From f76ffea2429ed986b56826387166bd2793db0e76 Mon Sep 17 00:00:00 2001 From: Vinicius Monego Date: Sun, 25 Apr 2021 03:26:02 +0000 Subject: gnu: Add python-orange-canvas-core. * gnu/packages/orange.scm: New file. * gnu/packages/local.mk (GNU_SYSTEM_MODULES): Add it. Signed-off-by: Leo Famulari --- gnu/local.mk | 1 + 1 file changed, 1 insertion(+) (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 50b11a8ca2..e8b6effb36 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -420,6 +420,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/openldap.scm \ %D%/packages/openpgp.scm \ %D%/packages/openstack.scm \ + %D%/packages/orange.scm \ %D%/packages/orpheus.scm \ %D%/packages/ots.scm \ %D%/packages/package-management.scm \ -- cgit v1.2.3 From 0cb4ef1c7f8b2f14f1dfa588949fb16b918731c5 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 27 Apr 2021 00:19:42 -0400 Subject: gnu: GIMP: Update to 2.10.24. * gnu/packages/gimp.scm (gimp): Update to 2.10.24. [source]: Remove obsolete patch 'gimp-make-gegl-introspect-optional.patch'. * gnu/packages/patches/gimp-make-gegl-introspect-optional.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/gimp.scm | 5 +-- .../gimp-make-gegl-introspect-optional.patch | 43 ---------------------- 3 files changed, 2 insertions(+), 47 deletions(-) delete mode 100644 gnu/packages/patches/gimp-make-gegl-introspect-optional.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index e8b6effb36..c4d757bc89 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1085,7 +1085,6 @@ dist_patch_DATA = \ %D%/packages/patches/ghostscript-no-header-id.patch \ %D%/packages/patches/ghostscript-no-header-uuid.patch \ %D%/packages/patches/ghostscript-no-header-creationdate.patch \ - %D%/packages/patches/gimp-make-gegl-introspect-optional.patch \ %D%/packages/patches/glib-appinfo-watch.patch \ %D%/packages/patches/glib-tests-timer.patch \ %D%/packages/patches/glib-CVE-2021-27218.patch \ diff --git a/gnu/packages/gimp.scm b/gnu/packages/gimp.scm index f8ffe19433..2da57ee8ee 100644 --- a/gnu/packages/gimp.scm +++ b/gnu/packages/gimp.scm @@ -269,7 +269,7 @@ buffers.") (define-public gimp (package (name "gimp") - (version "2.10.22") + (version "2.10.24") (source (origin (method url-fetch) @@ -277,8 +277,7 @@ buffers.") (version-major+minor version) "/gimp-" version ".tar.bz2")) (sha256 - (base32 "1fqqyshakvdarf1jipk2n33ibqr23ni22z3d8srq13bpydblpf1d")) - (patches (search-patches "gimp-make-gegl-introspect-optional.patch")))) + (base32 "17lq6ns5qhspd171zqh76yf98xnn5n0hcl7hbhbx63cc6ribf6xx")))) (build-system gnu-build-system) (outputs '("out" "doc")) ; 9 MiB of gtk-doc HTML diff --git a/gnu/packages/patches/gimp-make-gegl-introspect-optional.patch b/gnu/packages/patches/gimp-make-gegl-introspect-optional.patch deleted file mode 100644 index 4dd1ab74a8..0000000000 --- a/gnu/packages/patches/gimp-make-gegl-introspect-optional.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 2cae9b9acf9da98c4c9990819ffbd5aabe23017e Mon Sep 17 00:00:00 2001 -From: Jehan -Date: Mon, 14 Dec 2020 19:53:38 +0100 -Subject: [PATCH] app: make "gegl:introspect" an optional operation dependency. - -Check at runtime for the operation availability and set the "Show Image -Graph" action active depending on this check. - -This goes with discussions to make this operation optional with a -runtime check for the tool `dot`. -See: https://gitlab.gnome.org/GNOME/gegl/-/merge_requests/84 ---- - app/actions/debug-actions.c | 6 ++++++ - app/sanity.c | 1 - - 2 files changed, 6 insertions(+), 1 deletion(-) - -diff --git a/app/actions/debug-actions.c b/app/actions/debug-actions.c -index 6be4422b228..22ca38b15ea 100644 ---- a/app/actions/debug-actions.c -+++ b/app/actions/debug-actions.c -@@ -103,4 +103,10 @@ void - debug_actions_update (GimpActionGroup *group, - gpointer data) - { -+#define SET_SENSITIVE(action,condition) \ -+ gimp_action_group_set_action_sensitive (group, action, (condition) != 0) -+ -+ SET_SENSITIVE ("debug-show-image-graph", gegl_has_operation ("gegl:introspect")); -+ -+#undef SET_SENSITIVE - } -diff --git a/app/sanity.c b/app/sanity.c -index 015801a396e..6374ac1ad20 100644 ---- a/app/sanity.c -+++ b/app/sanity.c -@@ -650,7 +650,6 @@ sanity_check_gegl_ops (void) - "gegl:hue-chroma", - "gegl:illusion", - "gegl:image-gradient", -- "gegl:introspect", - "gegl:invert-gamma", - "gegl:invert-linear", - "gegl:lens-blur", -- cgit v1.2.3 From c48b8fed25c6f9bca95bbae9f85e333be70a6ee0 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 24 Apr 2021 13:56:56 -0400 Subject: gnu: gst-plugins-good: Fix CVE-2021-3497 and CVE-2021-3498. * gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch, gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/gstreamer.scm (gst-plugins-good)[source]: Use them. --- gnu/local.mk | 2 + gnu/packages/gstreamer.scm | 4 +- .../patches/gst-plugins-good-CVE-2021-3497.patch | 174 +++++++++++++++++++++ .../patches/gst-plugins-good-CVE-2021-3498.patch | 22 +++ 4 files changed, 201 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch create mode 100644 gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index c4d757bc89..ed3f0d48f7 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1170,6 +1170,8 @@ dist_patch_DATA = \ %D%/packages/patches/grub-verifiers-Blocklist-fallout-cleanup.patch \ %D%/packages/patches/gspell-dash-test.patch \ %D%/packages/patches/gst-plugins-good-fix-test.patch \ + %D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \ + %D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \ %D%/packages/patches/guile-1.8-cpp-4.5.patch \ %D%/packages/patches/guile-2.2-skip-oom-test.patch \ %D%/packages/patches/guile-2.2-skip-so-test.patch \ diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 6a4e14167d..6a050ca297 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -591,7 +591,9 @@ for the GStreamer multimedia library.") (string-append "https://gstreamer.freedesktop.org/src/" name "/" name "-" version ".tar.xz")) - (patches (search-patches "gst-plugins-good-fix-test.patch")) + (patches (search-patches "gst-plugins-good-fix-test.patch" + "gst-plugins-good-CVE-2021-3497.patch" + "gst-plugins-good-CVE-2021-3498.patch")) (sha256 (base32 "1929nhjsvbl4bw37nfagnfsnxz737cm2x3ayz9ayrn9lwkfm45zp")))) (build-system meson-build-system) diff --git a/gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch b/gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch new file mode 100644 index 0000000000..c8c3ee6cf1 --- /dev/null +++ b/gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch @@ -0,0 +1,174 @@ +Fix CVE-2021-3497: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3497 +https://gstreamer.freedesktop.org/security/sa-2021-0002.html + +Patch copied from upstream source repository: + +https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/commit/9181191511f9c0be6a89c98b311f49d66bd46dc3?merge_request_iid=903 + +diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c +index 467815986c8c3d86fd8906a0d539b34f67d6693e..0e47ee7b5e25ac3331f30439710ae755235f2a22 100644 +--- a/gst/matroska/matroska-demux.c ++++ b/gst/matroska/matroska-demux.c +@@ -3851,6 +3851,12 @@ gst_matroska_demux_add_wvpk_header (GstElement * element, + guint32 block_samples, tmp; + gsize size = gst_buffer_get_size (*buf); + ++ if (size < 4) { ++ GST_ERROR_OBJECT (element, "Too small wavpack buffer"); ++ gst_buffer_unmap (*buf, &map); ++ return GST_FLOW_ERROR; ++ } ++ + gst_buffer_extract (*buf, 0, &tmp, sizeof (guint32)); + block_samples = GUINT32_FROM_LE (tmp); + /* we need to reconstruct the header of the wavpack block */ +@@ -3858,10 +3864,10 @@ gst_matroska_demux_add_wvpk_header (GstElement * element, + /* -20 because ck_size is the size of the wavpack block -8 + * and lace_size is the size of the wavpack block + 12 + * (the three guint32 of the header that already are in the buffer) */ +- wvh.ck_size = size + sizeof (Wavpack4Header) - 20; ++ wvh.ck_size = size + WAVPACK4_HEADER_SIZE - 20; + + /* block_samples, flags and crc are already in the buffer */ +- newbuf = gst_buffer_new_allocate (NULL, sizeof (Wavpack4Header) - 12, NULL); ++ newbuf = gst_buffer_new_allocate (NULL, WAVPACK4_HEADER_SIZE - 12, NULL); + + gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE); + data = outmap.data; +@@ -3886,9 +3892,11 @@ gst_matroska_demux_add_wvpk_header (GstElement * element, + audiocontext->wvpk_block_index += block_samples; + } else { + guint8 *outdata = NULL; +- guint outpos = 0; +- gsize buf_size, size, out_size = 0; ++ gsize buf_size, size; + guint32 block_samples, flags, crc, blocksize; ++ GstAdapter *adapter; ++ ++ adapter = gst_adapter_new (); + + gst_buffer_map (*buf, &map, GST_MAP_READ); + buf_data = map.data; +@@ -3897,6 +3905,7 @@ gst_matroska_demux_add_wvpk_header (GstElement * element, + if (buf_size < 4) { + GST_ERROR_OBJECT (element, "Too small wavpack buffer"); + gst_buffer_unmap (*buf, &map); ++ g_object_unref (adapter); + return GST_FLOW_ERROR; + } + +@@ -3918,59 +3927,57 @@ gst_matroska_demux_add_wvpk_header (GstElement * element, + data += 4; + size -= 4; + +- if (blocksize == 0 || size < blocksize) +- break; +- +- g_assert ((newbuf == NULL) == (outdata == NULL)); ++ if (blocksize == 0 || size < blocksize) { ++ GST_ERROR_OBJECT (element, "Too small wavpack buffer"); ++ gst_buffer_unmap (*buf, &map); ++ g_object_unref (adapter); ++ return GST_FLOW_ERROR; ++ } + +- if (newbuf == NULL) { +- out_size = sizeof (Wavpack4Header) + blocksize; +- newbuf = gst_buffer_new_allocate (NULL, out_size, NULL); ++ g_assert (newbuf == NULL); + +- gst_buffer_copy_into (newbuf, *buf, +- GST_BUFFER_COPY_TIMESTAMPS | GST_BUFFER_COPY_FLAGS, 0, -1); ++ newbuf = ++ gst_buffer_new_allocate (NULL, WAVPACK4_HEADER_SIZE + blocksize, ++ NULL); ++ gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE); ++ outdata = outmap.data; ++ ++ outdata[0] = 'w'; ++ outdata[1] = 'v'; ++ outdata[2] = 'p'; ++ outdata[3] = 'k'; ++ outdata += 4; ++ ++ GST_WRITE_UINT32_LE (outdata, blocksize + WAVPACK4_HEADER_SIZE - 8); ++ GST_WRITE_UINT16_LE (outdata + 4, wvh.version); ++ GST_WRITE_UINT8 (outdata + 6, wvh.track_no); ++ GST_WRITE_UINT8 (outdata + 7, wvh.index_no); ++ GST_WRITE_UINT32_LE (outdata + 8, wvh.total_samples); ++ GST_WRITE_UINT32_LE (outdata + 12, wvh.block_index); ++ GST_WRITE_UINT32_LE (outdata + 16, block_samples); ++ GST_WRITE_UINT32_LE (outdata + 20, flags); ++ GST_WRITE_UINT32_LE (outdata + 24, crc); ++ outdata += 28; ++ ++ memcpy (outdata, data, blocksize); + +- outpos = 0; +- gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE); +- outdata = outmap.data; +- } else { +- gst_buffer_unmap (newbuf, &outmap); +- out_size += sizeof (Wavpack4Header) + blocksize; +- gst_buffer_set_size (newbuf, out_size); +- gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE); +- outdata = outmap.data; +- } ++ gst_buffer_unmap (newbuf, &outmap); ++ gst_adapter_push (adapter, newbuf); ++ newbuf = NULL; + +- outdata[outpos] = 'w'; +- outdata[outpos + 1] = 'v'; +- outdata[outpos + 2] = 'p'; +- outdata[outpos + 3] = 'k'; +- outpos += 4; +- +- GST_WRITE_UINT32_LE (outdata + outpos, +- blocksize + sizeof (Wavpack4Header) - 8); +- GST_WRITE_UINT16_LE (outdata + outpos + 4, wvh.version); +- GST_WRITE_UINT8 (outdata + outpos + 6, wvh.track_no); +- GST_WRITE_UINT8 (outdata + outpos + 7, wvh.index_no); +- GST_WRITE_UINT32_LE (outdata + outpos + 8, wvh.total_samples); +- GST_WRITE_UINT32_LE (outdata + outpos + 12, wvh.block_index); +- GST_WRITE_UINT32_LE (outdata + outpos + 16, block_samples); +- GST_WRITE_UINT32_LE (outdata + outpos + 20, flags); +- GST_WRITE_UINT32_LE (outdata + outpos + 24, crc); +- outpos += 28; +- +- memmove (outdata + outpos, data, blocksize); +- outpos += blocksize; + data += blocksize; + size -= blocksize; + } + gst_buffer_unmap (*buf, &map); +- gst_buffer_unref (*buf); + +- if (newbuf) +- gst_buffer_unmap (newbuf, &outmap); ++ newbuf = gst_adapter_take_buffer (adapter, gst_adapter_available (adapter)); ++ g_object_unref (adapter); + ++ gst_buffer_copy_into (newbuf, *buf, ++ GST_BUFFER_COPY_TIMESTAMPS | GST_BUFFER_COPY_FLAGS, 0, -1); ++ gst_buffer_unref (*buf); + *buf = newbuf; ++ + audiocontext->wvpk_block_index += block_samples; + } + +diff --git a/gst/matroska/matroska-ids.h b/gst/matroska/matroska-ids.h +index 429213f778063ba0063944ab64ad60373bbce5ee..8d4a685a910ec13100a3c3d156b2412d28ec0522 100644 +--- a/gst/matroska/matroska-ids.h ++++ b/gst/matroska/matroska-ids.h +@@ -688,6 +688,8 @@ typedef struct _Wavpack4Header { + guint32 crc; /* crc for actual decoded data */ + } Wavpack4Header; + ++#define WAVPACK4_HEADER_SIZE (32) ++ + typedef enum { + GST_MATROSKA_TRACK_ENCODING_SCOPE_FRAME = (1<<0), + GST_MATROSKA_TRACK_ENCODING_SCOPE_CODEC_DATA = (1<<1), diff --git a/gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch b/gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch new file mode 100644 index 0000000000..50eb42f126 --- /dev/null +++ b/gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch @@ -0,0 +1,22 @@ +Fix CVE-2021-3498: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3498 +https://gstreamer.freedesktop.org/security/sa-2021-0003.html + +Patch copied from upstream source repository: + +https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/commit/02174790726dd20a5c73ce2002189bf240ad4fe0?merge_request_iid=903 + +diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c +index 4d0234743b8cf243b4521e56ef9027ba23b1b5d0..467815986c8c3d86fd8906a0d539b34f67d6693e 100644 +--- a/gst/matroska/matroska-demux.c ++++ b/gst/matroska/matroska-demux.c +@@ -692,6 +692,8 @@ gst_matroska_demux_parse_stream (GstMatroskaDemux * demux, GstEbmlRead * ebml, + + DEBUG_ELEMENT_START (demux, ebml, "TrackEntry"); + ++ *dest_context = NULL; ++ + /* start with the master */ + if ((ret = gst_ebml_read_master (ebml, &id)) != GST_FLOW_OK) { + DEBUG_ELEMENT_STOP (demux, ebml, "TrackEntry", ret); -- cgit v1.2.3 From 46a65b5a3d6b89313072567694b769b130758516 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 24 Apr 2021 14:24:19 -0400 Subject: gnu: gst-libav: Fix a stack corruption bug. * gnu/packages/patches/gst-libav-64channels-stack-corruption.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gstreamer.scm (gst-libav)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/gstreamer.scm | 1 + .../gst-libav-64channels-stack-corruption.patch | 31 ++++++++++++++++++++++ 3 files changed, 33 insertions(+) create mode 100644 gnu/packages/patches/gst-libav-64channels-stack-corruption.