From 22bd2ab6247c42c3dbf9221d6f3a509c8291cd94 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Sat, 13 Apr 2024 14:22:06 +0200
Subject: [PATCH] less: apply patch for security issue when opening files with
 \n in paths

https://www.openwall.com/lists/oss-security/2024/04/12/5
---
 pkgs/by-name/le/less/package.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pkgs/by-name/le/less/package.nix b/pkgs/by-name/le/less/package.nix
index 1efce2bddefc..f7791a2636eb 100644
--- a/pkgs/by-name/le/less/package.nix
+++ b/pkgs/by-name/le/less/package.nix
@@ -1,6 +1,7 @@
 { lib
 , stdenv
 , fetchurl
+, fetchpatch
 , ncurses
 , pcre2
 }:
@@ -16,6 +17,15 @@ stdenv.mkDerivation (finalAttrs: {
     hash = "sha256-KRG1QyyDb6CEyKLmj2zWMSNywCalj6qpiGJzHItgUug=";
   };
 
+  patches = [
+    (fetchpatch {
+      # https://www.openwall.com/lists/oss-security/2024/04/12/5
+      name = "sec-issue-newline-path.patch";
+      url = "https://gitlab.archlinux.org/archlinux/packaging/packages/less/-/raw/1d570db0c84fe95799f460526492e45e24c30ad0/backport-007521ac3c95bc76.patch";
+      hash = "sha256-BT8DLIu7oVhL5XL50uFVUp97qjklcvRHy85UQwVKAmc=";
+    })
+  ];
+
   buildInputs = [
     ncurses
     pcre2