nixpkgs/pkgs/tools/archivers/cpio/default.nix

{ stdenv, fetchurl, fetchpatch }:

let
  version = "2.12";
  name = "cpio-${version}";
in stdenv.mkDerivation {
  inherit name;

  src = fetchurl {
    url = "mirror://gnu/cpio/${name}.tar.bz2";
    sha256 = "0vi9q475h1rki53100zml75vxsykzyhrn70hidy41s5c2rc8r6bh";
  };

  patches = [
    (fetchpatch {
      name = "CVE-2015-1197-cpio-2.12.patch";
      url = "https://gist.github.com/nckx/70b0bfa80ddfb86c2967/"
        + "raw/e9b40d4d4b701f584f826775b75beb10751dc884/"
        + "CVE-2015-1197-cpio-2.12.patch";
      sha256 = "0ph43m4lavwkc4gnl5h9p3da4kb1pnhwk5l2qsky70dqri8pcr8v";
    })

    # Report: http://www.openwall.com/lists/oss-security/2016/01/19/4
    # Patch from https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html
    ./CVE-2016-2037-out-of-bounds-write.patch
  ];

  preConfigure = if stdenv.isCygwin then ''
    sed -i gnu/fpending.h -e 's,include <stdio_ext.h>,,'
  '' else null;

  enableParallelBuilding = true;

  meta = with stdenv.lib; {
    homepage = https://www.gnu.org/software/cpio/;
    description = "A program to create or extract from cpio archives";
    license = licenses.gpl3;
    platforms = platforms.all;
    priority = 6; # resolves collision with gnutar's "libexec/rmt"
  };
}
cpio: fix CVE-2014-9112 by Fedora patch 2014-12-10 18:20:28 +00:00			`{ stdenv, fetchurl, fetchpatch }:`
add cpio svn path=/nixpkgs/trunk/; revision=3752 2005-08-30 14:56:15 +01:00
cpio: 2.11 -> 2.12 Enable tests (which may fail on Darwin, another reason to stage this). 2015-09-18 05:04:49 +01:00			`let`
			`version = "2.12";`
			`name = "cpio-${version}";`
			`in stdenv.mkDerivation {`
			`inherit name;`
cpio: fix build without gets 2013-03-20 22:01:36 +00:00
add cpio svn path=/nixpkgs/trunk/; revision=3752 2005-08-30 14:56:15 +01:00			`src = fetchurl {`
cpio: 2.11 -> 2.12 Enable tests (which may fail on Darwin, another reason to stage this). 2015-09-18 05:04:49 +01:00			`url = "mirror://gnu/cpio/${name}.tar.bz2";`
			`sha256 = "0vi9q475h1rki53100zml75vxsykzyhrn70hidy41s5c2rc8r6bh";`
add cpio svn path=/nixpkgs/trunk/; revision=3752 2005-08-30 14:56:15 +01:00			`};`
* cpio: apply a patch from Gentoo to make it build on GCC 4.3. svn path=/nixpkgs/branches/stdenv-updates/; revision=14046 2009-02-12 19:04:44 +00:00
cpio: unbundle patch (fetch from my GitHub acct.) 2015-09-18 05:09:04 +01:00			`patches = [`
			`(fetchpatch {`
			`name = "CVE-2015-1197-cpio-2.12.patch";`
			`url = "https://gist.github.com/nckx/70b0bfa80ddfb86c2967/"`
			`+ "raw/e9b40d4d4b701f584f826775b75beb10751dc884/"`
			`+ "CVE-2015-1197-cpio-2.12.patch";`
			`sha256 = "0ph43m4lavwkc4gnl5h9p3da4kb1pnhwk5l2qsky70dqri8pcr8v";`
			`})`
cpio: patch CVE-2016-2037, out of bounds write (close #13489) 2016-02-26 15:50:24 +00:00
			`# Report: http://www.openwall.com/lists/oss-security/2016/01/19/4`
			`# Patch from https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html`
			`./CVE-2016-2037-out-of-bounds-write.patch`
cpio: unbundle patch (fetch from my GitHub acct.) 2015-09-18 05:09:04 +01:00			`];`
cpio: fix CVE-2015-1197 by Suse patch 2015-02-26 20:24:45 +00:00
cygwin: cpio fpending 2014-10-23 19:10:12 +01:00			`preConfigure = if stdenv.isCygwin then ''`
			`sed -i gnu/fpending.h -e 's,include <stdio_ext.h>,,'`
			`'' else null;`

cpio: 2.11 -> 2.12 Enable tests (which may fail on Darwin, another reason to stage this). 2015-09-18 05:04:49 +01:00			`enableParallelBuilding = true;`

cpio: add license 2018-08-15 19:20:08 +01:00			`meta = with stdenv.lib; {`
Treewide: use HTTPS on GNU domains HTTP -> HTTPS for : - http://gnu.org/ - http://www.gnu.org/ - http://elpa.gnu.org/ - http://lists.gnu.org/ - http://gcc.gnu.org/ - http://ftp.gnu.org/ (except in fetchurl mirrors) - http://bugs.gnu.org/ 2018-12-01 18:22:13 +00:00			`homepage = https://www.gnu.org/software/cpio/;`
pkgs/tools/archivers/cpio: revert to version 2.9 The latest version, 2.11, doesn't compile on Darwin. The build expression for 2.11 is still still available in "latest.nix". svn path=/nixpkgs/trunk/; revision=22923 2010-08-03 11:55:58 +01:00			`description = "A program to create or extract from cpio archives";`
cpio: add license 2018-08-15 19:20:08 +01:00			`license = licenses.gpl3;`
			`platforms = platforms.all;`
buildEnv: Support package priorities like nix-env This gets rid of a bunch of collision warnings. 2015-08-24 23:37:54 +01:00			`priority = 6; # resolves collision with gnutar's "libexec/rmt"`
* cpio: apply a patch from Gentoo to make it build on GCC 4.3. svn path=/nixpkgs/branches/stdenv-updates/; revision=14046 2009-02-12 19:04:44 +00:00			`};`
add cpio svn path=/nixpkgs/trunk/; revision=3752 2005-08-30 14:56:15 +01:00			`}`