ -138,7 +138,7 @@ get_link_name (struct cpio_file_stat *file_hdr, int in_file_des)
}
else
{
- link_name = xmalloc (file_hdr->c_filesize);
+ link_name = xmalloc (file_hdr->c_filesize + 1);
tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
link_name[file_hdr->c_filesize] = '\0';
tape_skip_padding (in_file_des, file_hdr->c_filesize);
--
cgit v0.9.0.2

View file

@ -0,0 +1,105 @@
Partially fix CVE-2014-9112, part 4/5. Backported to 2.11.
From fd262d116c4564c1796be9be2799619cf7785d07 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org.ua>
Date: Thu, 11 Dec 2014 10:51:21 +0000
Subject: Fix error recovery in copy-in mode
* src/copyin.c (copyin_link): Fix null dereference.
(read_in_header): Fix error recovery (bug introduced by
27e0ae55).
* tests/symlink-bad-length.at: Test error recovery.
Catch various architecture-dependent error messages (suggested
by Pavel Raiskup).
---
diff --git a/src/copyin.c b/src/copyin.c
index 264bfcb..ca12356 100644
--- a/src/copyin.c
+++ b/src/copyin.c
@@ -655,7 +655,7 @@ copyin_device (struct cpio_file_stat* file_hdr)
}
static void
-copyin_link(struct cpio_file_stat *file_hdr, int in_file_des)
+copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)
{
char *link_name = NULL; /* Name of hard and symbolic links. */
int res; /* Result of various function calls. */
@@ -666,6 +666,8 @@ copyin_link(struct cpio_file_stat *file_
if (archive_format != arf_tar && archive_format != arf_ustar)
{
link_name = get_link_name (file_hdr, in_file_des);
+ if (!link_name)
+ return;
}
else
{
@@ -1017,7 +1019,7 @@ read_in_header (struct cpio_file_stat *file_hdr, int in_des)
file_hdr->c_tar_linkname = NULL;
- tape_buffered_read (magic.str, in_des, 6L);
+ tape_buffered_read (magic.str, in_des, sizeof (magic.str));
while (1)
{
if (append_flag)
@@ -1062,8 +1064,8 @@ read_in_header (struct cpio_file_stat *file_hdr, int in_des)
break;
}
bytes_skipped++;
- memmove (magic.str, magic.str + 1, 5);
- tape_buffered_read (magic.str, in_des, 1L);
+ memmove (magic.str, magic.str + 1, sizeof (magic.str) - 1);
+ tape_buffered_read (magic.str + sizeof (magic.str) - 1, in_des, 1L);
}
}
diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at
index cbf4aa7..4dbeaa3 100644
--- a/tests/symlink-bad-length.at
+++ b/tests/symlink-bad-length.at
@@ -24,9 +24,9 @@ AT_SETUP([symlink-bad-length])
AT_KEYWORDS([symlink-long copyout])
AT_DATA([ARCHIVE.base64],
-[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv
-JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF
-UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+[x3ECCJ1jtIHoA2QAAQAAAIlUwl0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxAgidHv+h6ANk
+AAEAAACJVHFtBQD/////TElOSwAARklMRcdxAgieHqSB6ANkAAEAAACJVDJuBgAAABIARklMRTIA
+c29tZSBtb3JlIGNvbnRlbnQKx3EAAAAAAAAAAAAAAQAAAAAAAAALAAAAAABUUkFJTEVSISEhAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
@@ -37,13 +37,23 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AT_CHECK([
base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
-cpio -ntv < ARCHIVE
-test $? -eq 2
+TZ=UTC cpio -ntv < ARCHIVE 2>stderr
+rc=$?
+cat stderr | grep -v \
+ -e 'stored filename length is out of range' \
+ -e 'premature end of file' \
+ -e 'archive header has reverse byte-order' \
+ -e 'memory exhausted' \
+ >&2
+echo >&2 STDERR
+test "$rc" -ne 0
],
-[0],
-[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE
-],[cpio: LINK: stored filename length is out of range
-cpio: premature end of file
+[1],
+[-rw-rw-r-- 1 1000 100 13 Dec 11 09:02 FILE
+-rw-r--r-- 1 1000 100 18 Dec 11 10:13 FILE2
+],[cpio: warning: skipped 4 bytes of junk
+1 block
+STDERR
])
AT_CLEANUP
--
cgit v0.9.0.2