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index ed3f0d48f7..5e02e0cd47 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1169,6 +1169,7 @@ dist_patch_DATA = \ %D%/packages/patches/grub-setup-root.patch \ %D%/packages/patches/grub-verifiers-Blocklist-fallout-cleanup.patch \ %D%/packages/patches/gspell-dash-test.patch \ + %D%/packages/patches/gst-libav-64channels-stack-corruption.patch \ %D%/packages/patches/gst-plugins-good-fix-test.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \ diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 6a050ca297..81ac0a2f5f 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -851,6 +851,7 @@ think twice about shipping them.") (string-append "https://gstreamer.freedesktop.org/src/" name "/" name "-" version ".tar.xz")) + (patches (search-patches "gst-libav-64channels-stack-corruption.patch")) (sha256 (base32 "0jbzams9ggk3sq9ywv4gsl9rghyn203l2582m6l5c1sz9ka9m5in")))) (build-system meson-build-system) diff --git a/gnu/packages/patches/gst-libav-64channels-stack-corruption.patch b/gnu/packages/patches/gst-libav-64channels-stack-corruption.patch new file mode 100644 index 0000000000..cc174e618d --- /dev/null +++ b/gnu/packages/patches/gst-libav-64channels-stack-corruption.patch @@ -0,0 +1,31 @@ +Fix a stack corruption when handling files with more than 64 audio +channels: + +https://gstreamer.freedesktop.org/security/sa-2021-0005.html + +Patch copied from upstream source repository: + +https://gitlab.freedesktop.org/gstreamer/gst-libav/-/commit/dcea8baa14a5fc3b796d876baaf2f238546ba2b1 + +diff --git a/ext/libav/gstavcodecmap.c b/ext/libav/gstavcodecmap.c +index b5be4bb7a5f2712f78383da9319754a8849e3307..be22f22cf5c7c7b22b13e44b10999adaacbcca2b 100644 +--- a/ext/libav/gstavcodecmap.c ++++ b/ext/libav/gstavcodecmap.c +@@ -102,7 +102,7 @@ gst_ffmpeg_channel_layout_to_gst (guint64 channel_layout, gint channels, + guint nchannels = 0; + gboolean none_layout = FALSE; + +- if (channel_layout == 0) { ++ if (channel_layout == 0 || channels > 64) { + nchannels = channels; + none_layout = TRUE; + } else { +@@ -163,7 +163,7 @@ gst_ffmpeg_channel_layout_to_gst (guint64 channel_layout, gint channels, + } else { + guint i; + +- for (i = 0; i < nchannels; i++) ++ for (i = 0; i < nchannels && i < 64; i++) + pos[i] = GST_AUDIO_CHANNEL_POSITION_NONE; + } + } -- cgit v1.2.3 From 163693f8e9812fde7c3ad6ffb029c0e986ddba79 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 24 Apr 2021 14:32:58 -0400 Subject: gnu: gst-plugins-bad: Fix an overflow when processing video files. * gnu/packages/patches/gst-plugins-bad-fix-overflow.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gstreamer.scm (gst-plugins-bad)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/gstreamer.scm | 1 + .../patches/gst-plugins-bad-fix-overflow.patch | 263 +++++++++++++++++++++ 3 files changed, 265 insertions(+) create mode 100644 gnu/packages/patches/gst-plugins-bad-fix-overflow.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 5e02e0cd47..99f2f8b067 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1170,6 +1170,7 @@ dist_patch_DATA = \ %D%/packages/patches/grub-verifiers-Blocklist-fallout-cleanup.patch \ %D%/packages/patches/gspell-dash-test.patch \ %D%/packages/patches/gst-libav-64channels-stack-corruption.patch \ + %D%/packages/patches/gst-plugins-bad-fix-overflow.patch \ %D%/packages/patches/gst-plugins-good-fix-test.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \ diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 81ac0a2f5f..58a02119c6 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -681,6 +681,7 @@ model to base your own plug-in on, here it is.") (method url-fetch) (uri (string-append "https://gstreamer.freedesktop.org/src/" name "/" name "-" version ".tar.xz")) + (patches (search-patches "gst-plugins-bad-fix-overflow.patch")) (sha256 (base32 "06ildd4rl6cynirv3p00d2ddf5is9svj4i7mkahldzhq24pq5mca")))) diff --git a/gnu/packages/patches/gst-plugins-bad-fix-overflow.patch b/gnu/packages/patches/gst-plugins-bad-fix-overflow.patch new file mode 100644 index 0000000000..95ab13db51 --- /dev/null +++ b/gnu/packages/patches/gst-plugins-bad-fix-overflow.patch @@ -0,0 +1,263 @@ +Fix an overflow when calculating something for AVC/HEVC videos: + +https://security-tracker.debian.org/tracker/TEMP-0000000-C6AAE1 + +Patch copied from upstream source repository: + +https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/0cfbf7ad91c7f121192c8ce135769f8eb276c41d +From 0cfbf7ad91c7f121192c8ce135769f8eb276c41d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Tue, 23 Mar 2021 19:19:14 +0200 +Subject: [PATCH] h2645parser: Catch overflows in AVC/HEVC NAL unit length + calculations + +Offset and size are stored as 32 bit guint and might overflow when +adding the nal_length_size, so let's avoid that. + +For the size this would happen if the AVC/HEVC NAL unit size happens to +be stored in 4 bytes and is 4294967292 or higher, which is likely +corrupted data anyway. + +For the offset this is something for the caller of these functions to +take care of but is unlikely to happen as it would require parsing on a +>4GB buffer. + +Allowing these overflows causes all kinds of follow-up bugs in the +h2645parse elements, ranging from infinite loops and memory leaks to +potential memory corruptions. + +Part-of: +--- + gst-libs/gst/codecparsers/gsth264parser.c | 16 +++++- + gst-libs/gst/codecparsers/gsth265parser.c | 16 +++++- + tests/check/libs/h264parser.c | 60 +++++++++++++++++++++++ + tests/check/libs/h265parser.c | 60 +++++++++++++++++++++++ + 4 files changed, 150 insertions(+), 2 deletions(-) + +diff --git a/gst-libs/gst/codecparsers/gsth264parser.c b/gst-libs/gst/codecparsers/gsth264parser.c +index 012f1d0d7..68aa25068 100644 +--- a/gst-libs/gst/codecparsers/gsth264parser.c ++++ b/gst-libs/gst/codecparsers/gsth264parser.c +@@ -1556,6 +1556,14 @@ gst_h264_parser_identify_nalu_avc (GstH264NalParser * nalparser, + + memset (nalu, 0, sizeof (*nalu)); + ++ /* Would overflow guint below otherwise: the callers needs to ensure that ++ * this never happens */ ++ if (offset > G_MAXUINT32 - nal_length_size) { ++ GST_WARNING ("offset + nal_length_size overflow"); ++ nalu->size = 0; ++ return GST_H264_PARSER_BROKEN_DATA; ++ } ++ + if (size < offset + nal_length_size) { + GST_DEBUG ("Can't parse, buffer has too small size %" G_GSIZE_FORMAT + ", offset %u", size, offset); +@@ -1570,7 +1578,13 @@ gst_h264_parser_identify_nalu_avc (GstH264NalParser * nalparser, + nalu->sc_offset = offset; + nalu->offset = offset + nal_length_size; + +- if (size < nalu->size + nal_length_size) { ++ if (nalu->size > G_MAXUINT32 - nal_length_size) { ++ GST_WARNING ("NALU size + nal_length_size overflow"); ++ nalu->size = 0; ++ return GST_H264_PARSER_BROKEN_DATA; ++ } ++ ++ if (size < (gsize) nalu->size + nal_length_size) { + nalu->size = 0; + + return GST_H264_PARSER_NO_NAL_END; +diff --git a/gst-libs/gst/codecparsers/gsth265parser.c b/gst-libs/gst/codecparsers/gsth265parser.c +index 26e68b276..dc7f27aa9 100644 +--- a/gst-libs/gst/codecparsers/gsth265parser.c ++++ b/gst-libs/gst/codecparsers/gsth265parser.c +@@ -1531,6 +1531,14 @@ gst_h265_parser_identify_nalu_hevc (GstH265Parser * parser, + + memset (nalu, 0, sizeof (*nalu)); + ++ /* Would overflow guint below otherwise: the callers needs to ensure that ++ * this never happens */ ++ if (offset > G_MAXUINT32 - nal_length_size) { ++ GST_WARNING ("offset + nal_length_size overflow"); ++ nalu->size = 0; ++ return GST_H265_PARSER_BROKEN_DATA; ++ } ++ + if (size < offset + nal_length_size) { + GST_DEBUG ("Can't parse, buffer has too small size %" G_GSIZE_FORMAT + ", offset %u", size, offset); +@@ -1545,7 +1553,13 @@ gst_h265_parser_identify_nalu_hevc (GstH265Parser * parser, + nalu->sc_offset = offset; + nalu->offset = offset + nal_length_size; + +- if (size < nalu->size + nal_length_size) { ++ if (nalu->size > G_MAXUINT32 - nal_length_size) { ++ GST_WARNING ("NALU size + nal_length_size overflow"); ++ nalu->size = 0; ++ return GST_H265_PARSER_BROKEN_DATA; ++ } ++ ++ if (size < (gsize) nalu->size + nal_length_size) { + nalu->size = 0; + + return GST_H265_PARSER_NO_NAL_END; +diff --git a/tests/check/libs/h264parser.c b/tests/check/libs/h264parser.c +index c7c46d9a2..d322dd8db 100644 +--- a/tests/check/libs/h264parser.c ++++ b/tests/check/libs/h264parser.c +@@ -229,6 +229,65 @@ GST_START_TEST (test_h264_parse_slice_5bytes) + + GST_END_TEST; + ++GST_START_TEST (test_h264_parse_identify_nalu_avc) ++{ ++ GstH264ParserResult res; ++ GstH264NalUnit nalu; ++ GstH264NalParser *const parser = gst_h264_nal_parser_new (); ++ /* Skip 3 bytes for the start code */ ++ const gsize nal_size = sizeof (slice_dpa) - 3; ++ const gsize buf_size = 4 + nal_size; ++ guint8 *buf = g_new (guint8, buf_size); ++ ++ memcpy (buf + 4, slice_dpa + 3, nal_size); ++ ++ GST_WRITE_UINT16_BE (buf + 2, nal_size); ++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 2, buf_size, 2, &nalu); ++ ++ assert_equals_int (res, GST_H264_PARSER_OK); ++ assert_equals_int (nalu.type, GST_H264_NAL_SLICE_DPA); ++ assert_equals_int (nalu.offset, 4); ++ assert_equals_int (nalu.size, nal_size); ++ ++ GST_WRITE_UINT32_BE (buf, nal_size); ++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H264_PARSER_OK); ++ assert_equals_int (nalu.type, GST_H264_NAL_SLICE_DPA); ++ assert_equals_int (nalu.offset, 4); ++ assert_equals_int (nalu.size, nal_size); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32); ++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H264_PARSER_BROKEN_DATA); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 2); ++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H264_PARSER_BROKEN_DATA); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 3); ++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H264_PARSER_BROKEN_DATA); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 4); ++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H264_PARSER_NO_NAL_END); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 6); ++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H264_PARSER_NO_NAL_END); ++ ++ g_free (buf); ++ gst_h264_nal_parser_free (parser); ++} ++ ++GST_END_TEST; ++ + static guint8 nalu_sps_with_vui[] = { + 0x00, 0x00, 0x00, 0x01, 0x67, 0x64, 0x00, 0x28, + 0xac, 0xd9, 0x40, 0x78, 0x04, 0x4f, 0xde, 0x03, +@@ -666,6 +725,7 @@ h264parser_suite (void) + tcase_add_test (tc_chain, test_h264_parse_slice_dpa); + tcase_add_test (tc_chain, test_h264_parse_slice_eoseq_slice); + tcase_add_test (tc_chain, test_h264_parse_slice_5bytes); ++ tcase_add_test (tc_chain, test_h264_parse_identify_nalu_avc); + tcase_add_test (tc_chain, test_h264_parse_invalid_sei); + tcase_add_test (tc_chain, test_h264_create_sei); + +diff --git a/tests/check/libs/h265parser.c b/tests/check/libs/h265parser.c +index 0a0e4db97..5b6a215ec 100644 +--- a/tests/check/libs/h265parser.c ++++ b/tests/check/libs/h265parser.c +@@ -255,6 +255,65 @@ GST_START_TEST (test_h265_parse_slice_6bytes) + + GST_END_TEST; + ++GST_START_TEST (test_h265_parse_identify_nalu_hevc) ++{ ++ GstH265ParserResult res; ++ GstH265NalUnit nalu; ++ GstH265Parser *parser = gst_h265_parser_new (); ++ /* Skip 4 bytes for the start code */ ++ const gsize nal_size = sizeof (slice_eos_slice_eob) - 4; ++ const gsize buf_size = 4 + nal_size; ++ guint8 *buf = g_new (guint8, buf_size); ++ ++ memcpy (buf + 4, slice_eos_slice_eob + 4, nal_size); ++ ++ GST_WRITE_UINT16_BE (buf + 2, nal_size); ++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 2, buf_size, 2, &nalu); ++ ++ assert_equals_int (res, GST_H265_PARSER_OK); ++ assert_equals_int (nalu.type, GST_H265_NAL_SLICE_IDR_W_RADL); ++ assert_equals_int (nalu.offset, 4); ++ assert_equals_int (nalu.size, nal_size); ++ ++ GST_WRITE_UINT32_BE (buf, nal_size); ++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H265_PARSER_OK); ++ assert_equals_int (nalu.type, GST_H265_NAL_SLICE_IDR_W_RADL); ++ assert_equals_int (nalu.offset, 4); ++ assert_equals_int (nalu.size, nal_size); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32); ++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H265_PARSER_BROKEN_DATA); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 2); ++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H265_PARSER_BROKEN_DATA); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 3); ++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H265_PARSER_BROKEN_DATA); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 4); ++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H265_PARSER_NO_NAL_END); ++ ++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 6); ++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu); ++ ++ assert_equals_int (res, GST_H265_PARSER_NO_NAL_END); ++ ++ g_free (buf); ++ gst_h265_parser_free (parser); ++} ++ ++GST_END_TEST; ++ + GST_START_TEST (test_h265_base_profiles) + { + GstH265ProfileTierLevel ptl; +@@ -1101,6 +1160,7 @@ h265parser_suite (void) + tcase_add_test (tc_chain, test_h265_parse_slice_eos_slice_eob); + tcase_add_test (tc_chain, test_h265_parse_pic_timing); + tcase_add_test (tc_chain, test_h265_parse_slice_6bytes); ++ tcase_add_test (tc_chain, test_h265_parse_identify_nalu_hevc); + tcase_add_test (tc_chain, test_h265_base_profiles); + tcase_add_test (tc_chain, test_h265_base_profiles_compat); + tcase_add_test (tc_chain, test_h265_format_range_profiles_exact_match); +-- +2.31.1 + -- cgit v1.2.3 From 5a918564e17b5549ee58dc626e7b6709d4ac9aab Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 24 Apr 2021 14:42:14 -0400 Subject: gnu: gst-plugins-base: Fix an invalid read when parsing ID3v2 tags. * gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gstreamer.scm (gst-plugins-base)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/gstreamer.scm | 1 + .../gst-plugins-base-fix-id3v2-invalid-read.patch | 40 ++++++++++++++++++++++ 3 files changed, 42 insertions(+) create mode 100644 gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 99f2f8b067..18ebbcd0ce 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1171,6 +1171,7 @@ dist_patch_DATA = \ %D%/packages/patches/gspell-dash-test.patch \ %D%/packages/patches/gst-libav-64channels-stack-corruption.patch \ %D%/packages/patches/gst-plugins-bad-fix-overflow.patch \ + %D%/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch \ %D%/packages/patches/gst-plugins-good-fix-test.