fcgi: Patch to protect against stack smashing

This commit is contained in:
Graham Christensen 2016-09-24 07:21:15 -04:00
parent a63ca1bf3d
commit da6b9f47e9
No known key found for this signature in database
GPG Key ID: FE918C3A98C1030F

View File

@ -1,14 +1,24 @@
{ stdenv, fetchurl }:
{ stdenv, fetchurl, fetchpatch }:
stdenv.mkDerivation rec {
name = "fcgi-2.4.0";
name = "fcgi-${version}";
version = "2.4.0";
src = fetchurl {
url = "http://www.fastcgi.com/dist/${name}.tar.gz";
url = "https://launchpad.net/debian/+archive/primary/+files/libfcgi_${version}.orig.tar.gz";
# url = "http://www.fastcgi.com/dist/${name}.tar.gz";
sha256 = "1f857wnl1d6jfrgfgfpz3zdaj8fch3vr13mnpcpvy8bang34bz36";
};
patches = [ ./gcc-4.4.diff ];
patches = [
./gcc-4.4.diff
(fetchpatch {
# Fix a stack-smashing bug:
# xhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681591
url = "https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417/+attachment/2745025/+files/poll.patch";
sha256 = "0v3gw0smjvrxh1bv3zx9xp633gbv5dd5bcn3ipj6ckqjyv4i6i7m";
})
];
postInstall = "ln -s . $out/include/fastcgi";