View file

@ -0,0 +1,88 @@
Partially fix CVE-2014-9112, part 5/5. Backported to 2.11.
From f6a8a2cbd2d5ca40ea94900b55b845dd5ca87328 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org.ua>
Date: Thu, 11 Dec 2014 13:21:40 +0000
Subject: Fix symlink-bad-length test for 64-bit architectures.
* src/util.c: Return non-zero exit code if EOF is hit prematurely.
* tests/symlink-bad-length.at: Revert to original archive: there's
no use testing for recovery, because that depends on the host
architecture. Don't test for exit code as well (same reason).
Account for eventual warning messages.
---
diff --git a/src/util.c b/src/util.c
index 6c483f8..39c9813 100644
--- a/src/util.c
+++ b/src/util.c
@@ -206,10 +206,7 @@ tape_fill_input_buffer (int in_des, int
if (input_size < 0)
error (1, errno, _("read error"));
if (input_size == 0)
- {
- error (0, 0, _("premature end of file"));
- exit (1);
- }
+ error (PAXEXIT_FAILURE, 0, _("premature end of file"));
input_bytes += input_size;
}
diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at
index 4dbeaa3..e1a7093 100644
--- a/tests/symlink-bad-length.at
+++ b/tests/symlink-bad-length.at
@@ -24,9 +24,9 @@ AT_SETUP([symlink-bad-length])
AT_KEYWORDS([symlink-long copyout])
AT_DATA([ARCHIVE.base64],
-[x3ECCJ1jtIHoA2QAAQAAAIlUwl0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxAgidHv+h6ANk
-AAEAAACJVHFtBQD/////TElOSwAARklMRcdxAgieHqSB6ANkAAEAAACJVDJuBgAAABIARklMRTIA
-c29tZSBtb3JlIGNvbnRlbnQKx3EAAAAAAAAAAAAAAQAAAAAAAAALAAAAAABUUkFJTEVSISEhAAAA
+[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv
+JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF
+UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
@@ -35,25 +35,30 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
])
+# The exact error message and exit status depend on the host architecture,
+# therefore strderr is filtered out and error code is not checked.
+
+# So far the only case when cpio would exit with code 0 is when it skips
+# several bytes and encounters a valid record header. Perhaps it should
+# exit with code 2 (non-critical error), if at least one byte was skipped,
+# but that could hurt backward compatibility.
+
AT_CHECK([
base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
-TZ=UTC cpio -ntv < ARCHIVE 2>stderr
-rc=$?
+TZ=UTC cpio -ntv < ARCHIVE 2>stderr
cat stderr | grep -v \
-e 'stored filename length is out of range' \
-e 'premature end of file' \
-e 'archive header has reverse byte-order' \
-e 'memory exhausted' \
+ -e 'skipped [[0-9][0-9]*] bytes of junk' \
+ -e '[[0-9][0-9]*] block' \
>&2
echo >&2 STDERR
-test "$rc" -ne 0
],
-[1],
-[-rw-rw-r-- 1 1000 100 13 Dec 11 09:02 FILE
--rw-r--r-- 1 1000 100 18 Dec 11 10:13 FILE2
-],[cpio: warning: skipped 4 bytes of junk
-1 block
-STDERR
+[0],
+[-rw-rw-r-- 1 10029 10031 13 Nov 25 11:52 FILE
+],[STDERR
])
AT_CLEANUP
--
cgit v0.9.0.2

View file

@ -0,0 +1,24 @@
Because our GCC 'lib' spec automatically adds '-rpath' for each '-L'
and a couple more '-rpath, there are two test failures:
one in demo.test, and one in destdir.at. Disable these.
--- libtool-2.4.4/tests/testsuite 2014-11-29 17:43:11.000000000 +0100
+++ libtool-2.4.4/tests/testsuite 2015-01-03 23:00:09.367775122 +0100
@@ -9185,7 +9185,7 @@ read at_status <"$at_status_file"
#AT_START_33
at_fn_group_banner 33 'demo.at:548' \
"hardcoding library path" " " 3
-at_xfail=no
+at_xfail=yes
test no = "$ACLOCAL" && at_xfail=yes
test no = "$AUTOHEADER" && at_xfail=yes
test no = "$AUTOMAKE" && at_xfail=yes
@@ -27052,7 +27052,7 @@ read at_status <"$at_status_file"
#AT_START_97
at_fn_group_banner 97 'destdir.at:75' \
"DESTDIR with in-package deplibs" " " 7
-at_xfail=no
+at_xfail=yes
eval `$LIBTOOL --config | $GREP '^fast_install='`
case $fast_install in no) :;; *) false;; esac && at_xfail=yes
(

View file

@ -1,92 +0,0 @@
From fd5eaae2babb322f8a3e2acab55a12e218814c8e Mon Sep 17 00:00:00 2001
From: David Thompson <dthompson2@worcester.edu>
Date: Sat, 6 Sep 2014 13:21:46 -0400
Subject: [PATCH] Search for subgames using $MINETEST_SUBGAME_PATH.
---
doc/minetest.6 | 6 ++++++
src/subgame.cpp | 30 ++++++++++++++++++++++++++++++
2 files changed, 36 insertions(+)
diff --git a/doc/minetest.6 b/doc/minetest.6
index d94c12c..ff54520 100644
--- a/doc/minetest.6
+++ b/doc/minetest.6
@@ -83,6 +83,12 @@ Set world path
Migrate from current map backend to another. Possible values are sqlite3
and leveldb. Only works when using --server.
+.SH ENVIRONMENT VARIABLES
+
+.TP
+MINETEST_SUBGAME_PATH
+Colon delimited list of directories to search for subgames.
+
.SH BUGS
Please report all bugs to Perttu Ahola <celeron55@gmail.com>.
diff --git a/src/subgame.cpp b/src/subgame.cpp
index f2465c9..e86655b 100644
--- a/src/subgame.cpp
+++ b/src/subgame.cpp
@@ -22,6 +22,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
#include "filesys.h"
#include "settings.h"
#include "log.h"
+#include "strfnd.h"
#ifndef SERVER
#include "tile.h" // getImagePath
#endif
@@ -59,6 +60,17 @@ struct GameFindPath
{}
};
+Strfnd getSubgamePathEnv() {
+ std::string sp;
+ char *subgame_path = getenv("MINETEST_SUBGAME_PATH");
+
+ if(subgame_path) {
+ sp = std::string(subgame_path);
+ }
+
+ return Strfnd(sp);
+}
+
SubgameSpec findSubgame(const std::string &id)
{
if(id == "")
@@ -66,6 +78,17 @@ SubgameSpec findSubgame(const std::string &id)
std::string share = porting::path_share;
std::string user = porting::path_user;
std::vector<GameFindPath> find_paths;
+
+ Strfnd search_paths = getSubgamePathEnv();
+
+ while(!search_paths.atend()) {
+ std::string path = search_paths.next(":");
+ find_paths.push_back(GameFindPath(
+ path + DIR_DELIM + id, false));
+ find_paths.push_back(GameFindPath(
+ path + DIR_DELIM + id + "_game", false));
+ }
+
find_paths.push_back(GameFindPath(
user + DIR_DELIM + "games" + DIR_DELIM + id + "_game", true));
find_paths.push_back(GameFindPath(
@@ -129,6 +152,13 @@ std::set<std::string> getAvailableGameIds()
std::set<std::string> gamespaths;
gamespaths.insert(porting::path_share + DIR_DELIM + "games");
gamespaths.insert(porting::path_user + DIR_DELIM + "games");
+
+ Strfnd search_paths = getSubgamePathEnv();
+
+ while(!search_paths.atend()) {
+ gamespaths.insert(search_paths.next(":"));
+ }
+
for(std::set<std::string>::const_iterator i = gamespaths.begin();
i != gamespaths.end(); i++){
std::vector<fs::DirListNode> dirlist = fs::GetDirListing(*i);
--
2.1.1