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \ diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 58a02119c6..7d9c5c993f 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -527,6 +527,7 @@ This package provides the core library and elements.") (method url-fetch) (uri (string-append "https://gstreamer.freedesktop.org/src/" name "/" name "-" version ".tar.xz")) + (patches (search-patches "gst-plugins-base-fix-id3v2-invalid-read.patch")) (sha256 (base32 "1b05kg46azrxxvq42c71071lfsnc34pw4vynnkczdqi6g0gzn16x")))) diff --git a/gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch b/gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch new file mode 100644 index 0000000000..b2dfef0118 --- /dev/null +++ b/gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch @@ -0,0 +1,40 @@ +Fix an "invalid read during ID3v2 tag parsing". + +https://security-tracker.debian.org/tracker/TEMP-0000000-57E7C1 +https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876 + +Patch copied from upstream source repository: + +https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/commit/f4a1428a6997658625d529b9db60fde812fbf1ee + +From f4a1428a6997658625d529b9db60fde812fbf1ee Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tim-Philipp=20M=C3=BCller?= +Date: Wed, 3 Mar 2021 01:08:25 +0000 +Subject: [PATCH] tag: id3v2: fix frame size check and potential invalid reads + +Check the right variable when checking if there's +enough data left to read the frame size. + +Closes https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876 + +Part-of: +--- + gst-libs/gst/tag/id3v2frames.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gst-libs/gst/tag/id3v2frames.c b/gst-libs/gst/tag/id3v2frames.c +index 8e9f78254..f39659bf7 100644 +--- a/gst-libs/gst/tag/id3v2frames.c ++++ b/gst-libs/gst/tag/id3v2frames.c +@@ -109,7 +109,7 @@ id3v2_parse_frame (ID3TagsWorking * work) + + if (work->frame_flags & (ID3V2_FRAME_FORMAT_COMPRESSION | + ID3V2_FRAME_FORMAT_DATA_LENGTH_INDICATOR)) { +- if (work->hdr.frame_data_size <= 4) ++ if (frame_data_size <= 4) + return FALSE; + if (ID3V2_VER_MAJOR (work->hdr.version) == 3) { + work->parse_size = GST_READ_UINT32_BE (frame_data); +-- +2.31.1 + -- cgit v1.2.3 From 32db6f504473c118e875f54c6a08b9c6884a3123 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 24 Apr 2021 14:47:54 -0400 Subject: gnu: gst-plugins-ugly: Fix some out-of-bounds reads. * gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gstreamer.scm (gst-plugins-ugly)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/gstreamer.scm | 1 + .../gst-plugins-ugly-fix-out-of-bound-reads.patch | 119 +++++++++++++++++++++ 3 files changed, 121 insertions(+) create mode 100644 gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 18ebbcd0ce..6e4a06cc34 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1175,6 +1175,7 @@ dist_patch_DATA = \ %D%/packages/patches/gst-plugins-good-fix-test.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \ + %D%/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch \ %D%/packages/patches/guile-1.8-cpp-4.5.patch \ %D%/packages/patches/guile-2.2-skip-oom-test.patch \ %D%/packages/patches/guile-2.2-skip-so-test.patch \ diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 7d9c5c993f..9e70961655 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -793,6 +793,7 @@ par compared to the rest.") (uri (string-append "https://gstreamer.freedesktop.org/src/" name "/" name "-" version ".tar.xz")) + (patches (search-patches "gst-plugins-ugly-fix-out-of-bound-reads.patch")) (sha256 (base32 "1nwbcv5yaib3d8icvyja3zf6lyjf5zf1hndbijrhj8j7xlia0dx3")))) (build-system meson-build-system) diff --git a/gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch b/gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch new file mode 100644 index 0000000000..3c6a96f45d --- /dev/null +++ b/gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch @@ -0,0 +1,119 @@ +Fix out of bounds reads when parsing audio and video packets: + +https://security-tracker.debian.org/tracker/TEMP-0000000-4DAA44 +https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues/37 + +Patch copied from upstream source repository: + +https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/commit/3aba7d1e625554b2407bc77b3d09b4928b937d5f +From 3aba7d1e625554b2407bc77b3d09b4928b937d5f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Wed, 3 Mar 2021 11:05:14 +0200 +Subject: [PATCH] rmdemux: Make sure we have enough data available when parsing + audio/video packets + +Otherwise there will be out-of-bounds reads and potential crashes. + +Thanks to Natalie Silvanovich for reporting. + +Fixes https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues/37 + +Part-of: +--- + gst/realmedia/rmdemux.c | 35 +++++++++++++++++++++++++++++++++++ + 1 file changed, 35 insertions(+) + +diff --git a/gst/realmedia/rmdemux.c b/gst/realmedia/rmdemux.c +index 6cc659a1..68b0736b 100644 +--- a/gst/realmedia/rmdemux.c ++++ b/gst/realmedia/rmdemux.c +@@ -2223,6 +2223,9 @@ gst_rmdemux_parse_video_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream, + + gst_buffer_map (in, &map, GST_MAP_READ); + ++ if (map.size < offset) ++ goto not_enough_data; ++ + data = map.data + offset; + size = map.size - offset; + +@@ -2289,6 +2292,9 @@ gst_rmdemux_parse_video_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream, + } + GST_DEBUG_OBJECT (rmdemux, "fragment size %d", fragment_size); + ++ if (map.size < (data - map.data) + fragment_size) ++ goto not_enough_data; ++ + /* get the fragment */ + fragment = + gst_buffer_copy_region (in, GST_BUFFER_COPY_ALL, data - map.data, +@@ -2437,6 +2443,9 @@ gst_rmdemux_parse_audio_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream, + GstFlowReturn ret; + GstBuffer *buffer; + ++ if (gst_buffer_get_size (in) < offset) ++ goto not_enough_data; ++ + buffer = gst_buffer_copy_region (in, GST_BUFFER_COPY_MEMORY, offset, -1); + + if (rmdemux->first_ts != -1 && timestamp > rmdemux->first_ts) +@@ -2467,9 +2476,19 @@ gst_rmdemux_parse_audio_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream, + ret = gst_pad_push (stream->pad, buffer); + } + ++done: + gst_buffer_unref (in); + + return ret; ++ ++ /* ERRORS */ ++not_enough_data: ++ { ++ GST_ELEMENT_WARNING (rmdemux, STREAM, DECODE, ("Skipping bad packet."), ++ (NULL)); ++ ret = GST_FLOW_OK; ++ goto done; ++ } + } + + static GstFlowReturn +@@ -2490,6 +2509,9 @@ gst_rmdemux_parse_packet (GstRMDemux * rmdemux, GstBuffer * in, guint16 version) + data = map.data; + size = map.size; + ++ if (size < 4 + 6 + 1 + 2) ++ goto not_enough_data; ++ + /* stream number */ + id = RMDEMUX_GUINT16_GET (data); + +@@ -2525,6 +2547,9 @@ gst_rmdemux_parse_packet (GstRMDemux * rmdemux, GstBuffer * in, guint16 version) + + /* version 1 has an extra byte */ + if (version == 1) { ++ if (size < 1) ++ goto not_enough_data; ++ + data += 1; + size -= 1; + } +@@ -2596,6 +2621,16 @@ unknown_stream: + gst_buffer_unref (in); + return GST_FLOW_OK; + } ++ ++ /* ERRORS */ ++not_enough_data: ++ { ++ GST_ELEMENT_WARNING (rmdemux, STREAM, DECODE, ("Skipping bad packet."), ++ (NULL)); ++ gst_buffer_unmap (in, &map); ++ gst_buffer_unref (in); ++ return GST_FLOW_OK; ++ } + } + + gboolean +-- +2.31.1 + -- cgit v1.2.3 From 8fa86141b709195a44f8fbf8fa19c6e877f6c8a2 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 24 Apr 2021 13:04:55 +0200 Subject: gnu: LLVM, Clang: Add 12.0.0. * gnu/packages/patches/clang-12-tools-extra-directory.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/llvm.scm (llvm-12, clang-runtime-12, clang-12, clang-toolchain-12): New variables. (llvm-11): Inherit from LLVM-12. --- gnu/local.mk | 1 + gnu/packages/llvm.scm | 47 ++++++++++++++++++++-- .../patches/clang-12-tools-extra-directory.patch | 16 ++++++++ 3 files changed, 60 insertions(+), 4 deletions(-) create mode 100644 gnu/packages/patches/clang-12-tools-extra-directory.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 6e4a06cc34..91066c9cfc 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -902,6 +902,7 @@ dist_patch_DATA = \ %D%/packages/patches/clang-9.0-libc-search-path.patch \ %D%/packages/patches/clang-10.0-libc-search-path.patch \ %D%/packages/patches/clang-11.0-libc-search-path.patch \ + %D%/packages/patches/clang-12-tools-extra-directory.patch \ %D%/packages/patches/clang-runtime-asan-build-fixes.patch \ %D%/packages/patches/clang-runtime-esan-build-fixes.patch \ %D%/packages/patches/clang-runtime-9-libsanitizer-mode-field.patch \ diff --git a/gnu/packages/llvm.scm b/gnu/packages/llvm.scm index 605bd8629a..b510f319f9 100644 --- a/gnu/packages/llvm.scm +++ b/gnu/packages/llvm.scm @@ -476,21 +476,21 @@ output), and Binutils.") ("libc-debug" ,glibc "debug") ("libc-static" ,glibc "static"))))) -(define-public llvm-11 +(define-public llvm-12 (package (name "llvm") - (version "11.0.0") + (version "12.0.0") (source (origin (method url-fetch) (uri (llvm-uri "llvm" version)) (sha256 (base32 - "0s94lwil98w7zb7cjrbnxli0z7gklb312pkw74xs1d6zk346hgwi")))) + "0l4b79gwfvxild974aigcq1yigypjsk2j5p59syhl6ksd744gp29")))) (build-system cmake-build-system) (outputs '("out" "opt-viewer")) (native-inputs - `(("python" ,python-2) ;bytes->str conversion in clang>=3.7 needs python-2 + `(("python" ,python) ("perl" ,perl))) (inputs `(("libffi" ,libffi))) @@ -538,6 +538,45 @@ languages is in development. The compiler infrastructure includes mirror sets of programming tools as well as libraries with equivalent functionality.") (license license:asl2.0))) ;with LLVM exceptions, see LICENSE.txt +(define-public clang-runtime-12 + (clang-runtime-from-llvm + llvm-12 + "0d444qihq9jhqnfv003cr704v363va72zl6qaw2algj1c85cva45")) + +(define-public clang-12 + (clang-from-llvm llvm-12 clang-runtime-12 + "1vd9rhhrd8ghdg111lac7w8by71y9l14yh5zxfijsm6lj4p4avp2" + #:patches '("clang-11.0-libc-search-path.patch") + #:tools-extra + (origin + (method url-fetch) + (uri (llvm-uri "clang-tools-extra" + (package-version llvm-12))) + (patches + (search-patches "clang-12-tools-extra-directory.patch")) + (sha256 + (base32 + "0p3dzr0qa7mar83y66xa5m5apynf6ia0lsdsq6axwnm64ysy0hdd"))))) + +(define-public clang-toolchain-12 + (make-clang-toolchain clang-12)) + +(define-public llvm-11 + (package + (inherit llvm-12) + (version "11.0.0") + (source + (origin + (method url-fetch) + (uri (llvm-uri "llvm" version)) + (sha256 + (base32 + "0s94lwil98w7zb7cjrbnxli0z7gklb312pkw74xs1d6zk346hgwi")))) + (native-inputs + `(;; TODO: Switch to Python 3 in the next rebuild cycle. + ("python" ,python-2) + ("perl" ,perl))))) + (define-public clang-runtime-11 (clang-runtime-from-llvm llvm-11 diff --git a/gnu/packages/patches/clang-12-tools-extra-directory.patch b/gnu/packages/patches/clang-12-tools-extra-directory.patch new file mode 100644 index 0000000000..0a236da26e --- /dev/null +++ b/gnu/packages/patches/clang-12-tools-extra-directory.patch @@ -0,0 +1,16 @@ +Help CMake locate the "tools-extra" directory. + +Taken from . + +diff --git a/clang-tools-extra/clangd/quality/CompletionModel.cmake b/clang-tools-extra/clangd/quality/CompletionModel.cmake +--- a/clangd/quality/CompletionModel.cmake ++++ b/clangd/quality/CompletionModel.cmake +@@ -5,7 +5,7 @@ + # will define a C++ class called ${cpp_class} - which may be a + # namespace-qualified class name. + function(gen_decision_forest model filename cpp_class) +- set(model_compiler ${CMAKE_SOURCE_DIR}/../clang-tools-extra/clangd/quality/CompletionModelCodegen.py) ++ set(model_compiler ${CMAKE_CURRENT_LIST_DIR}/quality/CompletionModelCodegen.py) + + set(output_dir ${CMAKE_CURRENT_BINARY_DIR}) + set(header_file ${output_dir}/${filename}.h) -- cgit v1.2.3 From 8dcbd8a374f21f478f0059d4d62e364897e6e667 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Wed, 28 Apr 2021 17:59:07 +0200 Subject: gnu: ungoogled-chromium: Update to 90.0.4430.93. * gnu/packages/patches/ungoogled-chromium-system-nspr.patch, gnu/packages/patches/ungoogled-chromium-system-opus.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/chromium.scm (%preserved-third-party-files): Adjust for 90. (debian-patch): Make REVISION optional, default to %DEBIAN-REVISION. (%chromium-version): New variable. (%ungoogled-revision): Set to 90.0.4430.85-1-11-g3184907. (%debian-revision): Set to debian/90.0.4430.85-1. (%debian-patches): Add more patches; update hashes. (%ungoogled-origin): Update hash. (%guix-patches): Remove obsolete patches. (libvpx/chromium): Update to 1.9.0-147-g61edec1ef. (ungoogled-chromium)[version]: Base on %CHROMIUM-REVISION and the last component of %UNGOOGLED-REVISION, a 'git describe --long' style ID. [arguments]: Add build_with_flite_lib in #:configure-flags. Add openjpeg substitution in #:phases. --- gnu/local.mk | 2 - gnu/packages/chromium.scm | 77 ++++++++----- .../patches/ungoogled-chromium-system-nspr.patch | 120 --------------------- .../patches/ungoogled-chromium-system-opus.patch | 27 ----- 4 files changed, 52 insertions(+), 174 deletions(-) delete mode 100644 gnu/packages/patches/ungoogled-chromium-system-nspr.patch delete mode 100644 gnu/packages/patches/ungoogled-chromium-system-opus.