jshon: fix null termination in read_stream.

This fixes a somewhat critical (security?) bug. We are trying to get it merged upstream but have had no response from the ordinary maintainer in over a week. (See <keenerd/jshon#53>.) fixes #23727
NixOS · Mar 16, 2017 · 5d6ea2d · 5d6ea2d
1 parent b3c14bb
commit 5d6ea2d
Showing 1 changed file with 12 additions and 3 deletions.
diff --git a/pkgs/development/tools/parsing/jshon/default.nix b/pkgs/development/tools/parsing/jshon/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchFromGitHub, jansson }:
+{ stdenv, lib, fetchFromGitHub, fetchpatch, jansson }:
 
 stdenv.mkDerivation rec {
   name = "jshon-20140712";
@@ -12,14 +12,23 @@ stdenv.mkDerivation rec {
     repo = "jshon";
   };
 
+  patches = [
+    # Fix null termination in read_stream.
+    # https://github.com/keenerd/jshon/issues/53
+    (fetchpatch {
+      url = https://github.com/mbrock/jshon/commit/32288dd186573ceb58164f30be1782d4580466d8.patch;
+      sha256 = "04rss2nprl9nqblc7smq0477n54hm801xgnnmvyzni313i1n6vhl";
+    })
+  ];
+
   buildInputs = [ jansson ];
 
-  patchPhase = 
+  patchPhase =
     ''
       substituteInPlace Makefile --replace "/usr/" "/"
     '';
 
-  preInstall = 
+  preInstall =
     ''
       export DESTDIR=$out
     '';