View file

@ -0,0 +1,46 @@
Fix CVE-2014-9116. Copied from Debian:
This patch solves the issue raised by CVE-2014-9116 in bug 771125.
We correctly redefine what are the whitespace characters as per RFC5322; by
doing so we prevent mutt_substrdup from being used in a way that could lead to
a segfault.
The lib.c part was written by Antonio Radici <antonio@debian.org> to prevent
crashes due to this kind of bugs from happening again.
The wheezy version of this patch is slightly different, therefore this patch
has -jessie prefixed in its name.
The sendlib.c part was provided by Salvatore Bonaccorso and it is the same as
the upstream patch reported here:
http://dev.mutt.org/trac/attachment/ticket/3716/ticket-3716-stable.patch
--- a/lib.c
+++ b/lib.c
@@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin,
size_t len;
char *p;
+ if (end != NULL && end < begin)
+ return NULL;
+
if (end)
len = end - begin;
else
--- a/sendlib.c
+++ b/sendlib.c
@@ -1814,7 +1814,12 @@ static int write_one_header (FILE *fp, i
{
tagbuf = mutt_substrdup (start, t);
/* skip over the colon separating the header field name and value */
- t = skip_email_wsp(t + 1);
+ ++t;
+
+ /* skip over any leading whitespace (WSP, as defined in RFC5322) */
+ while (*t == ' ' || *t == '\t')
+ t++;
+
valbuf = mutt_substrdup (t, end);
}
dprint(4,(debugfile,"mwoh: buf[%s%s] too long, "

View file

@ -0,0 +1,49 @@
From: sms
Subject: Fix CVE-2014-8139: CRC32 verification heap-based overflow
Bug-Debian: http://bugs.debian.org/773722
--- a/extract.c
+++ b/extract.c
@@ -1,5 +1,5 @@
/*
- Copyright (c) 1990-2009 Info-ZIP. All rights reserved.
+ Copyright (c) 1990-2014 Info-ZIP. All rights reserved.
See the accompanying file LICENSE, version 2009-Jan-02 or later
(the contents of which are also included in unzip.h) for terms of use.
@@ -298,6 +298,8 @@
#ifndef SFX
static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \
EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n";
+ static ZCONST char Far TooSmallEFlength[] = "bad extra-field entry:\n \
+ EF block length (%u bytes) invalid (< %d)\n";
static ZCONST char Far InvalidComprDataEAs[] =
" invalid compressed data for EAs\n";
# if (defined(WIN32) && defined(NTSD_EAS))
@@ -2023,7 +2025,8 @@
ebID = makeword(ef);
ebLen = (unsigned)makeword(ef+EB_LEN);
- if (ebLen > (ef_len - EB_HEADSIZE)) {
+ if (ebLen > (ef_len - EB_HEADSIZE))
+ {
/* Discovered some extra field inconsistency! */
if (uO.qflag)
Info(slide, 1, ((char *)slide, "%-22s ",
@@ -2032,6 +2035,16 @@
ebLen, (ef_len - EB_HEADSIZE)));
return PK_ERR;
}
+ else if (ebLen < EB_HEADSIZE)
+ {
+ /* Extra block length smaller than header length. */
+ if (uO.qflag)
+ Info(slide, 1, ((char *)slide, "%-22s ",
+ FnFilter1(G.filename)));
+ Info(slide, 1, ((char *)slide, LoadFarString(TooSmallEFlength),
+ ebLen, EB_HEADSIZE));
+ return PK_ERR;
+ }
switch (ebID) {
case EF_OS2:

View file

@ -0,0 +1,27 @@
From: sms
Subject: Fix CVE-2014-8140: out-of-bounds write issue in test_compr_eb()
Bug-Debian: http://bugs.debian.org/773722
--- a/extract.c
+++ b/extract.c
@@ -2234,10 +2234,17 @@
if (compr_offset < 4) /* field is not compressed: */
return PK_OK; /* do nothing and signal OK */
+ /* Return no/bad-data error status if any problem is found:
+ * 1. eb_size is too small to hold the uncompressed size
+ * (eb_ucsize). (Else extract eb_ucsize.)
+ * 2. eb_ucsize is zero (invalid). 2014-12-04 SMS.
+ * 3. eb_ucsize is positive, but eb_size is too small to hold
+ * the compressed data header.
+ */
if ((eb_size < (EB_UCSIZE_P + 4)) ||
- ((eb_ucsize = makelong(eb+(EB_HEADSIZE+EB_UCSIZE_P))) > 0L &&
- eb_size <= (compr_offset + EB_CMPRHEADLEN)))
- return IZ_EF_TRUNC; /* no compressed data! */
+ ((eb_ucsize = makelong( eb+ (EB_HEADSIZE+ EB_UCSIZE_P))) == 0L) ||
+ ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN))))
+ return IZ_EF_TRUNC; /* no/bad compressed data! */
if (
#ifdef INT_16BIT

View file

@ -0,0 +1,137 @@
From: sms
Subject: Fix CVE-2014-8141: out-of-bounds read issues in getZip64Data()
Bug-Debian: http://bugs.debian.org/773722
--- a/fileio.c
+++ b/fileio.c
@@ -176,6 +176,8 @@
#endif
static ZCONST char Far ExtraFieldTooLong[] =
"warning: extra field too long (%d). Ignoring...\n";
+static ZCONST char Far ExtraFieldCorrupt[] =
+ "warning: extra field (type: 0x%04x) corrupt. Continuing...\n";
#ifdef WINDLL
static ZCONST char Far DiskFullQuery[] =
@@ -2295,7 +2297,12 @@
if (readbuf(__G__ (char *)G.extra_field, length) == 0)
return PK_EOF;
/* Looks like here is where extra fields are read */
- getZip64Data(__G__ G.extra_field, length);
+ if (getZip64Data(__G__ G.extra_field, length) != PK_COOL)
+ {
+ Info(slide, 0x401, ((char *)slide,
+ LoadFarString( ExtraFieldCorrupt), EF_PKSZ64));
+ error = PK_WARN;
+ }
#ifdef UNICODE_SUPPORT
G.unipath_filename = NULL;
if (G.UzO.U_flag < 2) {
--- a/process.c
+++ b/process.c
@@ -1,5 +1,5 @@
/*
- Copyright (c) 1990-2009 Info-ZIP. All rights reserved.
+ Copyright (c) 1990-2014 Info-ZIP. All rights reserved.
See the accompanying file LICENSE, version 2009-Jan-02 or later
(the contents of which are also included in unzip.h) for terms of use.
@@ -1901,48 +1901,82 @@
and a 4-byte version of disk start number.
Sets both local header and central header fields. Not terribly clever,
but it means that this procedure is only called in one place.
+
+ 2014-12-05 SMS.
+ Added checks to ensure that enough data are available before calling
+ makeint64() or makelong(). Replaced various sizeof() values with
+ simple ("4" or "8") constants. (The Zip64 structures do not depend
+ on our variable sizes.) Error handling is crude, but we should now
+ stay within the buffer.
---------------------------------------------------------------------------*/
+#define Z64FLGS 0xffff
+#define Z64FLGL 0xffffffff
+
if (ef_len == 0 || ef_buf == NULL)
return PK_COOL;
Trace((stderr,"\ngetZip64Data: scanning extra field of length %u\n",
ef_len));
- while (ef_len >= EB_HEADSIZE) {
+ while (ef_len >= EB_HEADSIZE)
+ {
eb_id = makeword(EB_ID + ef_buf);
eb_len = makeword(EB_LEN + ef_buf);
- if (eb_len > (ef_len - EB_HEADSIZE)) {
- /* discovered some extra field inconsistency! */
+ if (eb_len > (ef_len - EB_HEADSIZE))
+ {
+ /* Extra block length exceeds remaining extra field length. */
Trace((stderr,
"getZip64Data: block length %u > rest ef_size %u\n", eb_len,
ef_len - EB_HEADSIZE));
break;
}
- if (eb_id == EF_PKSZ64) {
-
+ if (eb_id == EF_PKSZ64)
+ {
int offset = EB_HEADSIZE;
- if (G.crec.ucsize == 0xffffffff || G.lrec.ucsize == 0xffffffff){
- G.lrec.ucsize = G.crec.ucsize = makeint64(offset + ef_buf);
- offset += sizeof(G.crec.ucsize);
+ if ((G.crec.ucsize == Z64FLGL) || (G.lrec.ucsize == Z64FLGL))
+ {
+ if (offset+ 8 > ef_len)
+ return PK_ERR;
+
+ G.crec.ucsize = G.lrec.ucsize = makeint64(offset + ef_buf);
+ offset += 8;
}
- if (G.crec.csize == 0xffffffff || G.lrec.csize == 0xffffffff){
- G.csize = G.lrec.csize = G.crec.csize = makeint64(offset + ef_buf);
- offset += sizeof(G.crec.csize);
+
+ if ((G.crec.csize == Z64FLGL) || (G.lrec.csize == Z64FLGL))
+ {
+ if (offset+ 8 > ef_len)
+ return PK_ERR;
+
+ G.csize = G.crec.csize = G.lrec.csize = makeint64(offset + ef_buf);
+ offset += 8;
}
- if (G.crec.relative_offset_local_header == 0xffffffff){
+
+ if (G.crec.relative_offset_local_header == Z64FLGL)
+ {
+ if (offset+ 8 > ef_len)
+ return PK_ERR;
+
G.crec.relative_offset_local_header = makeint64(offset + ef_buf);
- offset += sizeof(G.crec.relative_offset_local_header);
+ offset += 8;
}
- if (G.crec.disk_number_start == 0xffff){
+
+ if (G.crec.disk_number_start == Z64FLGS)
+ {
+ if (offset+ 4 > ef_len)
+ return PK_ERR;
+
G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf);
- offset += sizeof(G.crec.disk_number_start);
+ offset += 4;
}
+#if 0
+ break; /* Expect only one EF_PKSZ64 block. */
+#endif /* 0 */
}
- /* Skip this extra field block */
+ /* Skip this extra field block. */
ef_buf += (eb_len + EB_HEADSIZE);
ef_len -= (eb_len + EB_HEADSIZE);
}