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 91066c9cfc..23ffaea1b2 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1742,8 +1742,6 @@ dist_patch_DATA = \ %D%/packages/patches/ucx-tcp-iface-ioctl.patch \ %D%/packages/patches/udiskie-no-appindicator.patch \ %D%/packages/patches/ungoogled-chromium-extension-search-path.patch \ - %D%/packages/patches/ungoogled-chromium-system-nspr.patch \ - %D%/packages/patches/ungoogled-chromium-system-opus.patch \ %D%/packages/patches/unison-fix-ocaml-4.08.patch \ %D%/packages/patches/unknown-horizons-python-3.8-distro.patch \ %D%/packages/patches/unzip-CVE-2014-8139.patch \ diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm index 835e9e2050..ea7b242788 100644 --- a/gnu/packages/chromium.scm +++ b/gnu/packages/chromium.scm @@ -150,9 +150,14 @@ "third_party/devtools-frontend/src/third_party/pyjson5" ;ASL2.0 "third_party/devtools-frontend/src/third_party/typescript" ;ASL2.0 "third_party/dom_distiller_js" ;BSD-3 + "third_party/eigen3" ;MPL2.0 "third_party/emoji-segmenter" ;ASL2.0 + "third_party/farmhash" ;Expat + "third_party/fdlibm" ;non-copyleft + "third_party/fft2d" ;non-copyleft "third_party/flatbuffers" ;ASL2.0 "third_party/fusejs" ;ASL2.0 + "third_party/gemmlowp" ;ASL2.0 "third_party/google_input_tools" ;ASL2.0 "third_party/google_input_tools/third_party/closure_library" ;ASL2.0 "third_party/google_input_tools/third_party/closure_library/third_party/closure" ;Expat @@ -171,8 +176,10 @@ "third_party/libXNVCtrl" ;Expat "third_party/libaddressinput" ;ASL2.0 "third_party/libaom" ;BSD-2 or "Alliance for Open Media Patent License 1.0" + "third_party/libaom/source/libaom/third_party/fastfeat" ;BSD-3 "third_party/libaom/source/libaom/third_party/vector" ;Expat "third_party/libaom/source/libaom/third_party/x86inc" ;ISC + "third_party/libgav1" ;ASL2.0 "third_party/libgifcodec" ;MPL1.1/GPL2+/LGPL2.1+, BSD-3, BSD-2 "third_party/libjingle_xmpp" ;BSD-3 "third_party/libphonenumber" ;ASL2.0 @@ -190,6 +197,7 @@ "third_party/libwebm" ;BSD-3 "third_party/libxml/chromium" ;BSD-3 "third_party/libyuv" ;BSD-3 + "third_party/libzip" ;BSD-3 "third_party/lottie" ;Expat "third_party/lss" ;BSD-3 "third_party/mako" ;Expat @@ -211,6 +219,7 @@ "third_party/pdfium/third_party/agg23" ;Expat "third_party/pdfium/third_party/base" ;BSD-3 "third_party/pdfium/third_party/bigint" ;Public domain, BSD-3 + "third_party/pdfium/third_party/libtiff" ;non-copyleft "third_party/pdfium/third_party/skia_shared" ;BSD-3 "third_party/pdfium/third_party/freetype/include/pstables.h" ;FreeType "third_party/perfetto" ;ASL2.0 @@ -228,6 +237,7 @@ ;; ABI relies on libstdc++ internals. See build/linux/unbundle/re2.gn. "third_party/re2" ;BSD-3 "third_party/rnnoise" ;BSD-3 + "third_party/ruy" ;ASL2.0 "third_party/s2cellid" ;ASL2.0 "third_party/schema_org" ;CC-BY-SA3.0 "third_party/securemessage" ;ASL2.0 @@ -247,9 +257,15 @@ "third_party/swiftshader/third_party/subzero" ;NCSA "third_party/swiftshader/third_party/SPIRV-Headers" ;X11-style "third_party/tcmalloc/chromium" ;BSD-3 + "third_party/tensorflow-text" ;ASL2.0 + "third_party/tflite" ;ASL2.0 + "third_party/tflite/src/third_party/eigen3" ;MPL2.0 + "third_party/tflite/src/third_party/fft2d" ;ASL2.0 + "third_party/tflite-support" ;ASL2.0 "third_party/ukey2" ;ASL2.0 "third_party/usb_ids" ;BSD-3 "third_party/usrsctp" ;BSD-2 + "third_party/utf" ;Expat "third_party/vulkan-deps" ;ASL2.0, BSD-3, Expat "third_party/vulkan_memory_allocator" ;Expat "third_party/wayland/protocol" ;Expat @@ -269,6 +285,7 @@ "third_party/widevine/cdm/widevine_cdm_version.h" ;BSD-3 "third_party/widevine/cdm/widevine_cdm_common.h" ;BSD-3 "third_party/woff2" ;ASL2.0 + "third_party/wuffs" ;ASL2.0 "third_party/xcbproto" ;X11 "third_party/xdg-utils" ;Expat @@ -293,7 +310,7 @@ ;; run the Blink performance tests, just remove everything to save ~70MiB. '("third_party/blink/perf_tests")) -(define (debian-patch name revision hash) +(define* (debian-patch name hash #:optional (revision %debian-revision)) (origin (method url-fetch) (uri (string-append "https://salsa.debian.org/chromium-team/chromium/-/raw/" @@ -303,36 +320,34 @@ (string-append "ungoogled-chromium-" category "-" name)))) (sha256 (base32 hash)))) -(define %ungoogled-revision "89.0.4389.114-1") -(define %debian-revision "debian/84.0.4147.105-1") +(define %chromium-version "90.0.4430.93") +(define %debian-revision "debian/90.0.4430.85-1") +(define %ungoogled-revision "90.0.4430.85-1-11-g3184907") (define %debian-patches - (list (debian-patch "system/zlib.patch" %debian-revision - "09vqgs37w9ycc7par14wa7rnvmg9bm0z9pqg6fyl3iqvpghyjyr4") - (debian-patch "system/openjpeg.patch" %debian-revision - "0zd6v5njx1pc7i0y6mslxvpx5j4cq01mmyx55qcqx8qzkm0gm48j"))) + (list (debian-patch "fixes/missing-includes.patch" + "1f0drxp1cy76g71rkkzxxbwixn03yn9b0q22vb0mb6h2qk6cw92q") + (debian-patch "fixes/nomerge.patch" + "0lybs2b5gk08j8cr6vjrs9d3drd7qfw013z2r0y00by8dnpm74i3") + (debian-patch "system/nspr.patch" + "1gdirn1k1i841l8zp8xgr95kl16b5nx827am9rcxj8sfkm8hgkn3") + (debian-patch "system/zlib.patch" + "0j313bd3q8qc065j60x97dckrfgbwl4qxc8jhz33iihvv4lwziwv") + (debian-patch "system/openjpeg.patch" + "048405xh84pys0kky81vlqhaxjyxvcql4py217z01qxiv991zxaj"))) (define %ungoogled-origin (origin (method git-fetch) (uri (git-reference (url "https://github.com/Eloston/ungoogled-chromium") (commit %ungoogled-revision))) - (file-name (git-file-name "ungoogled-chromium" - (if (= 40 (string-length %ungoogled-revision)) - (string-take %ungoogled-revision 7) - %ungoogled-revision))) + (file-name (git-file-name "ungoogled-chromium" %ungoogled-revision)) (sha256 (base32 - "0cr2i51gxhgl55c8f9w0ra3m5q2dk03sf7p2qn4bqq1l1l72hw6s")))) + "18xfwgkw3xarxcgnzvyv70h4icyqh3k8lfx6fvhp7fsr6x20sai0")))) (define %guix-patches (list (local-file - (assume-valid-file-name - (search-patch "ungoogled-chromium-system-nspr.patch"))) - (local-file - (assume-valid-file-name - (search-patch "ungoogled-chromium-system-opus.patch"))) - (local-file (assume-valid-file-name (search-patch "ungoogled-chromium-extension-search-path.patch"))))) @@ -415,7 +430,7 @@ (define libvpx/chromium (package (inherit libvpx) - (version "1.9.0-104-gb5d77a48d") + (version "1.9.0-147-g61edec1ef") (source (origin (inherit (package-source libvpx)) (uri (git-reference @@ -424,7 +439,7 @@ (file-name (git-file-name "libvpx" version)) (sha256 (base32 - "07nkpx8myw5nd4bkaj6l4wr5ipk2c6lg9cwirz0i5qbr659051rk")))))) + "0mw13y7j2lg8jj3alm9367c3b40b6s218fdz3nn1m2k85c78wzr7")))))) ;; 'make-ld-wrapper' can only work with an 'ld' executable, so we need ;; this trick to make it wrap 'lld'. @@ -454,17 +469,19 @@ (define-public ungoogled-chromium (package (name "ungoogled-chromium") - (version %ungoogled-revision) + (version (string-append %chromium-version "-0." + (match (string-split %ungoogled-revision #\-) + ((version revision commits g+short) + (string-drop g+short 1))))) (synopsis "Graphical web browser") (source (origin (method url-fetch) (uri (string-append "https://commondatastorage.googleapis.com" "/chromium-browser-official/chromium-" - (string-drop-right %ungoogled-revision 2) - ".tar.xz")) + %chromium-version ".tar.xz")) (sha256 (base32 - "007df9p78bbmk3iyfi8qn57mmn68qqrdhx6z8n2hl8ksd7lspw7j")) + "0zimr975vp0v12zz1nqjwag3f0q147wrmdhpzgi4yf089rgwfbjk")) (modules '((guix build utils))) (snippet (force ungoogled-chromium-snippet)))) (build-system gnu-build-system) @@ -506,6 +523,9 @@ "enable_widevine=false" ;; Disable type-checking for the Web UI to avoid a Java dependency. "enable_js_type_check=false" + ;; Disable code using TensorFlow until it has been scrutinized + ;; by the ungoogled project. + "build_with_tflite_lib=false" ;; Define a custom toolchain that simply looks up CC, AR and ;; friends from the environment. @@ -565,7 +585,13 @@ #:phases (modify-phases %standard-phases (add-after 'unpack 'patch-stuff - (lambda _ + (lambda* (#:key inputs #:allow-other-keys) + (let ((openjpeg (assoc-ref inputs "openjpeg"))) + (substitute* "third_party/pdfium/BUILD.gn" + ;; This include path is added by Debians openjpeg patch. + (("/usr/include/openjpeg") + (string-append openjpeg "/include/openjpeg")))) + (substitute* '("base/process/launch_posix.cc" "base/third_party/dynamic_annotations/dynamic_annotations.c" @@ -735,6 +761,7 @@ "chrome_200_percent.pak" "resources.pak" "v8_context_snapshot.bin" + ;; Chromium ships its own libGL ;; implementation called ANGLE. "libEGL.so" "libGLESv2.so")) diff --git a/gnu/packages/patches/ungoogled-chromium-system-nspr.patch b/gnu/packages/patches/ungoogled-chromium-system-nspr.patch deleted file mode 100644 index 988296b143..0000000000 --- a/gnu/packages/patches/ungoogled-chromium-system-nspr.patch +++ /dev/null @@ -1,120 +0,0 @@ -Build with the system nspr library. - -Originally based on a Debian patch: -https://salsa.debian.org/chromium-team/chromium/-/blob/master/debian/patches/system/nspr.patch - ---- a/base/time/pr_time_unittest.cc -+++ b/base/time/pr_time_unittest.cc -@@ -7,7 +7,7 @@ - - #include "base/compiler_specific.h" - #include "base/stl_util.h" --#include "base/third_party/nspr/prtime.h" -+#include - #include "base/time/time.h" - #include "build/build_config.h" - #include "testing/gtest/include/gtest/gtest.h" ---- a/base/time/time.cc -+++ b/base/time/time.cc -@@ -14,7 +14,7 @@ - #include "base/optional.h" - #include "base/strings/string_util.h" - #include "base/strings/stringprintf.h" --#include "base/third_party/nspr/prtime.h" -+#include - #include "base/time/time_override.h" - #include "build/build_config.h" - ---- a/base/BUILD.gn -+++ b/base/BUILD.gn -@@ -102,6 +102,9 @@ - "-Wglobal-constructors", - ] - } -+ ldflags = [ -+ "-lnspr4", -+ ] - } - - config("base_implementation") { -@@ -720,8 +723,6 @@ - "third_party/cityhash_v103/src/city_v103.h", - "third_party/icu/icu_utf.cc", - "third_party/icu/icu_utf.h", -- "third_party/nspr/prtime.cc", -- "third_party/nspr/prtime.h", - "third_party/superfasthash/superfasthash.c", - "thread_annotations.h", - "threading/hang_watcher.cc", ---- a/tools/gn/build/gen.py -+++ b/tools/gn/build/gen.py -@@ -380,6 +380,9 @@ - if not options.no_static_libstdcpp: - ldflags.append('-static-libstdc++') - -+ # Additional system libraries that are used. -+ libs.append('-lnspr4') -+ - if platform.is_mingw() or platform.is_msys(): - cflags.remove('-std=c++17') - cflags.extend([ ---- a/third_party/blink/renderer/platform/BUILD.gn -+++ b/third_party/blink/renderer/platform/BUILD.gn -@@ -110,6 +110,9 @@ - "//build/win:default_exe_manifest", - "//third_party/icu", - ] -+ ldflags = [ -+ "-lnspr4" -+ ] - } - - # This isn't strictly necessary since we can just add the deps to "platform", ---- a/third_party/crashpad/crashpad/handler/BUILD.gn -+++ b/third_party/crashpad/crashpad/handler/BUILD.gn -@@ -144,6 +144,9 @@ - "../third_party/mini_chromium:base", - "../tools:tool_support", - ] -+ ldflags = [ -+ "-lnspr4" -+ ] - - if (crashpad_is_win) { - if (crashpad_is_in_chromium || crashpad_is_in_dart) { ---- a/chrome/common/search/BUILD.gn -+++ b/chrome/common/search/BUILD.gn -@@ -20,6 +20,9 @@ - "//chrome/common/themes:autogenerated_theme_util", - "//skia", - ] -+ ldflags = [ -+ "-lnspr4" -+ ] - } - - compiled_action("generate_chrome_colors_info") { ---- a/components/url_formatter/spoof_checks/top_domains/BUILD.gn -+++ b/components/url_formatter/spoof_checks/top_domains/BUILD.gn -@@ -31,6 +31,9 @@ - "//net/tools/huffman_trie:huffman_trie_generator_sources", - "//url:url", - ] -+ ldflags = [ -+ "-lnspr4", -+ ] - if (is_ios) { - frameworks = [ "UIKit.framework" ] - } ---- a/components/schema_org/BUILD.gn -+++ b/components/schema_org/BUILD.gn -@@ -33,6 +33,9 @@ - "//base", - "//url", - ] -+ ldflags = [ -+ "-lnspr4", -+ ] - } - - compiled_action("schema_org_name_data") { diff --git a/gnu/packages/patches/ungoogled-chromium-system-opus.patch b/gnu/packages/patches/ungoogled-chromium-system-opus.patch deleted file mode 100644 index 6f887a31a4..0000000000 --- a/gnu/packages/patches/ungoogled-chromium-system-opus.patch +++ /dev/null @@ -1,27 +0,0 @@ -Add missing build dependency on Opus so that system headers are found. - -Taken from upstream: -https://chromium-review.googlesource.com/c/chromium/src/+/2644623 - -diff --git a/third_party/blink/renderer/modules/webcodecs/BUILD.gn b/third_party/blink/renderer/modules/webcodecs/BUILD.gn ---- a/third_party/blink/renderer/modules/webcodecs/BUILD.gn -+++ b/third_party/blink/renderer/modules/webcodecs/BUILD.gn -@@ -65,6 +65,7 @@ blink_modules_sources("webcodecs") { - "//media/mojo/clients", - "//media/mojo/mojom", - "//third_party/libyuv:libyuv", -+ "//third_party/opus", - ] - if (media_use_openh264) { - deps += [ "//third_party/openh264:encoder" ] -diff --git a/third_party/blink/renderer/modules/webcodecs/DEPS b/third_party/blink/renderer/modules/webcodecs/DEPS ---- a/third_party/blink/renderer/modules/webcodecs/DEPS -+++ b/third_party/blink/renderer/modules/webcodecs/DEPS -@@ -19,6 +19,7 @@ include_rules = [ - - "+third_party/libyuv", - "+third_party/openh264", -+ "+third_party/opus", - - "+ui/gfx/color_space.h", - "+ui/gfx/geometry/rect.h", -- cgit v1.2.3 From e7fbf10066e3634ec2d284c07afb4fa625d18574 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Mon, 26 Apr 2021 09:27:50 -0700 Subject: gnu: linux-libre-arm64-generic: Add eDP panel, battery and audio support for Pinebook Pro. * gnu/packages/linux.scm (linux-libre-5.11-source): Add Pinebook Pro lcd patch. (linux-libre-arm64-generic): Enable audio and battery modules for Pinebook Pro. * gnu/packages/patches/linux-libre-arm64-generic-pinebook-lcd.patch: New file. * gnu/local.mk (dist_patch_DATA): Add patch. --- gnu/local.mk | 1 + gnu/packages/linux.scm | 11 ++++-- .../linux-libre-arm64-generic-pinebook-lcd.patch | 40 ++++++++++++++++++++++ 3 files changed, 50 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/linux-libre-arm64-generic-pinebook-lcd.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 23ffaea1b2..f7b14ee333 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1375,6 +1375,7 @@ dist_patch_DATA = \ %D%/packages/patches/linkchecker-tests-require-network.patch \ %D%/packages/patches/linphone-desktop-without-sdk.patch \ %D%/packages/patches/linux-libre-support-for-Pinebook-Pro.patch \ + %D%/packages/patches/linux-libre-arm64-generic-pinebook-lcd.patch \ %D%/packages/patches/linux-pam-no-setfsuid.patch \ %D%/packages/patches/lirc-localstatedir.patch \ %D%/packages/patches/lirc-reproducible-build.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 3807ecad63..a155c29f8b 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -481,7 +481,10 @@ corresponding UPSTREAM-SOURCE (an origin), using the given DEBLOB-SCRIPTS." (define-public linux-libre-5.11-source (source-with-patches linux-libre-5.11-pristine-source (list %boot-logo-patch - %linux-libre-arm-export-__sync_icache_dcache-patch))) + %linux-libre-arm-export-__sync_icache_dcache-patch + ;; Pinebook Pro patch to fix LCD display + (search-patch + "linux-libre-arm64-generic-pinebook-lcd.patch")))) (define-public linux-libre-5.10-source (source-with-patches linux-libre-5.10-pristine-source @@ -1044,7 +1047,11 @@ It has been modified to remove all non-free binary blobs.") ("CONFIG_BATTERY_AXP20X" . m) ("CONFIG_PINCTRL_AXP209" . m) ("CONFIG_AXP20X_POWER" . m) - ("CONFIG_AXP20X_ADC" . m)) + ("CONFIG_AXP20X_ADC" . m) + ;; Pinebook PRO battery and sound support + ("CONFIG_BATTERY_CW2015" . m) + ("CONFIG_CHARGER_GPIO" . m) + ("CONFIG_SND_SOC_ES8316" . m)) %default-extra-linux-options))) (define-public linux-libre-arm64-generic-5.10 diff --git a/gnu/packages/patches/linux-libre-arm64-generic-pinebook-lcd.patch b/gnu/packages/patches/linux-libre-arm64-generic-pinebook-lcd.patch new file mode 100644 index 0000000000..51ab544d5e --- /dev/null +++ b/gnu/packages/patches/linux-libre-arm64-generic-pinebook-lcd.patch @@ -0,0 +1,40 @@ +From 3a75704e99a118f2d8a4d70f07781558bde85770 Mon Sep 17 00:00:00 2001 +From: Jian-Hong Pan +Date: Thu, 24 Sep 2020 14:30:43 +0800 +Subject: [PATCH] arm64: dts: rockchip: disable USB type-c DisplayPort + +The cdn-dp sub driver probes the device failed on PINEBOOK Pro. + +kernel: cdn-dp fec00000.dp: [drm:cdn_dp_probe [rockchipdrm]] *ERROR* missing extcon or phy +kernel: cdn-dp: probe of fec00000.dp failed with error -22 + +Then, the device halts all of the DRM related device jobs. For example, +the operations: vop_component_ops, vop_component_ops and +rockchip_dp_component_ops cannot be bound to corresponding devices. So, +Xorg cannot find the correct DRM device. + +The USB type-C DisplayPort does not work for now. So, disable the +DisplayPort node until the type-C phy work has been done. + +Link: https://patchwork.kernel.org/patch/11794141/#23639877 +Signed-off-by: Jian-Hong Pan +--- + arch/arm64/boot/dts/rockchip/rk3399-pinebook-pro.dts | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/arm64/boot/dts/rockchip/rk3399-pinebook-pro.dts b/arch/arm64/boot/dts/rockchip/rk3399-pinebook-pro.dts +index 219b7507a10f..45769764425d 100644 +--- a/arch/arm64/boot/dts/rockchip/rk3399-pinebook-pro.dts ++++ b/arch/arm64/boot/dts/rockchip/rk3399-pinebook-pro.dts +@@ -380,7 +380,7 @@ + }; + + &cdn_dp { +- status = "okay"; ++ status = "disabled"; + }; + + &cpu_b0 { +-- +2.30.2 + -- cgit v1.2.3 From c1a78a108104eb7bff89d1ccd88b6de6c2ccdbe6 Mon Sep 17 00:00:00 2001 From: Morgan Smith Date: Sat, 17 Apr 2021 19:06:38 +0200 Subject: gnu: emacs-geiser: Update to 0.13. * gnu/packages/patches/emacs-geiser-autoload-activate-implementation.