openslp: Fix CVE-2016-4912

adisbladis · adisbladis · commit ecc8eb60ab97 · 2018-01-07T04:27:36.000+08:00
(cherry picked from commit 1aca02b)
diff --git a/pkgs/development/libraries/openslp/CVE-2016-4912.patch b/pkgs/development/libraries/openslp/CVE-2016-4912.patch
@@ -0,0 +1,11 @@
+--- a/common/slp_xmalloc.c
++++ b/common/slp_xmalloc.c
+@@ -206,7 +206,7 @@ void * _xrealloc(const char * file, int line, void * ptr, size_t size)
+          if (newptr == 0)
+             return 0;
+          memcpy(newptr, ptr, x->size);
+-         _xfree(file, line, x);
++         _xfree(file, line, ptr);
+       }
+       return newptr;
+    }
diff --git a/pkgs/development/libraries/openslp/default.nix b/pkgs/development/libraries/openslp/default.nix
@@ -19,6 +19,7 @@ stdenv.mkDerivation {
       url = "https://src.fedoraproject.org/cgit/rpms/openslp.git/plain/openslp-2.0.0-cve-2016-7567.patch";
       sha256 = "0zp61axx93b7nrbsyhn2x4dnw7n9y6g4rys21hyqxk4khrnc2yr9";
     })
+    ./CVE-2016-4912.patch
   ];
 
   meta = with stdenv.lib; {