View file

@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013 Nikita Karetnikov <nikita@karetnikov.org>
;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com>
;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
@ -95,16 +95,17 @@ (define-public bazaar
(license gpl2+)))
(define-public git
;; Keep in sync with 'git-manpages'!
(package
(name "git")
(version "2.1.2")
(version "2.2.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/software/scm/git/git-"
version ".tar.xz"))
(sha256
(base32
"12x1qycc0rii6fqpiizp9v9ysdmj6lpi9imqqbrkdx6cifbwh9vv"))))
"0l7l9rv1ww474rm4whj7dhjjacgdw5qlqqxqsnyzdpdxl34jshh9"))))
(build-system gnu-build-system)
(native-inputs
`(("native-perl" ,perl)
@ -210,6 +211,52 @@ (define-public git
(license gpl2)
(home-page "http://git-scm.com/")))
(define-public git-manpages
;; Keep in sync with 'git'!
;; Granted, we could build the man pages from the 'git' package itself,
;; which contains the real source. However, it would add a dependency on a
;; full XML tool chain, and building it actually takes ages. So we use this
;; lazy approach.
(package
(name "git-manpages")
(version (package-version git))
(source (origin
(method url-fetch)
(uri (string-append
"mirror://kernel.org/software/scm/git/git-manpages-"
version ".tar.xz"))
(sha256
(base32
"0f75n5yfrzb55qbg5wq4bmv43lay806v51yhglwkp7mbv1zkby00"))))
(build-system trivial-build-system)
(arguments
'(#:modules ((guix build utils))
#:builder
(begin
(use-modules (guix build utils))
(let* ((xz (assoc-ref %build-inputs "xz"))
(tar (assoc-ref %build-inputs "tar"))
(out (assoc-ref %outputs "out"))
(man (string-append out "/share/man")))
(setenv "PATH" (string-append tar "/bin:" xz "/bin"))
(mkdir-p man)
(with-directory-excursion man
(zero? (system* "tar" "xvf"
(assoc-ref %build-inputs "source"))))))))
(native-inputs `(("tar" ,tar)
("xz" ,xz)))
(home-page (package-home-page git))
(license (package-license git))
(synopsis "Man pages of the Git version control system")
(description
"This package provides the man pages of the Git version control system.
This is the documentation displayed when using the '--help' option of a 'git'
command.")))
(define-public shflags
(package
(name "shflags")

View file

@ -189,28 +189,6 @@ (define-public libdrm
(license license:x11)))
;; old version, required by old mesa, see
;; http://www.mail-archive.com/nouveau@lists.freedesktop.org/msg10098.html
(define-public libdrm-2.4.33
(package (inherit libdrm)
(version "2.4.33")
(source
(origin
(method url-fetch)
(uri (string-append
"http://dri.freedesktop.org/libdrm/libdrm-"
version
".tar.bz2"))
(sha256
(base32
"1slgi61n4dlsfli47ql354fd1ppj7n40jd94wvnsdqx0mna9syrd"))))
(arguments
`(#:configure-flags
;; create libdrm_nouveau.so, needed by mesa, see
;; http://comments.gmane.org/gmane.linux.lfs.beyond.support/43261
`("--enable-nouveau-experimental-api")))))
(define-public mtdev
(package
(name "mtdev")

View file

@ -191,7 +191,7 @@ (define-public perl-xml-simple
(base32
"0jj3jiray1l4pi9wkjcpxjc3v431whdwx5aqnhgdm4i7h3817zsw"))))
(build-system perl-build-system)
(inputs
(propagated-inputs
`(("perl-xml-parser" ,perl-xml-parser)))
(license (package-license perl))
(synopsis "Perl module for easy reading/writing of XML files")

View file

@ -22,6 +22,7 @@ (define-module (gnu packages zip)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu)
#:use-module (gnu packages)
#:use-module (gnu packages compression)
#:use-module (gnu packages perl)
#:use-module (guix build-system perl)
@ -79,7 +80,10 @@ (define-public unzip
(uri (string-append "mirror://sourceforge/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/unzip60.tar.gz"))
(sha256
(base32
"0dxx11knh3nk95p2gg2ak777dd11pr7jx5das2g49l262scrcv83"))))
"0dxx11knh3nk95p2gg2ak777dd11pr7jx5das2g49l262scrcv83"))
(patches (list (search-patch "unzip-CVE-2014-8139.patch")
(search-patch "unzip-CVE-2014-8140.patch")
(search-patch "unzip-CVE-2014-8141.patch")))))
(build-system gnu-build-system)
;; no inputs; bzip2 is not supported, since not compiled with BZ_NO_STDIO
(arguments