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it here. * gnu/packages/emacs-xyz.scm (emacs-geiser): Update to 0.13. [source]: Change upstream URL. [build-system]: Change to emacs-build-system. [arguments]: Adjust accordingly. [native-inputs]: Remove emacs, autoconf, and automake. [description]: State that other packages are needed for geiser to be useful. Signed-off-by: Leo Prikler --- gnu/local.mk | 1 + gnu/packages/emacs-xyz.scm | 46 +++++++++++++--------- ...s-geiser-autoload-activate-implementation.patch | 26 ++++++++++++ 3 files changed, 54 insertions(+), 19 deletions(-) create mode 100644 gnu/packages/patches/emacs-geiser-autoload-activate-implementation.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index f7b14ee333..ae597a9a7d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -970,6 +970,7 @@ dist_patch_DATA = \ %D%/packages/patches/emacs-exec-path.patch \ %D%/packages/patches/emacs-exwm-fix-fullscreen-states.patch \ %D%/packages/patches/emacs-fix-scheme-indent-function.patch \ + %D%/packages/patches/emacs-geiser-autoload-activate-implementation.patch \ %D%/packages/patches/emacs-ignore-empty-xim-styles.patch \ %D%/packages/patches/emacs-json-reformat-fix-tests.patch \ %D%/packages/patches/emacs-highlight-stages-add-gexp.patch \ diff --git a/gnu/packages/emacs-xyz.scm b/gnu/packages/emacs-xyz.scm index 18decda4ad..b138759a50 100644 --- a/gnu/packages/emacs-xyz.scm +++ b/gnu/packages/emacs-xyz.scm @@ -219,43 +219,51 @@ (define-public emacs-geiser (package (name "emacs-geiser") - (version "0.12") + (version "0.13") (source (origin (method git-fetch) (uri (git-reference - (url "https://gitlab.com/jaor/geiser/") + (url "https://gitlab.com/emacs-geiser/geiser.git") (commit version))) (file-name (git-file-name name version)) (sha256 - (base32 "0n718xpys7v94zaf9lpmsx97qgn6qxif1acr718wyvpmfr4hiv08")))) - (build-system gnu-build-system) + (base32 "0bwjcfmcyv6z0i5ivqirgcibxdkrlf5vyxcbj7k8dk7flwg1fpd9")) + (patches + (search-patches "emacs-geiser-autoload-activate-implementation.patch")))) + (build-system emacs-build-system) (arguments '(#:phases (modify-phases %standard-phases - (add-after 'install 'post-install - (lambda* (#:key outputs #:allow-other-keys) - (symlink "geiser-install.el" - (string-append (assoc-ref outputs "out") - "/share/emacs/site-lisp/" - "geiser-autoloads.el")) - #t))))) - (inputs - `(("guile" ,guile-2.2))) + ;; Move the source files to the top level, which is included in + ;; the EMACSLOADPATH. + (add-after 'unpack 'move-source-files + (lambda _ + (let ((el-files (find-files "./elisp" ".*\\.el$"))) + (for-each (lambda (f) + (rename-file f (basename f))) + el-files)) + #t)) + (add-before 'install 'make-info + (lambda _ + (with-directory-excursion "doc" + (invoke "makeinfo" "--no-split" + "-o" "geiser.info" "geiser.texi"))))))) (native-inputs - `(("emacs" ,emacs-minimal) - ("autoconf" ,autoconf) - ("automake" ,automake) - ("texinfo" ,texinfo))) + `(("texinfo" ,texinfo))) (home-page "https://nongnu.org/geiser/") - (synopsis "Collection of Emacs modes for Guile and Racket hacking") + (synopsis "Collection of Emacs modes for Scheme hacking") (description "Geiser is a collection of Emacs major and minor modes that conspire with one or more Scheme implementations to keep the Lisp Machine Spirit alive. The continuously running Scheme interpreter takes the center of the stage in Geiser. A bundle of Elisp shims orchestrates the dialog between the Scheme implementation, Emacs and, ultimately, the schemer, giving them access to live -metadata.") +metadata. + +This package provides just the core of Geiser. To effectively use it with your +favourite Scheme implementation, you also need the corresponding geiser package, +e.g. emacs-geiser-guile for Guile.") (license license:bsd-3))) (define-public emacs-ac-geiser diff --git a/gnu/packages/patches/emacs-geiser-autoload-activate-implementation.patch b/gnu/packages/patches/emacs-geiser-autoload-activate-implementation.patch new file mode 100644 index 0000000000..47d513b3a3 --- /dev/null +++ b/gnu/packages/patches/emacs-geiser-autoload-activate-implementation.patch @@ -0,0 +1,26 @@ +From 9fd3174cead8bfa17a8413bffa38362853d71a02 Mon Sep 17 00:00:00 2001 +From: jao +Date: Mon, 5 Apr 2021 23:06:56 +0100 +Subject: [PATCH] autoload geiser activate implementation + +--- + elisp/geiser.el | 3 +++ + readme.org | 4 ++-- + 2 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/elisp/geiser.el b/elisp/geiser.el +index 887b8da..96c1dd6 100644 +--- a/elisp/geiser.el ++++ b/elisp/geiser.el +@@ -104,6 +104,9 @@ + ;;;###autoload + (autoload 'geiser-mode--maybe-activate "geiser-mode") + ++;;;###autoload ++(autoload 'geiser-activate-implementation "geiser-impl") ++ + ;;;###autoload + (mapc (lambda (group) + (custom-add-load group (symbol-name group)) +-- +GitLab -- cgit v1.2.3 From 7141b010ee95708b9e8a48e49430780bcee5383f Mon Sep 17 00:00:00 2001 From: Morgan Smith Date: Sat, 17 Apr 2021 19:06:39 +0200 Subject: gnu: Add emacs-geiser-guile. * gnu/packages/patches/emacs-geiser-guile-auto-activate.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it here. * gnu/packages/emacs-xyz.scm (emacs-geiser-guile): New variable. Signed-off-by: Leo Prikler --- gnu/local.mk | 1 + gnu/packages/emacs-xyz.scm | 42 ++++++++++++++++++++++ .../patches/emacs-geiser-guile-auto-activate.patch | 34 ++++++++++++++++++ 3 files changed, 77 insertions(+) create mode 100644 gnu/packages/patches/emacs-geiser-guile-auto-activate.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index ae597a9a7d..646561cecf 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -970,6 +970,7 @@ dist_patch_DATA = \ %D%/packages/patches/emacs-exec-path.patch \ %D%/packages/patches/emacs-exwm-fix-fullscreen-states.patch \ %D%/packages/patches/emacs-fix-scheme-indent-function.patch \ + %D%/packages/patches/emacs-geiser-guile-auto-activate.patch \ %D%/packages/patches/emacs-geiser-autoload-activate-implementation.patch \ %D%/packages/patches/emacs-ignore-empty-xim-styles.patch \ %D%/packages/patches/emacs-json-reformat-fix-tests.patch \ diff --git a/gnu/packages/emacs-xyz.scm b/gnu/packages/emacs-xyz.scm index b138759a50..2bb7f92041 100644 --- a/gnu/packages/emacs-xyz.scm +++ b/gnu/packages/emacs-xyz.scm @@ -266,6 +266,48 @@ favourite Scheme implementation, you also need the corresponding geiser package, e.g. emacs-geiser-guile for Guile.") (license license:bsd-3))) +(define-public emacs-geiser-guile + (package + (name "emacs-geiser-guile") + (version "0.13") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://gitlab.com/emacs-geiser/guile.git") + (commit version))) + (file-name (git-file-name name version)) + (sha256 + (base32 "0w264pjwlxna31260ll6gd0n77jlynhzf3h2dws5wr7jflns5mbc")) + (patches (search-patches + "emacs-geiser-guile-auto-activate.patch")))) + (build-system emacs-build-system) + (arguments + '(#:include (cons "^src/" %default-include) + #:phases + (modify-phases %standard-phases + (add-after 'make-autoloads 'patch-autoloads + (lambda* (#:key outputs #:allow-other-keys) + (substitute* (string-append + (elpa-directory (assoc-ref outputs "out")) + "/geiser-guile-autoloads.el") + ;; Activating implementations fails when Geiser is not yet + ;; loaded, so let's defer that until it is. + (("\\(geiser-activate-implementation .*\\)" all) + (string-append + "(eval-after-load 'geiser-impl '" all ")"))) + #t))))) + (inputs + `(("guile" ,guile-2.2))) + (propagated-inputs + `(("geiser" ,emacs-geiser))) + (home-page "https://nongnu.org/geiser/") + (synopsis "Guile Scheme support for Geiser") + (description + "This package adds support for the Guile Scheme implementation to Geiser, +a generic Scheme interaction mode for the GNU Emacs editor.") + (license license:bsd-3))) + (define-public emacs-ac-geiser (let ((commit "93818c936ee7e2f1ba1b315578bde363a7d43d05") (revision "0")) diff --git a/gnu/packages/patches/emacs-geiser-guile-auto-activate.patch b/gnu/packages/patches/emacs-geiser-guile-auto-activate.patch new file mode 100644 index 0000000000..44837f90df --- /dev/null +++ b/gnu/packages/patches/emacs-geiser-guile-auto-activate.patch @@ -0,0 +1,34 @@ +From 93ef7101fdfcc7eac6f465b4b9788c384a323c14 Mon Sep 17 00:00:00 2001 +From: jao +Date: Mon, 5 Apr 2021 20:17:50 +0100 +Subject: [PATCH] fix: auto-activate guile implementation + +--- + geiser-guile.el | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/geiser-guile.el b/geiser-guile.el +index 340442b..deeb76f 100644 +--- a/geiser-guile.el ++++ b/geiser-guile.el +@@ -25,6 +25,7 @@ + (require 'geiser-syntax) + (require 'geiser-custom) + (require 'geiser-repl) ++(require 'geiser-impl) + (require 'geiser-base) + (require 'geiser-eval) + (require 'geiser-edit) +@@ -474,6 +475,9 @@ it spawn a server thread." + + (geiser-impl--add-to-alist 'regexp "\\.scm$" 'guile t) + ++;;;###autoload ++(geiser-activate-implementation 'guile) ++ + ;;;###autoload + (autoload 'run-guile "geiser-guile" "Start a Geiser Guile REPL." t) + +-- +GitLab + -- cgit v1.2.3 From 3a851d45576e046d696fcf35b34d57b2cd28ea49 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Wed, 28 Apr 2021 07:44:52 -0700 Subject: gnu: u-boot: Patch to fix boot regressions for some platforms. The previous workaround stopped the preboot phase from loading USB support, which makes it impossible to use a USB keyboard to select a generation from the boot menu without using a serial console. * gnu/packages/patches/u-boot-rockchip-inno-usb.patch: New File. * gnu/local.mk (dist_patch_DATA): Add patch. * gnu/packages/bootloaders.scm (%u-boot-rockchip-inno-usb-patch): New variable. (u-boot)[source]: Add patch. (u-boot-rockpro64-rk3399, u-boot-pinebook-pro-rk3399): Remove obsolete phase. --- gnu/local.mk | 1 + gnu/packages/bootloaders.scm | 22 +- .../patches/u-boot-rockchip-inno-usb.patch | 238 +++++++++++++++++++++ 3 files changed, 247 insertions(+), 14 deletions(-) create mode 100644 gnu/packages/patches/u-boot-rockchip-inno-usb.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 646561cecf..0b39250469 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1741,6 +1741,7 @@ dist_patch_DATA = \ %D%/packages/patches/tup-unbundle-dependencies.patch \ %D%/packages/patches/tuxpaint-stamps-path.patch \ %D%/packages/patches/twinkle-bcg729.patch \ + %D%/packages/patches/u-boot-rockchip-inno-usb.patch \ %D%/packages/patches/u-boot-riscv64-fix-extlinux.patch \ %D%/packages/patches/ucx-tcp-iface-ioctl.patch \ %D%/packages/patches/udiskie-no-appindicator.patch \ diff --git a/gnu/packages/bootloaders.scm b/gnu/packages/bootloaders.scm index 827da0e3bb..e77466cf26 100644 --- a/gnu/packages/bootloaders.scm +++ b/gnu/packages/bootloaders.scm @@ -475,11 +475,19 @@ menu to select one of the installed operating systems.") tree binary files. These are board description files used by Linux and BSD.") (license license:gpl2+))) +(define %u-boot-rockchip-inno-usb-patch + ;; Fix regression in 2020.10 causing freezes on boot with USB boot enabled. + ;; See https://gitlab.manjaro.org/manjaro-arm/packages/core/uboot-rockpro64/-/issues/4 + ;; and https://patchwork.ozlabs.org/project/uboot/patch/20210406151059.1187379-1-icenowy@aosc.io + (search-patch "u-boot-rockchip-inno-usb.patch")) + (define u-boot (package (name "u-boot") (version "2021.04") (source (origin + (patches + (list %u-boot-rockchip-inno-usb-patch)) (method url-fetch) (uri (string-append "https://ftp.denx.de/pub/u-boot/" @@ -889,13 +897,6 @@ to Novena upstream, does not load u-boot.img from the first partition.") (substitute-keyword-arguments (package-arguments base) ((#:phases phases) `(modify-phases ,phases - (add-after 'unpack 'patch-rockpro64-config - ;; Fix regression in 2020.10 causing freezes on boot with USB boot enabled. - ;; See https://gitlab.manjaro.org/manjaro-arm/packages/core/uboot-rockpro64/-/issues/4 - (lambda _ - (substitute* "configs/rockpro64-rk3399_defconfig" - (("CONFIG_USE_PREBOOT=y") "CONFIG_USE_PREBOOT=n")) - #t)) (add-after 'patch-rockpro64-config 'set-environment (lambda* (#:key inputs #:allow-other-keys) (setenv "BL31" (string-append (assoc-ref inputs "firmware") @@ -916,13 +917,6 @@ to Novena upstream, does not load u-boot.img from the first partition.") (substitute-keyword-arguments (package-arguments base) ((#:phases phases) `(modify-phases ,phases - (add-after 'unpack 'patch-pinebook-pro-config - ;; Fix regression in 2020.10 causing freezes on boot with USB boot enabled. - ;; See https://gitlab.manjaro.org/manjaro-arm/packages/core/uboot-rockpro64/-/issues/4 - (lambda _ - (substitute* "configs/pinebook-pro-rk3399_defconfig" - (("CONFIG_USE_PREBOOT=y") "CONFIG_USE_PREBOOT=n")) - #t)) (add-after 'unpack 'set-environment (lambda* (#:key inputs #:allow-other-keys) (setenv "BL31" (string-append (assoc-ref inputs "firmware") diff --git a/gnu/packages/patches/u-boot-rockchip-inno-usb.patch b/gnu/packages/patches/u-boot-rockchip-inno-usb.patch new file mode 100644 index 0000000000..58f04b2c78 --- /dev/null +++ b/gnu/packages/patches/u-boot-rockchip-inno-usb.patch @@ -0,0 +1,238 @@ +Downloaded from: +https://patchwork.ozlabs.org/project/uboot/patch/20210406151059.1187379-1-icenowy@aosc.io + +From patchwork Tue Apr 6 15:10:59 2021 +Content-Type: text/plain; charset="utf-8" +MIME-Version: 1.0 +Content-Transfer-Encoding: 7bit +X-Patchwork-Submitter: Icenowy Zheng +X-Patchwork-Id: 1462876 +X-Patchwork-Delegate: ykai007@gmail.com +Return-Path: +X-Original-To: incoming@patchwork.ozlabs.org +Delivered-To: patchwork-incoming@bilbo.ozlabs.org +Authentication-Results: ozlabs.org; + spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de + (client-ip=85.214.62.61; helo=phobos.denx.de; + envelope-from=u-boot-bounces@lists.denx.de; receiver=) +Authentication-Results: ozlabs.org; + dkim=fail reason="signature verification failed" (1024-bit key; + unprotected) header.d=mymailcheap.com header.i=@mymailcheap.com + header.a=rsa-sha256 header.s=default header.b=unszVtqT; + dkim=fail reason="signature verification failed" (1024-bit key; + unprotected) header.d=aosc.io header.i=@aosc.io header.a=rsa-sha256 + header.s=default header.b=mWwYCh9A; + dkim-atps=neutral +Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) + (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) + key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest + SHA256) + (No client certificate requested) + by ozlabs.org (Postfix) with ESMTPS id 4FF9wc3GdNz9sW1 + for ; Wed, 7 Apr 2021 01:11:42 +1000 (AEST) +Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) + by phobos.denx.de (Postfix) with ESMTP id C1F9C8040A; + Tue, 6 Apr 2021 17:11:32 +0200 (CEST) +Authentication-Results: phobos.denx.de; + dmarc=none (p=none dis=none) header.from=aosc.io +Authentication-Results: phobos.denx.de; + spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de +Authentication-Results: phobos.denx.de; + dkim=fail reason="signature verification failed" (1024-bit key; + unprotected) header.d=mymailcheap.com header.i=@mymailcheap.com + header.b="unszVtqT"; + dkim=fail reason="signature verification failed" (1024-bit key; + unprotected) header.d=aosc.io header.i=@aosc.io header.b="mWwYCh9A"; + dkim-atps=neutral +Received: by phobos.denx.de (Postfix, from userid 109) + id E4F22805B4; Tue, 6 Apr 2021 17:11:30 +0200 (CEST) +X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de +X-Spam-Level: +X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, + DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham + autolearn_force=no version=3.4.2 +Received: from relay3.mymailcheap.com (relay3.mymailcheap.com + [217.182.66.161]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by phobos.denx.de (Postfix) with ESMTPS id 2FC4A8039D + for ; Tue, 6 Apr 2021 17:11:27 +0200 (CEST) +Authentication-Results: phobos.denx.de; + dmarc=none (p=none dis=none) header.from=aosc.io +Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=icenowy@aosc.io +Received: from filter2.mymailcheap.com (filter2.mymailcheap.com + [91.134.140.82]) + by relay3.mymailcheap.com (Postfix) with ESMTPS id A6AC13ECDF; + Tue, 6 Apr 2021 17:11:26 +0200 (CEST) +Received: from localhost (localhost [127.0.0.1]) + by filter2.mymailcheap.com (Postfix) with ESMTP id 88D512A915; + Tue, 6 Apr 2021 17:11:26 +0200 (CEST) +DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=mymailcheap.com; + s=default; t=1617721886; + bh=qb5gt5o7M9qjdJd67A3WHGZp/76w4s4FS6+u1VuEh/o=; + h=From:To:Cc:Subject:Date:From; + b=unszVtqTnO9MGZVbgLH5H0cMo3VfQ+g5377blmOUcrtzMSqNbDD5SM25MUhlTUKiB + hTFq4L53gszBYfRPfh7Z5XgNVERULL5Zx0+WnVjZ7kUIp/wS3IQqxe81ChoFEsLTr8 + 22UB9NN3OSVkuN/jRAzX+lKpugVGBHwOCjZBZukQ= +Received: from filter2.mymailcheap.com ([127.0.0.1]) + by localhost (filter2.mymailcheap.com [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id V9lVOgo6gApH; Tue, 6 Apr 2021 17:11:25 +0200 (CEST) +Received: from mail20.mymailcheap.com (mail20.mymailcheap.com [51.83.111.147]) + (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) + (No client certificate requested) + by filter2.mymailcheap.com (Postfix) with ESMTPS; + Tue, 6 Apr 2021 17:11:25 +0200 (CEST) +Received: from [213.133.102.83] (ml.mymailcheap.com [213.133.102.83]) + by mail20.mymailcheap.com (Postfix) with ESMTP id C9EA3400B6; + Tue, 6 Apr 2021 15:11:24 +0000 (UTC) +Authentication-Results: mail20.mymailcheap.com; dkim=pass (1024-bit key; + unprotected) header.d=aosc.io header.i=@aosc.io header.b="mWwYCh9A"; + dkim-atps=neutral +AI-Spam-Status: Not processed +Received: from ice-e5v2.lan (unknown [59.41.163.135]) + (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) + key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest + SHA256) (No client certificate requested) + by mail20.mymailcheap.com (Postfix) with ESMTPSA id 251F840C16; + Tue, 6 Apr 2021 15:11:10 +0000 (UTC) +DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=aosc.io; s=default; + t=1617721874; bh=qb5gt5o7M9qjdJd67A3WHGZp/76w4s4FS6+u1VuEh/o=; + h=From:To:Cc:Subject:Date:From; + b=mWwYCh9AM8eRWm9hiEqirytotj/G/C1p9r2fd0zUxPhS0UQH+kw6L3RWZnsfmXAYq + HmYFiM3ktIfwevqQw89tOi8c2ktb49iYOyHXkfi8hTZl1dNsJDS94uyzBiHYY+U7x5 + P0aTRRaL5C8ua2c1GedoPx06nrARO/KMEFy39rxI= +From: Icenowy Zheng +To: Simon Glass , Kever Yang , + Frank Wang , + Jagan Teki +Cc: u-boot@lists.denx.de, + Icenowy Zheng +Subject: [PATCH] phy: rockchip: inno-usb2: fix hang when multiple controllers + exit +Date: Tue, 6 Apr 2021 23:10:59 +0800 +Message-Id: <20210406151059.1187379-1-icenowy@aosc.io> +X-Mailer: git-send-email 2.30.2 +MIME-Version: 1.0 +X-Rspamd-Server: mail20.mymailcheap.com +X-Spamd-Result: default: False [4.90 / 20.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; + ARC_NA(0.00)[]; R_DKIM_ALLOW(0.00)[aosc.io:s=default]; + RECEIVED_SPAMHAUS_PBL(0.00)[59.41.163.135:received]; + FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; + R_MISSING_CHARSET(2.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; + MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[aosc.io]; + BROKEN_CONTENT_TYPE(1.50)[]; R_SPF_SOFTFAIL(0.00)[~all]; + RCPT_COUNT_FIVE(0.00)[6]; ML_SERVERS(-3.10)[213.133.102.83]; + DKIM_TRACE(0.00)[aosc.io:+]; MID_CONTAINS_FROM(1.00)[]; + RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; + MIME_TRACE(0.00)[0:+]; + ASN(0.00)[asn:24940, ipnet:213.133.96.0/19, country:DE]; + RCVD_COUNT_TWO(0.00)[2]; + HFILTER_HELO_BAREIP(3.00)[213.133.102.83,1] +X-Rspamd-Queue-Id: C9EA3400B6 +X-BeenThere: u-boot@lists.denx.de +X-Mailman-Version: 2.1.34 +Precedence: list +List-Id: U-Boot discussion +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Errors-To: u-boot-bounces@lists.denx.de +Sender: "U-Boot" +X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de +X-Virus-Status: Clean + +The OHCI and EHCI controllers are both bound to the same PHY. They will +both do init and power_on operations when the controller is brought up +and both do power_off and exit when the controller is stopped. However, +the PHY uclass of U-Boot is not as sane as we thought -- they won't +maintain a status mark for PHYs, and thus the functions of the PHYs +could be called for multiple times. Calling init/power_on for multiple +times have no severe problems, however calling power_off/exit for +multiple times have a problem -- the first exit call will stop the PHY +clock, and power_off/exit calls after it still trying to write to PHY +registers. The write operation to PHY registers will fail because clock +is already stopped. + +Adapt the count mechanism from phy-sun4i-usb to both init/exit and +power_on/power_off functions to phy-rockchip-inno-usb2 to fix this +problem. With this stopping USB controllers (manually or before booting +a kernel) will work. + +Signed-off-by: Icenowy Zheng +Fixes: ac97a9ece14e ("phy: rockchip: Add Rockchip USB2PHY driver") +Tested-by: Peter Robinson +--- + drivers/phy/rockchip/phy-rockchip-inno-usb2.c | 21 +++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/drivers/phy/rockchip/phy-rockchip-inno-usb2.c b/drivers/phy/rockchip/phy-rockchip-inno-usb2.c +index 62b8ba3a4a..be9cc99d90 100644 +--- a/drivers/phy/rockchip/phy-rockchip-inno-usb2.c ++++ b/drivers/phy/rockchip/phy-rockchip-inno-usb2.c +@@ -62,6 +62,8 @@ struct rockchip_usb2phy { + void *reg_base; + struct clk phyclk; + const struct rockchip_usb2phy_cfg *phy_cfg; ++ int init_count; ++ int power_on_count; + }; + + static inline int property_enable(void *reg_base, +@@ -92,6 +94,10 @@ static int rockchip_usb2phy_power_on(struct phy *phy) + struct rockchip_usb2phy *priv = dev_get_priv(parent); + const struct rockchip_usb2phy_port_cfg *port_cfg = us2phy_get_port(phy); + ++ priv->power_on_count++; ++ if (priv->power_on_count != 1) ++ return 0; ++ + property_enable(priv->reg_base, &port_cfg->phy_sus, false); + + /* waiting for the utmi_clk to become stable */ +@@ -106,6 +112,10 @@ static int rockchip_usb2phy_power_off(struct phy *phy) + struct rockchip_usb2phy *priv = dev_get_priv(parent); + const struct rockchip_usb2phy_port_cfg *port_cfg = us2phy_get_port(phy); + ++ priv->power_on_count--; ++ if (priv->power_on_count != 0) ++ return 0; ++ + property_enable(priv->reg_base, &port_cfg->phy_sus, true); + + return 0; +@@ -118,6 +128,10 @@ static int rockchip_usb2phy_init(struct phy *phy) + const struct rockchip_usb2phy_port_cfg *port_cfg = us2phy_get_port(phy); + int ret; + ++ priv->init_count++; ++ if (priv->init_count != 1) ++ return 0; ++ + ret = clk_enable(&priv->phyclk); + if (ret) { + dev_err(phy->dev, "failed to enable phyclk (ret=%d)\n", ret); +@@ -140,6 +154,10 @@ static int rockchip_usb2phy_exit(struct phy *phy) + struct udevice *parent = dev_get_parent(phy->dev); + struct rockchip_usb2phy *priv = dev_get_priv(parent); + ++ priv->init_count--; ++ if (priv->init_count != 0) ++ return 0; ++ + clk_disable(&priv->phyclk); + + return 0; +@@ -212,6 +230,9 @@ static int rockchip_usb2phy_probe(struct udevice *dev) + return ret; + } + ++ priv->power_on_count = 0; ++ priv->init_count = 0; ++ + return 0; + } + -- cgit v1.2.3 From 06cf2fc01fe5bab2623f9434ab504959d16f3746 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Tue, 4 May 2021 15:56:21 +0200 Subject: gnu: busybox: Update to 1.33.1. * gnu/packages/busybox.scm (busybox): Update to 1.33.1. [source]: Remove upstreamed patch. * gnu/packages/patches/busybox-CVE-2021-28831.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/busybox.scm | 5 +- gnu/packages/patches/busybox-CVE-2021-28831.patch | 57 ----------------------- 3 files changed, 2 insertions(+), 61 deletions(-) delete mode 100644 gnu/packages/patches/busybox-CVE-2021-28831.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 0b39250469..9ada3044a3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -876,7 +876,6 @@ dist_patch_DATA = \ %D%/packages/patches/blender-2.79-python-3.7-fix.patch \ %D%/packages/patches/blender-2.79-python-3.8-fix.patch \ %D%/packages/patches/bpftrace-disable-bfd-disasm.patch \ - %D%/packages/patches/busybox-CVE-2021-28831.patch \ %D%/packages/patches/byobu-writable-status.patch \ %D%/packages/patches/cairo-CVE-2018-19876.patch \ %D%/packages/patches/cairo-CVE-2020-35492.patch \ diff --git a/gnu/packages/busybox.scm b/gnu/packages/busybox.scm index 7ede3ee330..5b038870de 100644 --- a/gnu/packages/busybox.scm +++ b/gnu/packages/busybox.scm @@ -33,7 +33,7 @@ (define-public busybox (package (name "busybox") - (version "1.33.0") + (version "1.33.1") (source (origin (method url-fetch) (uri (string-append @@ -41,8 +41,7 @@ version ".tar.bz2")) (sha256 (base32 - "1gcg7ggg79apdlp5qnrh9pbjl10fx30yn33p21kxqpm8j4f6hs6m")) - (patches (search-patches "busybox-CVE-2021-28831.patch")))) + "0a0dcvsh7nxnhxc5y73fky0z30i9p7r30qfidm2akn0n5fywdkhj")))) (build-system gnu-build-system) (arguments '(#:phases diff --git a/gnu/packages/patches/busybox-CVE-2021-28831.patch b/gnu/packages/patches/busybox-CVE-2021-28831.patch deleted file mode 100644 index da3107fbb1..0000000000 --- a/gnu/packages/patches/busybox-CVE-2021-28831.patch +++ /dev/null @@ -1,57 +0,0 @@ -From f25d254dfd4243698c31a4f3153d4ac72aa9e9bd Mon Sep 17 00:00:00 2001 -From: Samuel Sapalski -Date: Wed, 3 Mar 2021 16:31:22 +0100 -Subject: decompress_gunzip: Fix DoS if gzip is corrupt - -On certain corrupt gzip files, huft_build will set the error bit on -the result pointer. If afterwards abort_unzip is called huft_free -might run into a segmentation fault or an invalid pointer to -free(p). - -In order to mitigate this, we check in huft_free if the error bit -is set and clear it before the linked list is freed. - -Signed-off-by: Samuel Sapalski -Signed-off-by: Peter Kaestle -Signed-off-by: Denys Vlasenko ---- - archival/libarchive/decompress_gunzip.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/archival/libarchive/decompress_gunzip.c b/archival/libarchive/decompress_gunzip.c -index eb3b64930..e93cd5005 100644 ---- a/archival/libarchive/decompress_gunzip.c -+++ b/archival/libarchive/decompress_gunzip.c -@@ -220,10 +220,20 @@ static const uint8_t border[] ALIGN1 = { - * each table. - * t: table to free - */ -+#define BAD_HUFT(p) ((uintptr_t)(p) & 1) -+#define ERR_RET ((huft_t*)(uintptr_t)1) - static void huft_free(huft_t *p) - { - huft_t *q; - -+ /* -+ * If 'p' has the error bit set we have to clear it, otherwise we might run -+ * into a segmentation fault or an invalid pointer to free(p) -+ */ -+ if (BAD_HUFT(p)) { -+ p = (huft_t*)((uintptr_t)(p) ^ (uintptr_t)(ERR_RET)); -+ } -+ - /* Go through linked list, freeing from the malloced (t[-1]) address. */ - while (p) { - q = (--p)->v.t; -@@ -289,8 +299,6 @@ static unsigned fill_bitbuffer(STATE_PARAM unsigned bitbuffer, unsigned *current - * or a valid pointer to a Huffman table, ORed with 0x1 if incompete table - * is given: "fixed inflate" decoder feeds us such data. - */ --#define BAD_HUFT(p) ((uintptr_t)(p) & 1) --#define ERR_RET ((huft_t*)(uintptr_t)1) - static huft_t* huft_build(const unsigned *b, const unsigned n, - const unsigned s, const struct cp_ext *cp_ext, - unsigned *m) --- -cgit v1.2.1 - -- cgit v1.2.3 From 3df04eb09f4a473cf6a214331cccba50694677f1 Mon Sep 17 00:00:00 2001 From: Philip McGrath Date: Fri, 16 Apr 2021 17:08:22 -0400 Subject: gnu: racket: Move to (gnu packages racket). MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/scheme.scm (racket,racket-minimal): Move to ... * gnu/packages/racket.scm: ... this new file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * gnu/packages/racket.scm (racket)[synopsis]: Tweak. Signed-off-by: Ludovic Courtès --- gnu/local.mk | 1 + gnu/packages/racket.scm | 242 ++++++++++++++++++++++++++++++++++++++++++++++++ gnu/packages/scheme.scm | 194 -------------------------------------- 3 files changed, 243 insertions(+), 194 deletions(-) create mode 100644 gnu/packages/racket.