From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34971) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dcKq1-0000F6-PW for guix-patches@gnu.org; Mon, 31 Jul 2017 20:15:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dcKpy-0008Pu-KK for guix-patches@gnu.org; Mon, 31 Jul 2017 20:15:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:33223) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dcKpy-0008Po-HQ for guix-patches@gnu.org; Mon, 31 Jul 2017 20:15:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dcKpy-00027f-B3 for guix-patches@gnu.org; Mon, 31 Jul 2017 20:15:02 -0400 Subject: [bug#27893] [PATCH] gnu: julia: Work around some test failures related to libgit2. Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:34487) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dcKpI-0008SJ-TG for guix-patches@gnu.org; Mon, 31 Jul 2017 20:14:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dcKpE-0007zR-F1 for guix-patches@gnu.org; Mon, 31 Jul 2017 20:14:20 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:56925) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dcKpE-0007z2-95 for guix-patches@gnu.org; Mon, 31 Jul 2017 20:14:16 -0400 Received: from jasmine.lan (c-73-165-108-70.hsd1.pa.comcast.net [73.165.108.70]) by mail.messagingengine.com (Postfix) with ESMTPA id 41B5A241DF for ; Mon, 31 Jul 2017 20:14:15 -0400 (EDT) From: Leo Famulari Date: Mon, 31 Jul 2017 20:14:10 -0400 Message-Id: <3460381662f16e6d267a21c7d2f83a9cea216b6e.1501546450.git.leo@famulari.name> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 27893@debbugs.gnu.org * gnu/packages/version-control.scm (libgit2-0.25): New variable. * gnu/packages/julia.scm (julia)[inputs]: Replace LIBGIT2 with LIBGIT2-0.25. * gnu/packages/patches/libgit2-use-after-free.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/julia.scm | 2 +- gnu/packages/patches/libgit2-use-after-free.patch | 24 +++++++++++++++++++++++ gnu/packages/version-control.scm | 16 +++++++++++++++ 4 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/libgit2-use-after-free.patch diff --git a/gnu/local.mk b/gnu/local.mk index 3fb8f168d..df8252b16 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -754,6 +754,7 @@ dist_patch_DATA = \ %D%/packages/patches/libevent-2.1-dns-tests.patch \ %D%/packages/patches/libevent-2.1-skip-failing-test.patch \ %D%/packages/patches/libgit2-0.25.1-mtime-0.patch \ + %D%/packages/patches/libgit2-use-after-free.patch \ %D%/packages/patches/libgdata-fix-tests.patch \ %D%/packages/patches/libgdata-glib-duplicate-tests.patch \ %D%/packages/patches/libjxr-fix-function-signature.patch \ diff --git a/gnu/packages/julia.scm b/gnu/packages/julia.scm index f6df2817d..dd8ebce77 100644 --- a/gnu/packages/julia.scm +++ b/gnu/packages/julia.scm @@ -310,7 +310,7 @@ ("libunwind" ,libunwind-for-julia) ("openlibm" ,openlibm) ("openspecfun" ,openspecfun) - ("libgit2" ,libgit2) + ("libgit2" ,libgit2-0.25) ; XXX Julia's libgit2 tests fail with libgit 0.26.0. ("fftw" ,fftw) ("fftwf" ,fftwf) ("fortran" ,gfortran) diff --git a/gnu/packages/patches/libgit2-use-after-free.patch b/gnu/packages/patches/libgit2-use-after-free.patch new file mode 100644 index 000000000..580af8781 --- /dev/null +++ b/gnu/packages/patches/libgit2-use-after-free.patch @@ -0,0 +1,24 @@ +This patch is taken from ; +we need it to fix the use-after-free error in 'git_commit_extract_signature' +reported at . + +From ade0d9c658fdfc68d8046935f6908f033fe7a529 Mon Sep 17 00:00:00 2001 +From: Patrick Steinhardt +Date: Mon, 13 Feb 2017 13:46:17 +0100 +Subject: [PATCH 3/3] commit: avoid possible use-after-free + +diff --git a/src/commit.c b/src/commit.c +index 89a4db1..05b70a9 100644 +--- a/src/commit.c ++++ b/src/commit.c +@@ -766,8 +766,9 @@ int git_commit_extract_signature(git_buf *signature, git_buf *signed_data, git_r + if (git_buf_oom(signature)) + goto oom; + ++ error = git_buf_puts(signed_data, eol+1); + git_odb_object_free(obj); +- return git_buf_puts(signed_data, eol+1); ++ return error; + } + + giterr_set(GITERR_OBJECT, "this commit is not signed"); diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index 9667b2f3e..a161a9662 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -380,6 +380,22 @@ write native speed custom Git applications in any language with bindings.") ;; GPLv2 with linking exception (license license:gpl2))) +(define-public libgit2-0.25 + (package + (inherit libgit2) + (name "libgit2") + (version "0.25.1") + (source (origin + (method url-fetch) + (uri (string-append "https://github.com/libgit2/libgit2/" + "archive/v" version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "1cdwcw38frc1wf28x5ppddazv9hywc718j92f3xa3ybzzycyds3s")) + (patches (search-patches "libgit2-use-after-free.patch" + "libgit2-0.25.1-mtime-0.patch")))))) + (define-public git-crypt (package (name "git-crypt") -- 2.13.3