View file

@ -130,7 +130,7 @@ (define mount
(let* ((ptr (dynamic-func "mount" (dynamic-link)))
(proc (pointer->procedure int ptr `(* * * ,unsigned-long *))))
(lambda* (source target type #:optional (flags 0) options
#:key (update-mtab? #t))
#:key (update-mtab? #f))
"Mount device SOURCE on TARGET as a file system TYPE. Optionally, FLAGS
may be a bitwise-or of the MS_* <sys/mount.h> constants, and OPTIONS may be a
string. When FLAGS contains MS_REMOUNT, SOURCE and TYPE are ignored. When
@ -159,7 +159,7 @@ (define umount
(let* ((ptr (dynamic-func "umount2" (dynamic-link)))
(proc (pointer->procedure int ptr `(* ,int))))
(lambda* (target #:optional (flags 0)
#:key (update-mtab? #t))
#:key (update-mtab? #f))
"Unmount TARGET. Optionally FLAGS may be one of the MNT_* or UMOUNT_*
constants from <sys/mount.h>."
(let ((ret (proc (string->pointer target) flags))

View file

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -254,9 +254,9 @@ (define* (bytevector->hash-data bv
#:optional
(hash-algo "sha256")
#:key (key-type 'ecc))
"Given BV, a bytevector containing a hash, return an s-expression suitable
for use as the data for 'sign'. KEY-TYPE must be a symbol: 'dsa, 'ecc, or
'rsa."
"Given BV, a bytevector containing a hash of type HASH-ALGO, return an
s-expression suitable for use as the 'data' argument for 'sign'. KEY-TYPE
must be a symbol: 'dsa, 'ecc, or 'rsa."
(string->canonical-sexp
(format #f "(data (flags ~a) (hash \"~a\" #~a#))"
(case key-type
@ -289,8 +289,10 @@ (define sign
(let* ((ptr (libgcrypt-func "gcry_pk_sign"))
(proc (pointer->procedure int ptr '(* * *))))
(lambda (data secret-key)
"Sign DATA (an s-expression) with SECRET-KEY (an s-expression whose car
is 'private-key'.)"
"Sign DATA, a canonical s-expression representing a suitable hash, with
SECRET-KEY (a canonical s-expression whose car is 'private-key'.) Note that
DATA must be a 'data' s-expression, as returned by
'bytevector->hash-data' (info \"(gcrypt) Cryptographic Functions\")."
(let* ((sig (bytevector->pointer (make-bytevector (sizeof '*))))
(err (proc sig (canonical-sexp->pointer data)
(canonical-sexp->pointer secret-key))))

View file

@ -13,6 +13,7 @@
#include <sstream>
#include <algorithm>
#include <limits.h>
#include <time.h>
#include <sys/time.h>
#include <sys/wait.h>

View file

@ -48,7 +48,7 @@ static Path parsePath(std::istream & str)
{
string s = parseString(str);
if (s.size() == 0 || s[0] != '/')
throw Error(format("bad path `%1%' in derivation") % s);
throw FormatError(format("bad path `%1%' in derivation") % s);
return s;
}
@ -62,7 +62,7 @@ static StringSet parseStrings(std::istream & str, bool arePaths)
}
Derivation parseDerivation(const string & s)
static Derivation parseDerivation(const string & s)
{
Derivation drv;
std::istringstream str(s);
@ -112,6 +112,16 @@ Derivation parseDerivation(const string & s)
}
Derivation readDerivation(const Path & drvPath)
{
try {
return parseDerivation(readFile(drvPath));
} catch (FormatError & e) {
throw Error(format("error parsing derivation `%1%': %2%") % drvPath % e.msg());
}
}
static void printString(string & res, const string & s)
{
res += '"';
@ -240,7 +250,7 @@ Hash hashDerivationModulo(StoreAPI & store, Derivation drv)
Hash h = drvHashes[i->first];
if (h.type == htUnknown) {
assert(store.isValidPath(i->first));
Derivation drv2 = parseDerivation(readFile(i->first));
Derivation drv2 = readDerivation(i->first);
h = hashDerivationModulo(store, drv2);
drvHashes[i->first] = h;
}

View file

@ -59,8 +59,8 @@ class StoreAPI;
Path writeDerivation(StoreAPI & store,
const Derivation & drv, const string & name, bool repair = false);
/* Parse a derivation. */
Derivation parseDerivation(const string & s);
/* Read a derivation from a file. */
Derivation readDerivation(const Path & drvPath);
/* Print a derivation. */
string unparseDerivation(const Derivation & drv);

