From 4fd6cb7abdac13dcb70651dabc33c03f5bc9b16e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <v@cunat.cz>
Date: Sat, 22 Jun 2019 11:53:12 +0200
Subject: [PATCH] bzip2: patch CVE-2019-12900

The vulnerability seems quite serious.
It isn't practical to use fetchpatch here due to bootstrapping,
so I just committed the small patch file.
---
 pkgs/tools/compression/bzip2/cve-2019-12900.patch | 13 +++++++++++++
 pkgs/tools/compression/bzip2/default.nix          |  1 +
 2 files changed, 14 insertions(+)
 create mode 100644 pkgs/tools/compression/bzip2/cve-2019-12900.patch

diff --git a/pkgs/tools/compression/bzip2/cve-2019-12900.patch b/pkgs/tools/compression/bzip2/cve-2019-12900.patch
new file mode 100644
index 000000000000..bf3d13a7a691
--- /dev/null
+++ b/pkgs/tools/compression/bzip2/cve-2019-12900.patch
@@ -0,0 +1,13 @@
+https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d
+diff --git a/decompress.c b/decompress.c
+--- a/decompress.c
++++ b/decompress.c
+@@ -287,7 +287,7 @@
+       GET_BITS(BZ_X_SELECTOR_1, nGroups, 3);
+       if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR);
+       GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15);
+-      if (nSelectors < 1) RETURN(BZ_DATA_ERROR);
++      if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR);
+       for (i = 0; i < nSelectors; i++) {
+          j = 0;
+          while (True) {
diff --git a/pkgs/tools/compression/bzip2/default.nix b/pkgs/tools/compression/bzip2/default.nix
index ffdbcf463eab..a0ec6c07055b 100644
--- a/pkgs/tools/compression/bzip2/default.nix
+++ b/pkgs/tools/compression/bzip2/default.nix
@@ -22,6 +22,7 @@ stdenv.mkDerivation rec {
 
   patches = [
     ./CVE-2016-3189.patch
+    ./cve-2019-12900.patch
   ];
 
   postPatch = ''