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 9ada3044a3..21b57f5325 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -472,6 +472,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/toys.scm \ %D%/packages/tryton.scm \ %D%/packages/qt.scm \ + %D%/packages/racket.scm \ %D%/packages/radio.scm \ %D%/packages/ragel.scm \ %D%/packages/rails.scm \ diff --git a/gnu/packages/racket.scm b/gnu/packages/racket.scm new file mode 100644 index 0000000000..925a6391f5 --- /dev/null +++ b/gnu/packages/racket.scm @@ -0,0 +1,242 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2013, 2014, 2015, 2016, 2018, 2020 Ludovic Courtès +;;; Copyright © 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice +;;; Copyright © 2020 Pierre Neidhardt +;;; Copyright © 2021 Philip McGrath +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages racket) + #:use-module ((guix licenses) + #:select (asl2.0 expat lgpl3+)) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix git-download) + #:use-module (guix utils) + #:use-module (guix gexp) + #:use-module (guix build-system gnu) + #:use-module (srfi srfi-1) + #:use-module (ice-9 match) + #:use-module (gnu packages) + #:use-module (gnu packages bash) + #:use-module ((gnu packages chez) + #:select (chez-scheme)) + #:use-module (gnu packages compression) + #:use-module (gnu packages databases) + #:use-module (gnu packages fontutils) + #:use-module (gnu packages gl) + #:use-module (gnu packages glib) + #:use-module (gnu packages gtk) + #:use-module (gnu packages image) + #:use-module (gnu packages libedit) + #:use-module (gnu packages multiprecision) + #:use-module (gnu packages sqlite) + #:use-module (gnu packages tls) + #:use-module (gnu packages xorg)) + +(define-public racket + (package + (name "racket") + (version "8.0") ; note: remember to also update racket-minimal! + (source (origin + (method url-fetch) + (uri (list (string-append "https://mirror.racket-lang.org/installers/" + version "/racket-src.tgz") + ;; this mirror seems to have broken HTTPS: + (string-append + "http://mirror.informatik.uni-tuebingen.de/mirror/racket/" + version "/racket-src.tgz"))) + (sha256 + (base32 + "047wpjblfzmf1msz7snrp2c2h0zxyzlmbsqr9bwsyvz3frcg0888")) + (patches (search-patches + "racket-sh-via-rktio.patch" + ;; TODO: If we're no longer patching Racket source + ;; files with store paths, we may also fix the + ;; issue that necessitated the following patch: + "racket-store-checksum-override.patch")))) + (build-system gnu-build-system) + (arguments + `(#:configure-flags + `(,(string-append "CPPFLAGS=-DGUIX_RKTIO_PATCH_BIN_SH=" + (assoc-ref %build-inputs "sh") + "/bin/sh") + "--enable-libz" + "--enable-liblz4") + #:modules + ((guix build gnu-build-system) + (guix build utils) + (srfi srfi-1)) + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'patch-chez-configure + (lambda* (#:key inputs outputs #:allow-other-keys) + (substitute* "src/cs/c/Makefile.in" + (("/bin/sh") (which "sh"))) + ;; TODO: Racket CS uses a fork of Chez Scheme. + ;; Most of this is copy-pasted from the "chez.scm", + ;; but maybe there's a way to reuse more directly. + (with-directory-excursion "src/ChezScheme" + (substitute* (find-files "mats" "Mf-.*") + (("^[[:space:]]+(cc ) *") "\tgcc ")) + (substitute* + (find-files "." (string-append + "(" + "Mf-[a-zA-Z0-9.]+" + "|Makefile[a-zA-Z0-9.]*" + "|checkin" + "|stex\\.stex" + "|newrelease" + "|workarea" + "|unix\\.ms" + "|^6\\.ms" + ;;"|[a-zA-Z0-9.]+\\.ms" ; guile can't read + ")")) + (("/bin/rm") (which "rm")) + (("/bin/ln") (which "ln")) + (("/bin/cp") (which "cp")) + (("/bin/echo") (which "echo"))) + (substitute* "makefiles/installsh" + (("/bin/true") (which "true")))) + #t)) + (add-before 'configure 'pre-configure-minimal + (lambda* (#:key inputs #:allow-other-keys) + (chdir "src") + #t)) + (add-after 'build 'patch-config.rktd-lib-search-dirs + (lambda* (#:key inputs outputs #:allow-other-keys) + ;; We do this between the `build` and `install` phases + ;; so that we have racket to read and write the hash table, + ;; but it comes before `raco setup`, when foreign libraries + ;; are needed to build the documentation. + (define out (assoc-ref outputs "out")) + (apply invoke + "./cs/c/racketcs" + "-e" + ,(format #f + "~s" + '(let* ((args + (vector->list + (current-command-line-arguments))) + (file (car args)) + (extra-lib-search-dirs (cdr args))) + (write-to-file + (hash-update + (file->value file) + 'lib-search-dirs + (lambda (dirs) + (append dirs extra-lib-search-dirs)) + null) + #:exists 'truncate/replace + file))) + "--" + "../etc/config.rktd" + (filter-map (lambda (lib) + (cond + ((assoc-ref inputs lib) + => (lambda (pth) + (string-append pth "/lib"))) + (else + #f))) + '("cairo" + "fontconfig" + "glib" + "glu" + "gmp" + "gtk+" + "libjpeg" + "libpng" + "libx11" + "mesa" + "mpfr" + "openssl" + "pango" + "sqlite" + "unixodbc" + "libedit"))) + #t))) + ;; XXX: how to run them? + #:tests? #f)) + (inputs + `(;; sqlite and libraries for `racket/draw' are needed to build the doc. + ("sh" ,bash-minimal) + ("zlib" ,zlib) + ("zlib:static" ,zlib "static") + ("lz4" ,lz4) + ("lz4:static" ,lz4 "static") + ("cairo" ,cairo) + ("fontconfig" ,fontconfig) + ("glib" ,glib) + ("glu" ,glu) + ("gmp" ,gmp) + ("gtk+" ,gtk+) ; propagates gdk-pixbuf+svg + ("libjpeg" ,libjpeg-turbo) + ("libpng" ,libpng) + ("libx11" ,libx11) + ("mesa" ,mesa) + ("mpfr" ,mpfr) + ("openssl" ,openssl) + ("pango" ,pango) + ("sqlite" ,sqlite) + ("unixodbc" ,unixodbc) + ("libedit" ,libedit))) + (home-page "https://racket-lang.org") + (synopsis "A programmable programming language in the Scheme family") + (description + "Racket is a general-purpose programming language in the Scheme family, +with a large set of libraries and a compiler based on Chez Scheme. Racket is +also a platform for language-oriented programming, from small domain-specific +languages to complete language implementations. + +The main Racket distribution comes with many bundled packages, including the +DrRacket IDE, libraries for GUI and web programming, and implementations of +languages such as Typed Racket, R5RS and R6RS Scheme, Algol 60, and Datalog.") + ;; https://download.racket-lang.org/license.html + (license (list lgpl3+ asl2.0 expat)))) + +(define-public racket-minimal + (package + (inherit racket) + (name "racket-minimal") + (version (package-version racket)) + (source + (origin + (inherit (package-source racket)) + (uri (list (string-append "https://mirror.racket-lang.org/installers/" + version "/racket-minimal-src.tgz") + ;; this mirror seems to have broken HTTPS: + (string-append + "http://mirror.informatik.uni-tuebingen.de/mirror/racket/" + version "/racket-minimal-src.tgz"))) + (sha256 "0mwyffw4gcci8wmzxa3j28h03h0gsz55aard8qrk3lri8r2xyg21"))) + (synopsis "Racket without bundled packages such as DrRacket") + (inputs + `(("openssl" ,openssl) + ("sqlite" ,sqlite) + ("sh" ,bash-minimal) + ("zlib" ,zlib) + ("zlib:static" ,zlib "static") + ("lz4" ,lz4) + ("lz4:static" ,lz4 "static"))) + (description + "Racket is a general-purpose programming language in the Scheme family, +with a large set of libraries and a compiler based on Chez Scheme. Racket is +also a platform for language-oriented programming, from small domain-specific +languages to complete language implementations. + +The ``minimal Racket'' distribution includes just enough of Racket for you to +use @command{raco pkg} to install more. Bundled packages, such as the +DrRacket IDE, are not included."))) diff --git a/gnu/packages/scheme.scm b/gnu/packages/scheme.scm index 5c2d2747b9..fa17b9d566 100644 --- a/gnu/packages/scheme.scm +++ b/gnu/packages/scheme.scm @@ -405,200 +405,6 @@ implementation techniques and as an expository tool.") ;; Most files are BSD-3; see COPYING for the few exceptions. (license bsd-3))) -(define-public racket - (package - (name "racket") - (version "8.0") ; note: remember to also update racket-minimal! - (source (origin - (method url-fetch) - (uri (list (string-append "https://mirror.racket-lang.org/installers/" - version "/racket-src.tgz") - ;; this mirror seems to have broken HTTPS: - (string-append - "http://mirror.informatik.uni-tuebingen.de/mirror/racket/" - version "/racket-src.tgz"))) - (sha256 - (base32 - "047wpjblfzmf1msz7snrp2c2h0zxyzlmbsqr9bwsyvz3frcg0888")) - (patches (search-patches - "racket-sh-via-rktio.patch" - ;; TODO: If we're no longer patching Racket source - ;; files with store paths, we may also fix the - ;; issue that necessitated the following patch: - "racket-store-checksum-override.patch")))) - (build-system gnu-build-system) - (arguments - `(#:configure-flags - `(,(string-append "CPPFLAGS=-DGUIX_RKTIO_PATCH_BIN_SH=" - (assoc-ref %build-inputs "sh") - "/bin/sh") - "--enable-libz" - "--enable-liblz4") - #:modules - ((guix build gnu-build-system) - (guix build utils) - (srfi srfi-1)) - #:phases - (modify-phases %standard-phases - (add-after 'unpack 'patch-chez-configure - (lambda* (#:key inputs outputs #:allow-other-keys) - (substitute* "src/cs/c/Makefile.in" - (("/bin/sh") (which "sh"))) - ;; TODO: Racket CS uses a fork of Chez Scheme. - ;; Most of this is copy-pasted from the "chez.scm", - ;; but maybe there's a way to reuse more directly. - (with-directory-excursion "src/ChezScheme" - (substitute* (find-files "mats" "Mf-.*") - (("^[[:space:]]+(cc ) *") "\tgcc ")) - (substitute* - (find-files "." (string-append - "(" - "Mf-[a-zA-Z0-9.]+" - "|Makefile[a-zA-Z0-9.]*" - "|checkin" - "|stex\\.stex" - "|newrelease" - "|workarea" - "|unix\\.ms" - "|^6\\.ms" - ;;"|[a-zA-Z0-9.]+\\.ms" ; guile can't read - ")")) - (("/bin/rm") (which "rm")) - (("/bin/ln") (which "ln")) - (("/bin/cp") (which "cp")) - (("/bin/echo") (which "echo"))) - (substitute* "makefiles/installsh" - (("/bin/true") (which "true")))) - #t)) - (add-before 'configure 'pre-configure-minimal - (lambda* (#:key inputs #:allow-other-keys) - (chdir "src") - #t)) - (add-after 'build 'patch-config.rktd-lib-search-dirs - (lambda* (#:key inputs outputs #:allow-other-keys) - ;; We do this between the `build` and `install` phases - ;; so that we have racket to read and write the hash table, - ;; but it comes before `raco setup`, when foreign libraries - ;; are needed to build the documentation. - (define out (assoc-ref outputs "out")) - (apply invoke - "./cs/c/racketcs" - "-e" - ,(format #f - "~s" - '(let* ((args - (vector->list - (current-command-line-arguments))) - (file (car args)) - (extra-lib-search-dirs (cdr args))) - (write-to-file - (hash-update - (file->value file) - 'lib-search-dirs - (lambda (dirs) - (append dirs extra-lib-search-dirs)) - null) - #:exists 'truncate/replace - file))) - "--" - "../etc/config.rktd" - (filter-map (lambda (lib) - (cond - ((assoc-ref inputs lib) - => (lambda (pth) - (string-append pth "/lib"))) - (else - #f))) - '("cairo" - "fontconfig" - "glib" - "glu" - "gmp" - "gtk+" - "libjpeg" - "libpng" - "libx11" - "mesa" - "mpfr" - "openssl" - "pango" - "sqlite" - "unixodbc" - "libedit"))) - #t))) - ;; XXX: how to run them? - #:tests? #f)) - (inputs - `(;; sqlite and libraries for `racket/draw' are needed to build the doc. - ("sh" ,bash-minimal) - ("zlib" ,zlib) - ("zlib:static" ,zlib "static") - ("lz4" ,lz4) - ("lz4:static" ,lz4 "static") - ("cairo" ,cairo) - ("fontconfig" ,fontconfig) - ("glib" ,glib) - ("glu" ,glu) - ("gmp" ,gmp) - ("gtk+" ,gtk+) ; propagates gdk-pixbuf+svg - ("libjpeg" ,libjpeg-turbo) - ("libpng" ,libpng) - ("libx11" ,libx11) - ("mesa" ,mesa) - ("mpfr" ,mpfr) - ("openssl" ,openssl) - ("pango" ,pango) - ("sqlite" ,sqlite) - ("unixodbc" ,unixodbc) - ("libedit" ,libedit))) - (home-page "https://racket-lang.org") - (synopsis "Implementation of Scheme and related languages") - (description - "Racket is a general-purpose programming language in the Scheme family, -with a large set of libraries and a compiler based on Chez Scheme. Racket is -also a platform for language-oriented programming, from small domain-specific -languages to complete language implementations. - -The main Racket distribution comes with many bundled packages, including -the DrRacket IDE, libraries for GUI and web programming, and implementations -of languages such as Typed Racket, R5RS and R6RS Scheme, and Datalog.") - ;; https://download.racket-lang.org/license.html - (license (list lgpl3+ asl2.0 expat)))) - -(define-public racket-minimal - (package - (inherit racket) - (name "racket-minimal") - (version (package-version racket)) - (source - (origin - (inherit (package-source racket)) - (uri (list (string-append "https://mirror.racket-lang.org/installers/" - version "/racket-minimal-src.tgz") - ;; this mirror seems to have broken HTTPS: - (string-append - "http://mirror.informatik.uni-tuebingen.de/mirror/racket/" - version "/racket-minimal-src.tgz"))) - (sha256 "0mwyffw4gcci8wmzxa3j28h03h0gsz55aard8qrk3lri8r2xyg21"))) - (synopsis "Racket without bundled packages such as Dr. Racket") - (inputs - `(("openssl" ,openssl) - ("sqlite" ,sqlite) - ("sh" ,bash-minimal) - ("zlib" ,zlib) - ("zlib:static" ,zlib "static") - ("lz4" ,lz4) - ("lz4:static" ,lz4 "static"))) - (description - "Racket is a general-purpose programming language in the Scheme family, -with a large set of libraries and a compiler based on Chez Scheme. Racket is -also a platform for language-oriented programming, from small domain-specific -languages to complete language implementations. - -The ``minimal Racket'' distribution includes just enough of Racket for you to -use @command{raco pkg} to install more. Bundled packages, such as the -Dr. Racket IDE, are not included."))) - (define-public gambit-c (package (name "gambit-c") -- cgit v1.2.3 From cd9454f6ed4e24612ed378c06174151c5fef4fd1 Mon Sep 17 00:00:00 2001 From: Philip McGrath Date: Fri, 16 Apr 2021 17:11:37 -0400 Subject: gnu: racket: Remove obsolete patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/racket.scm (racket)[source](patches): Remove "racket-store-checksum-override.patch", which is no longer needed since we stopped injecting store paths into Racket files in commit 834aa48: see . * gnu/packages/patches/racket-store-checksum-override.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. Signed-off-by: Ludovic Courtès --- gnu/local.mk | 1 - .../patches/racket-store-checksum-override.patch | 42 ---------------------- gnu/packages/racket.scm | 6 +--- 3 files changed, 1 insertion(+), 48 deletions(-) delete mode 100644 gnu/packages/patches/racket-store-checksum-override.