View file

@ -20,6 +20,7 @@
#include <errno.h>
#include <stdio.h>
#include <time.h>
#include <grp.h>
#if HAVE_UNSHARE && HAVE_STATVFS && HAVE_SYS_MOUNT_H
#include <sched.h>
@ -237,7 +238,7 @@ LocalStore::LocalStore(bool reserveSpace)
makeStoreWritable();
createDirs(linksDir = settings.nixStore + "/.links");
Path profilesDir = settings.nixStateDir + "/profiles";
createDirs(settings.nixStateDir + "/profiles");
createDirs(profilesDir);
createDirs(settings.nixStateDir + "/temproots");
createDirs(settings.nixDBPath);
Path gcRootsDir = settings.nixStateDir + "/gcroots";
@ -246,6 +247,32 @@ LocalStore::LocalStore(bool reserveSpace)
createSymlink(profilesDir, gcRootsDir + "/profiles");
}
/* Optionally, create directories and set permissions for a
multi-user install. */
if (getuid() == 0 && settings.buildUsersGroup != "") {
Path perUserDir = profilesDir + "/per-user";
createDirs(perUserDir);
if (chmod(perUserDir.c_str(), 01777) == -1)
throw SysError(format("could not set permissions on `%1%' to 1777") % perUserDir);
struct group * gr = getgrnam(settings.buildUsersGroup.c_str());
if (!gr)
throw Error(format("the group `%1%' specified in `build-users-group' does not exist")
% settings.buildUsersGroup);
struct stat st;
if (stat(settings.nixStore.c_str(), &st))
throw SysError(format("getting attributes of path `%1%'") % settings.nixStore);
if (st.st_uid != 0 || st.st_gid != gr->gr_gid || (st.st_mode & ~S_IFMT) != 01775) {
if (chown(settings.nixStore.c_str(), 0, gr->gr_gid) == -1)
throw SysError(format("changing ownership of path `%1%'") % settings.nixStore);
if (chmod(settings.nixStore.c_str(), 01775) == -1)
throw SysError(format("changing permissions on path `%1%'") % settings.nixStore);
}
}
checkStoreNotSymlink();
/* We can't open a SQLite database if the disk is full. Since
@ -661,7 +688,7 @@ unsigned long long LocalStore::addValidPath(const ValidPathInfo & info, bool che
efficiently query whether a path is an output of some
derivation. */
if (isDerivation(info.path)) {
Derivation drv = parseDerivation(readFile(info.path));
Derivation drv = readDerivation(info.path);
/* Verify that the output paths in the derivation are correct
(i.e., follow the scheme for computing output paths from
@ -1290,7 +1317,7 @@ void LocalStore::registerValidPaths(const ValidPathInfos & infos)
if (isDerivation(i->path)) {
// FIXME: inefficient; we already loaded the
// derivation in addValidPath().
Derivation drv = parseDerivation(readFile(i->path));
Derivation drv = readDerivation(i->path);
checkDerivationOutputs(i->path, drv);
}

View file

@ -6,6 +6,11 @@
#include "util.hh"
#include "pathlocks.hh"
#if HAVE_TR1_UNORDERED_SET
#include <tr1/unordered_set>
#endif
class sqlite3;
class sqlite3_stmt;
@ -29,14 +34,12 @@ struct Derivation;
struct OptimiseStats
{
unsigned long totalFiles;
unsigned long sameContents;
unsigned long filesLinked;
unsigned long long bytesFreed;
unsigned long long blocksFreed;
OptimiseStats()
{
totalFiles = sameContents = filesLinked = 0;
filesLinked = 0;
bytesFreed = blocksFreed = 0;
}
};
@ -303,7 +306,15 @@ private:
void checkDerivationOutputs(const Path & drvPath, const Derivation & drv);
void optimisePath_(OptimiseStats & stats, const Path & path);
#if HAVE_TR1_UNORDERED_SET
typedef std::tr1::unordered_set<ino_t> InodeHash;
#else
typedef std::set<ino_t> InodeHash;
#endif
InodeHash loadInodeHash();
Strings readDirectoryIgnoringInodes(const Path & path, const InodeHash & inodeHash);
void optimisePath_(OptimiseStats & stats, const Path & path, InodeHash & inodeHash);
// Internal versions that are not wrapped in retry_sqlite.
bool isValidPath_(const Path & path);

View file

@ -11,7 +11,7 @@ Derivation derivationFromPath(StoreAPI & store, const Path & drvPath)
{
assertStorePath(drvPath);
store.ensurePath(drvPath);
return parseDerivation(readFile(drvPath));
return readDerivation(drvPath);
}

