From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ben Woodcroft <b.woodcroft@uq.edu.au>
Subject: Re: [PATCH] tar bombs and muscle
Date: Sun, 17 Jan 2016 16:27:53 +1000
Message-ID: <569B3469.5040803@uq.edu.au>
References: <569AEE9B.6070709@uq.edu.au>
	<20160116222954.6ae74288@openmailbox.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:58661)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <b.woodcroft@uq.edu.au>) id 1aKgoo-00042E-Df
	for guix-devel@gnu.org; Sun, 17 Jan 2016 01:28:07 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <b.woodcroft@uq.edu.au>) id 1aKgoj-0007N8-Dj
	for guix-devel@gnu.org; Sun, 17 Jan 2016 01:28:06 -0500
Received: from mailhub1.soe.uq.edu.au ([130.102.132.208]:53813
	helo=newmailhub.uq.edu.au) by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <b.woodcroft@uq.edu.au>) id 1aKgoi-0007Mt-S2
	for guix-devel@gnu.org; Sun, 17 Jan 2016 01:28:01 -0500
In-Reply-To: <20160116222954.6ae74288@openmailbox.org>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Eric Bavier <ericbavier@openmailbox.org>
Cc: "guix-devel@gnu.org" <guix-devel@gnu.org>



On 17/01/16 14:29, Eric Bavier wrote:
> On Sun, 17 Jan 2016 11:30:03 +1000
> Ben Woodcroft <b.woodcroft@uq.edu.au> wrote:
>
>> There is a somewhat popular bioinformatics program muscle whose download
>> tgz is a tar bomb. The bomb moniker seems especially appropriate here,
>> since it made the gnu-build-system error out, and patching
>> gnu-build-system requires a lot of rebuilding. In the attached patches I
>> fixed gnu-build-system so that the "chdir" is omitted when there is no
>> directory to chdir into, and then added muscle itself.
> See https://lists.gnu.org/archive/html/guix-devel/2016-01/msg00165.html
>
> I think it might be what you're looking for.
It is thanks, I'd not seen that. I wonder if an error message mentioning 
that might be in order, given it is easy to test for. Anyway, I'll wait 
until that change is merged.

ben