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 21b57f5325..72bc31588d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1651,7 +1651,6 @@ dist_patch_DATA = \ %D%/packages/patches/rpcbind-CVE-2017-8779.patch \ %D%/packages/patches/rtags-separate-rct.patch \ %D%/packages/patches/racket-sh-via-rktio.patch \ - %D%/packages/patches/racket-store-checksum-override.patch \ %D%/packages/patches/remake-impure-dirs.patch \ %D%/packages/patches/retroarch-LIBRETRO_DIRECTORY.patch \ %D%/packages/patches/rnp-add-version.cmake.patch \ diff --git a/gnu/packages/patches/racket-store-checksum-override.patch b/gnu/packages/patches/racket-store-checksum-override.patch deleted file mode 100644 index 6c4ebcf022..0000000000 --- a/gnu/packages/patches/racket-store-checksum-override.patch +++ /dev/null @@ -1,42 +0,0 @@ -Racket uses checksums to test if it needs to recompile its source -files to bytecode. If Racket is updated by grafting, the source and -bytecode files get updated, but the checksum stays the same. Since -the checksum no longer matches the source file, Racket tries to -regenerate the bytecode and write it to the store, causing errors -because the store is immutable. This patch makes Racket ignore -checksums for files in the store. - -See for details. - ---- ---- a/collects/compiler/private/cm-minimal.rkt -+++ b/collects/compiler/private/cm-minimal.rkt -@@ -6,6 +6,7 @@ - racket/list - racket/path - racket/promise -+ racket/string - file/sha1 - setup/cross-system - compiler/compilation-path -@@ -268,7 +269,8 @@ - (trace-printf "newer src... ~a > ~a" path-time path-zo-time) - (maybe-compile-zo deps path->mode roots path orig-path read-src-syntax up-to-date collection-cache new-seen - #:trying-sha1? sha1-only?)] -- [(different-source-sha1-and-dep-recorded path deps) -+ [(and (not (store-reference? path)) -+ (different-source-sha1-and-dep-recorded path deps)) - => (lambda (difference) - (trace-printf "different src hash ~a for ~a..." difference path) - (maybe-compile-zo deps path->mode roots path orig-path read-src-syntax up-to-date collection-cache new-seen -@@ -1012,5 +1014,9 @@ - #f - (list src-hash recorded-hash))) - -+(define (store-reference? path) -+ (let ([store-prefix (or (getenv "NIX_STORE") "/gnu/store")]) -+ (string-prefix? (path->string path) store-prefix))) -+ - ;; Make sure `recompile-from` is machine-independent so that - ;; recompilation makes sense. - ;; The compilation lock must is held for the source of `recompile-from`. \ No newline at end of file diff --git a/gnu/packages/racket.scm b/gnu/packages/racket.scm index 925a6391f5..6cb72e592c 100644 --- a/gnu/packages/racket.scm +++ b/gnu/packages/racket.scm @@ -63,11 +63,7 @@ (base32 "047wpjblfzmf1msz7snrp2c2h0zxyzlmbsqr9bwsyvz3frcg0888")) (patches (search-patches - "racket-sh-via-rktio.patch" - ;; TODO: If we're no longer patching Racket source - ;; files with store paths, we may also fix the - ;; issue that necessitated the following patch: - "racket-store-checksum-override.patch")))) + "racket-sh-via-rktio.patch")))) (build-system gnu-build-system) (arguments `(#:configure-flags -- cgit v1.2.3 From f30e8f29096e3ae2a4de689690daf5fa27a8c91b Mon Sep 17 00:00:00 2001 From: Mike Gerwitz Date: Thu, 15 Apr 2021 21:24:39 -0400 Subject: gnu: Add tla2tools. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This introduces tla2tools.jar, which contains the TLA+ model checker and simulator (TLC); a TLA+ REPL; a semantic analyzer (SANY); the TLATeX typesetting system; PlusCal translator; and more. I have added five wrapper scripts for convenience, rather than invoking `java' manually. The wrapper scripts are not comprehensive; users who are familiar with tla2tools.jar, or have read the book Specifying Systems, may still invoke the commands in the traditional way. The minimum JDK version is 11. I chose to stick with that rather than bumping it to 14 (which is the largest version currently in Guix) because each OpenJDK version in Guix depends on the version before it, and so it needlessly results in many 100s of MiB of unnecessary dependencies. Note that this is _not_ the TLA+ Toolbox, which is the GUI commonly used with TLA+. * gnu/packages/java.scm (tla2tools): New variable. * gnu/packages/patches/tla2tools-build-xml.patch: New patch. * gnu/local.mk (dist_patch_DATA): Add it. Signed-off-by: Ludovic Courtès --- gnu/local.mk | 3 +- gnu/packages/java.scm | 132 +++++++++++++++++++++++++ gnu/packages/patches/tla2tools-build-xml.patch | 109 ++++++++++++++++++++ 3 files changed, 243 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/tla2tools-build-xml.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 72bc31588d..37166bb2fc 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1,5 +1,5 @@ # GNU Guix --- Functional package management for GNU -# Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès +# Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2021 Ludovic Courtès # Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Andreas Enge # Copyright © 2016 Mathieu Lirzin # Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Mark H Weaver @@ -1734,6 +1734,7 @@ dist_patch_DATA = \ %D%/packages/patches/tipp10-remove-license-code.patch \ %D%/packages/patches/tipp10-qt5.patch \ %D%/packages/patches/tk-find-library.patch \ + %D%/packages/patches/tla2tools-build-xml.patch \ %D%/packages/patches/transcode-ffmpeg.patch \ %D%/packages/patches/transmission-honor-localedir.patch \ %D%/packages/patches/ttf2eot-cstddef.patch \ diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm index d73f1acbf8..a167aafc38 100644 --- a/gnu/packages/java.scm +++ b/gnu/packages/java.scm @@ -14066,3 +14066,135 @@ can be interpreted by IDEs and static analysis tools to improve code analysis.") ;; either lgpl or asl license:lgpl3+ license:asl2.0)))) + +(define-public tla2tools + (let* ((version "1.8.0") + (tag (string-append "v" version))) + (package + (name "tla2tools") + (version version) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/tlaplus/tlaplus") + (commit tag))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "1hhx8gmn81k8qrkx4p7ppinmygxga9fqffd626wkvhjgg2ky8lhs")) + (patches + (search-patches "tla2tools-build-xml.patch")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Remove packaged libraries (see 'replace-libs below) + (for-each delete-file (find-files "." ".*.jar$")))))) + (build-system ant-build-system) + (arguments + (let* ((tlatools "tlatools/org.lamport.tlatools/") + (build-xml (string-append tlatools "customBuild.xml"))) + `(#:jdk ,openjdk11 + #:modules ((guix build ant-build-system) + (guix build utils) + (ice-9 match) + (srfi srfi-26)) + #:make-flags '("-f" ,build-xml) + #:phases + (modify-phases %standard-phases + ;; Replace packed libs with references to jars in store + (add-after 'unpack 'replace-libs + (lambda* (#:key inputs #:allow-other-keys) + (define (input-jar input) + (car (find-files (assoc-ref inputs input) "\\.jar$"))) + (for-each + (match-lambda + ((file . input) + (symlink (input-jar input) + (string-append ,tlatools "/lib/" file)))) + '(("gson/gson-2.8.6.jar" . "java-gson") + ("javax.mail/mailapi-1.6.3.jar" . "java-javax-mail") + ("jline/jline-terminal-3.14.1.jar" . "java-jline-terminal") + ("jline/jline-reader-3.14.1.jar" . "java-jline-reader") + ("lsp/org.eclipse.lsp4j.debug-0.10.0.jar" . + "java-eclipse-lsp4j-debug") + ("lsp/org.eclipse.lsp4j.jsonrpc-0.10.0.jar" . + "java-eclipse-lsp4j-jsonrpc") + ("lsp/org.eclipse.lsp4j.jsonrpc.debug-0.10.0.jar" . + "java-eclipse-lsp4j-jsonrpc-debug") + ("junit-4.12.jar" . "java-junit") + ("easymock-3.3.1.jar" . "java-easymock"))) + ;; Retain a tiny subset of the original X-Git-* + ;; manifest values just to aid in debugging + (substitute* ,build-xml + (("\\$\\{git.tag\\}") ,tag)))) + (add-before 'check 'prepare-tests + (lambda _ + ;; pcal tests write to cfg files + (for-each (cut chmod <> #o644) + (find-files (string-append ,tlatools + "/test-model/pcal") + "\\.cfg$")))) + (replace 'install + (lambda* (#:key inputs #:allow-other-keys) + (let* ((share (string-append %output "/share/java")) + (jar-name "tla2tools.jar"); set in project.properties + (jar (string-append ,tlatools + "/dist/" jar-name)) + (java-cp (string-append share "/" jar-name)) + (bin (string-append %output "/bin")) + (java (string-append (assoc-ref inputs "jdk") + "/bin/java"))) + (install-file jar share) + (mkdir-p bin) + ;; Generate wrapper scripts for bin/, which invoke common + ;; commands within tla2tools.jar. Users can still invoke + ;; tla2tools.jar for the rest. + (for-each + (match-lambda + ((wrapper . class) + (let ((file (string-append bin "/" wrapper))) + (begin + (with-output-to-file file + (lambda _ + (display + (string-append + "#!/bin/sh\n" + java " -cp " java-cp " " class " \"$@\"")))) + (chmod file #o755))))) + ;; bin/wrapper . java-class + '(("pcal" . "pcal.trans") + ("tlatex" . "tla2tex.TLA") + ("tla2sany" . "tla2sany.SANY") + ("tlc2" . "tlc2.TLC") + ("tlc2-repl" . "tlc2.REPL")))))))))) + (native-inputs + `(("java-junit" ,java-junit) + ("java-easymock" ,java-easymock))) + (inputs + `(("java-javax-mail" ,java-javax-mail) + ("java-gson" ,java-gson-2.8.6) + ("java-jline-terminal" ,java-jline-terminal) + ("java-jline-reader" ,java-jline-reader) + ("java-eclipse-lsp4j-jsonrpc" ,java-eclipse-lsp4j-jsonrpc) + ("java-eclipse-lsp4j-jsonrpc-debug" ,java-eclipse-lsp4j-jsonrpc-debug) + ("java-eclipse-lsp4j-debug" ,java-eclipse-lsp4j-debug))) + (home-page "https://lamport.azurewebsites.net/tla/tools.html") + (synopsis "TLA+ tools (analyzer, TLC, TLATeX, PlusCal translator)") + (description "TLA+ is a high-level language for modeling programs and +systems---especially concurrent and distributed ones. It's based on the idea +that the best way to describe things precisely is with simple +mathematics. TLA+ and its tools are useful for eliminating fundamental design +errors, which are hard to find and expensive to correct in code. + +The following TLA+ tools are available in this distribution: + +@itemize +@item The Syntactic Analyzer: A parser and syntax checker for + TLA+ specifications; +@item TLC: A model checker and simulator for a subclass of \"executable\" TLA+ + specifications; +@item TLATeX: A program for typesetting TLA+ specifications; +@item Beta test versions of 1-3 for the TLA+2 language; and +@item The PlusCal translator. +@end itemize") + (license license:expat)))) diff --git a/gnu/packages/patches/tla2tools-build-xml.patch b/gnu/packages/patches/tla2tools-build-xml.patch new file mode 100644 index 0000000000..0bba82072a --- /dev/null +++ b/gnu/packages/patches/tla2tools-build-xml.patch @@ -0,0 +1,109 @@ +tla2tools comes packaged with three separate javax.mail JARs, which it +expects to be available to include in the JAR produced by the `dist' target. +However, the `java-javax-mail' packaged with Guix contains all of these +dependencies in a single JAR, so the other two are unneeded. This patch +removes references to them. + +The JAR also was expected to contain classes that are built as part of the +test suite. That does not seem useful, nor is it available during the +`compile' phase, so that portion is removed. + +There are a number of Git attributes that are set in the final manifest. +The branch name is kept, but the others are removed. The build user is set +statically to "guix". + +Finally, since we already have a patch, two targets `jar' and `check' are +added to satisfy `ant-build-system' and keep the package definition more +lean. + +diff --git a/tlatools/org.lamport.tlatools/customBuild.xml b/tlatools/org.lamport.tlatools/customBuild.xml +index f0ba77cb7..748e60d95 100644 +--- a/tlatools/org.lamport.tlatools/customBuild.xml ++++ b/tlatools/org.lamport.tlatools/customBuild.xml +@@ -36,6 +36,17 @@ + + + ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +@@ -217,17 +228,7 @@ + + + +- +- +- +- +- +- +- +- +- +- +- ++ + + + +@@ -259,17 +260,7 @@ + + + +- +- +- +- +- +- +- +- +- +- +- ++ + + + +@@ -373,14 +364,8 @@ + src/tla2sany/parser/Token.09-09-07, + src/tla2sany/parser/TokenMgrError.09-09-07"/> + +- +- +- +- +- +- + +- ++ + + + +@@ -389,14 +374,8 @@ + + + +- + +- + +- +- +- +- + + + -- cgit v1.2.3 From 0f2b5f7f733dbc4c66c1e9f8dbb5189ba6f56a80 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sun, 9 May 2021 10:41:02 -0400 Subject: gnu: ExifTool: Fix CVE-2021-22204 * gnu/packages/patches/perl-image-exiftool-CVE-2021-22204.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/photo.scm (perl-image-exiftool)[source]: Use it. --- gnu/local.mk | 1 + .../perl-image-exiftool-CVE-2021-22204.patch | 38 ++++++++++++++++++++++ gnu/packages/photo.scm | 1 + 3 files changed, 40 insertions(+) create mode 100644 gnu/packages/patches/perl-image-exiftool-CVE-2021-22204.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 37166bb2fc..c4bd88714c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1525,6 +1525,7 @@ dist_patch_DATA = \ %D%/packages/patches/perl-cross.patch \ %D%/packages/patches/perl-deterministic-ordering.patch \ %D%/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch \ + %D%/packages/patches/perl-image-exiftool-CVE-2021-22204.patch \ %D%/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch \ %D%/packages/patches/perl-net-amazon-s3-moose-warning.patch \ %D%/packages/patches/perl-net-dns-resolver-programmable-fix.patch \ diff --git a/gnu/packages/patches/perl-image-exiftool-CVE-2021-22204.patch b/gnu/packages/patches/perl-image-exiftool-CVE-2021-22204.patch new file mode 100644 index 0000000000..85ea29cc38 --- /dev/null +++ b/gnu/packages/patches/perl-image-exiftool-CVE-2021-22204.patch @@ -0,0 +1,38 @@ +Fix CVE-2021-22204: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22204 + +Patch extracted from commit cf0f4e7dcd024ca99615bfd1102a841a25dde031 +from upstream source repository: + +https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800 + +diff --git a/lib/Image/ExifTool/DjVu.pm b/lib/Image/ExifTool/DjVu.pm +index c284d10..03b3f9f 100644 +--- a/lib/Image/ExifTool/DjVu.pm ++++ b/lib/Image/ExifTool/DjVu.pm +@@ -18,7 +18,7 @@ use strict; + use vars qw($VERSION); + use Image::ExifTool qw(:DataAccess :Utils); + +-$VERSION = '1.06'; ++$VERSION = '1.07'; + + sub ParseAnt($); + sub ProcessAnt($$$); +@@ -227,10 +227,11 @@ Tok: for (;;) { + last unless $tok =~ /(\\+)$/ and length($1) & 0x01; + $tok .= '"'; # quote is part of the string + } +- # must protect unescaped "$" and "@" symbols, and "\" at end of string +- $tok =~ s{\\(.)|([\$\@]|\\$)}{'\\'.($2 || $1)}sge; +- # convert C escape sequences (allowed in quoted text) +- $tok = eval qq{"$tok"}; ++ # convert C escape sequences, allowed in quoted text ++ # (note: this only converts a few of them!) ++ my %esc = ( a => "\a", b => "\b", f => "\f", n => "\n", ++ r => "\r", t => "\t", '"' => '"', '\\' => '\\' ); ++ $tok =~ s/\\(.)/$esc{$1}||'\\'.$1/egs; + } else { # key name + pos($$dataPt) = pos($$dataPt) - 1; + # allow anything in key but whitespace, braces and double quotes diff --git a/gnu/packages/photo.scm b/gnu/packages/photo.scm index 6a6601113c..943e8caa90 100644 --- a/gnu/packages/photo.scm +++ b/gnu/packages/photo.scm @@ -328,6 +328,7 @@ MTP, and much more.") ;; New releases may take a while to hit CPAN. (string-append "https://www.sno.phy.queensu.ca/~phil/exiftool/" "Image-ExifTool-" version ".tar.gz"))) + (patches (search-patches "perl-image-exiftool-CVE-2021-22204.patch")) (sha256 (base32 "0skm22b3gg1bfk0amklrprpva41m6mkrhqp0gi7z1nmcf9ypjh61")))) -- cgit v1.2.3