View file

@ -40,18 +40,66 @@ struct MakeReadOnly
};
void LocalStore::optimisePath_(OptimiseStats & stats, const Path & path)
LocalStore::InodeHash LocalStore::loadInodeHash()
{
printMsg(lvlDebug, "loading hash inodes in memory");
InodeHash inodeHash;
AutoCloseDir dir = opendir(linksDir.c_str());
if (!dir) throw SysError(format("opening directory `%1%'") % linksDir);
struct dirent * dirent;
while (errno = 0, dirent = readdir(dir)) { /* sic */
checkInterrupt();
// We don't care if we hit non-hash files, anything goes
inodeHash.insert(dirent->d_ino);
}
if (errno) throw SysError(format("reading directory `%1%'") % linksDir);
printMsg(lvlTalkative, format("loaded %1% hash inodes") % inodeHash.size());
return inodeHash;
}
Strings LocalStore::readDirectoryIgnoringInodes(const Path & path, const InodeHash & inodeHash)
{
Strings names;
AutoCloseDir dir = opendir(path.c_str());
if (!dir) throw SysError(format("opening directory `%1%'") % path);
struct dirent * dirent;
while (errno = 0, dirent = readdir(dir)) { /* sic */
checkInterrupt();
if (inodeHash.count(dirent->d_ino)) {
printMsg(lvlDebug, format("`%1%' is already linked") % dirent->d_name);
continue;
}
string name = dirent->d_name;
if (name == "." || name == "..") continue;
names.push_back(name);
}
if (errno) throw SysError(format("reading directory `%1%'") % path);
return names;
}
void LocalStore::optimisePath_(OptimiseStats & stats, const Path & path, InodeHash & inodeHash)
{
checkInterrupt();
struct stat st;
if (lstat(path.c_str(), &st))
throw SysError(format("getting attributes of path `%1%'") % path);
if (S_ISDIR(st.st_mode)) {
Strings names = readDirectory(path);
Strings names = readDirectoryIgnoringInodes(path, inodeHash);
foreach (Strings::iterator, i, names)
optimisePath_(stats, path + "/" + *i);
optimisePath_(stats, path + "/" + *i, inodeHash);
return;
}
@ -71,6 +119,12 @@ void LocalStore::optimisePath_(OptimiseStats & stats, const Path & path)
return;
}
/* This can still happen on top-level files */
if (st.st_nlink > 1 && inodeHash.count(st.st_ino)) {
printMsg(lvlDebug, format("`%1%' is already linked, with %2% other file(s).") % path % (st.st_nlink - 2));
return;
}
/* Hash the file. Note that hashPath() returns the hash over the
NAR serialisation, which includes the execute bit on the file.
Thus, executable and non-executable files with the same
@ -81,7 +135,6 @@ void LocalStore::optimisePath_(OptimiseStats & stats, const Path & path)
contents of the symlink (i.e. the result of readlink()), not
the contents of the target (which may not even exist). */
Hash hash = hashPath(htSHA256, path).first;
stats.totalFiles++;
printMsg(lvlDebug, format("`%1%' has hash `%2%'") % path % printHash(hash));
/* Check if this is a known hash. */
@ -89,7 +142,10 @@ void LocalStore::optimisePath_(OptimiseStats & stats, const Path & path)
if (!pathExists(linkPath)) {
/* Nope, create a hard link in the links directory. */
if (link(path.c_str(), linkPath.c_str()) == 0) return;
if (link(path.c_str(), linkPath.c_str()) == 0) {
inodeHash.insert(st.st_ino);
return;
}
if (errno != EEXIST)
throw SysError(format("cannot link `%1%' to `%2%'") % linkPath % path);
/* Fall through if another process created linkPath before
@ -102,7 +158,6 @@ void LocalStore::optimisePath_(OptimiseStats & stats, const Path & path)
if (lstat(linkPath.c_str(), &stLink))
throw SysError(format("getting attributes of path `%1%'") % linkPath);
stats.sameContents++;
if (st.st_ino == stLink.st_ino) {
printMsg(lvlDebug, format("`%1%' is already linked to `%2%'") % path % linkPath);
return;
@ -160,12 +215,13 @@ void LocalStore::optimisePath_(OptimiseStats & stats, const Path & path)
void LocalStore::optimiseStore(OptimiseStats & stats)
{
PathSet paths = queryAllValidPaths();
InodeHash inodeHash = loadInodeHash();
foreach (PathSet::iterator, i, paths) {
addTempRoot(*i);
if (!isValidPath(*i)) continue; /* path was GC'ed, probably */
startNest(nest, lvlChatty, format("hashing files in `%1%'") % *i);
optimisePath_(stats, *i);
optimisePath_(stats, *i, inodeHash);
}
}
@ -173,7 +229,9 @@ void LocalStore::optimiseStore(OptimiseStats & stats)
void LocalStore::optimisePath(const Path & path)
{
OptimiseStats stats;
if (settings.autoOptimiseStore) optimisePath_(stats, path);
InodeHash inodeHash;
if (settings.autoOptimiseStore) optimisePath_(stats, path, inodeHash);
}

View file

@ -104,7 +104,7 @@ static void dump(const Path & path, Sink & sink, PathFilter & filter)
writeString(readLink(path), sink);
}
else throw Error(format("file `%1%' has an unknown type") % path);
else throw Error(format("file `%1%' has an unsupported type") % path);
writeString(")", sink);
}

View file

@ -1041,7 +1041,7 @@ void expect(std::istream & str, const string & s)
char s2[s.size()];
str.read(s2, s.size());
if (string(s2, s.size()) != s)
throw Error(format("expected string `%1%'") % s);
throw FormatError(format("expected string `%1%'") % s);
}

View file

@ -326,6 +326,8 @@ bool hasSuffix(const string & s, const string & suffix);
/* Read string `s' from stream `str'. */
void expect(std::istream & str, const string & s);
MakeError(FormatError, Error)
/* Read a C-style string from stream `str'. */
string parseString(std::istream & str);

View file

@ -1,5 +1,5 @@
# GNU Guix --- Functional package management for GNU
# Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
# Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
# Copyright © 2013 Nikita Karetnikov <nikita@karetnikov.org>
#
# This file is part of GNU Guix.
@ -289,10 +289,29 @@ GUIX_PACKAGE_PATH="$module_dir"
export GUIX_PACKAGE_PATH
guix package -A emacs-foo-bar | grep 42
guix package -i emacs-foo-bar-42 -n
# Make sure patches that live under $GUIX_PACKAGE_PATH are found.
cat > "$module_dir/emacs.patch"<<EOF
This is a fake patch.
EOF
cat > "$module_dir/foo.scm"<<EOF
(define-module (foo)
#:use-module (guix packages)
#:use-module (gnu packages)
#:use-module (gnu packages emacs))
(define-public x
(package (inherit emacs)
(source (origin (inherit (package-source emacs))
(patches (list (search-patch "emacs.patch")))))
(name "emacs-foo-bar-patched")
(version "42")))
EOF
guix package -i emacs-foo-bar-patched -n
unset GUIX_PACKAGE_PATH
# Using 'GUIX_BUILD_OPTIONS'.
available="`guix package -A | sort`"
GUIX_BUILD_OPTIONS="--dry-run"
export GUIX_BUILD_OPTIONS