From 22140b27f2d38dc9c52ffd7d0a7e8da932f0d67c Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@darmstadt.ccc.de>
Date: Sun, 8 Nov 2020 14:29:58 +0100
Subject: [PATCH] librdf_raptor2: add patch for CVE-2017-18926

Fixes two heap overflows in the raptor2 rdf parsing library.

https://www.openwall.com/lists/oss-security/2017/06/07/1
---
 pkgs/development/libraries/librdf/raptor2.nix | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/librdf/raptor2.nix b/pkgs/development/libraries/librdf/raptor2.nix
index b4141d4ff079..4645b5ea0d83 100644
--- a/pkgs/development/libraries/librdf/raptor2.nix
+++ b/pkgs/development/libraries/librdf/raptor2.nix
@@ -1,13 +1,22 @@
 { stdenv, fetchurl, libxml2, libxslt }:
 
 stdenv.mkDerivation rec {
-  name = "raptor2-2.0.15";
+  pname = "raptor2";
+  version = "2.0.15";
 
   src = fetchurl {
-    url = "http://download.librdf.org/source/${name}.tar.gz";
+    url = "http://download.librdf.org/source/${pname}-${version}.tar.gz";
     sha256 = "ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed";
   };
 
+  patches = [
+    (fetchurl {
+      name = "CVE-2017-18926.patch";
+      url = "https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f.patch";
+      sha256 = "1qlpb5rm3j2yi0x6zgdi5apymg5zlvwq3g1zl417gkjrlvxmndgp";
+    })
+  ];
+
   buildInputs = [ libxml2 libxslt ];
 
   postInstall = "rm -rvf $out/share/gtk-doc";