[bug#27893] [PATCH] gnu: julia: Work around some test failures related to libgit2.

[Leo Famulari <leo@famulari.name>]

* gnu/packages/version-control.scm (libgit2-0.25): New variable.
* gnu/packages/julia.scm (julia)[inputs]: Replace LIBGIT2 with LIBGIT2-0.25.
* gnu/packages/patches/libgit2-use-after-free.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
---
 gnu/local.mk                                      |  1 +
 gnu/packages/julia.scm                            |  2 +-
 gnu/packages/patches/libgit2-use-after-free.patch | 24 +++++++++++++++++++++++
 gnu/packages/version-control.scm                  | 16 +++++++++++++++
 4 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/libgit2-use-after-free.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 3fb8f168d..df8252b16 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -754,6 +754,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/libevent-2.1-dns-tests.patch		\
   %D%/packages/patches/libevent-2.1-skip-failing-test.patch	\
   %D%/packages/patches/libgit2-0.25.1-mtime-0.patch		\
+  %D%/packages/patches/libgit2-use-after-free.patch		\
   %D%/packages/patches/libgdata-fix-tests.patch			\
   %D%/packages/patches/libgdata-glib-duplicate-tests.patch	\
   %D%/packages/patches/libjxr-fix-function-signature.patch	\
diff --git a/gnu/packages/julia.scm b/gnu/packages/julia.scm
index f6df2817d..dd8ebce77 100644
--- a/gnu/packages/julia.scm
+++ b/gnu/packages/julia.scm
@@ -310,7 +310,7 @@
        ("libunwind" ,libunwind-for-julia)
        ("openlibm" ,openlibm)
        ("openspecfun" ,openspecfun)
-       ("libgit2" ,libgit2)
+       ("libgit2" ,libgit2-0.25) ; XXX Julia's libgit2 tests fail with libgit 0.26.0.
        ("fftw" ,fftw)
        ("fftwf" ,fftwf)
        ("fortran" ,gfortran)
diff --git a/gnu/packages/patches/libgit2-use-after-free.patch b/gnu/packages/patches/libgit2-use-after-free.patch
new file mode 100644
index 000000000..580af8781
--- /dev/null
+++ b/gnu/packages/patches/libgit2-use-after-free.patch
@@ -0,0 +1,24 @@
+This patch is taken from <https://github.com/libgit2/libgit2/pull/4122>;
+we need it to fix the use-after-free error in 'git_commit_extract_signature'
+reported at <https://github.com/libgit2/libgit2/issues/4118>.
+
+From ade0d9c658fdfc68d8046935f6908f033fe7a529 Mon Sep 17 00:00:00 2001
+From: Patrick Steinhardt <ps@pks.im>
+Date: Mon, 13 Feb 2017 13:46:17 +0100
+Subject: [PATCH 3/3] commit: avoid possible use-after-free
+
+diff --git a/src/commit.c b/src/commit.c
+index 89a4db1..05b70a9 100644
+--- a/src/commit.c
++++ b/src/commit.c
+@@ -766,8 +766,9 @@ int git_commit_extract_signature(git_buf *signature, git_buf *signed_data, git_r
+ 		if (git_buf_oom(signature))
+ 			goto oom;
+ 
++		error = git_buf_puts(signed_data, eol+1);
+ 		git_odb_object_free(obj);
+-		return git_buf_puts(signed_data, eol+1);
++		return error;
+ 	}
+ 
+ 	giterr_set(GITERR_OBJECT, "this commit is not signed");
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index 9667b2f3e..a161a9662 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -380,6 +380,22 @@ write native speed custom Git applications in any language with bindings.")
     ;; GPLv2 with linking exception
     (license license:gpl2)))
 
+(define-public libgit2-0.25
+  (package
+    (inherit libgit2)
+    (name "libgit2")
+    (version "0.25.1")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://github.com/libgit2/libgit2/"
+                                  "archive/v" version ".tar.gz"))
+              (file-name (string-append name "-" version ".tar.gz"))
+              (sha256
+               (base32
+                "1cdwcw38frc1wf28x5ppddazv9hywc718j92f3xa3ybzzycyds3s"))
+              (patches (search-patches "libgit2-use-after-free.patch"
+                                       "libgit2-0.25.1-mtime-0.patch"))))))
+
 (define-public git-crypt
   (package
     (name "git-crypt")
-- 
2.13.3