From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:470:142:3::10]:35346) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jEXSX-0006DR-Ty for guix-patches@gnu.org; Wed, 18 Mar 2020 08:06:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jEXSV-0007YG-Ry for guix-patches@gnu.org; Wed, 18 Mar 2020 08:06:05 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:33968) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jEXSU-0007Vj-AA for guix-patches@gnu.org; Wed, 18 Mar 2020 08:06:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jEXSU-0004Fm-4l for guix-patches@gnu.org; Wed, 18 Mar 2020 08:06:02 -0400 Subject: [bug#40115] [PATCH] download: Use correct system and guile in 'url-fetch/tarbomb' and 'url-fetch/zipbomb'. Resent-Message-ID: Received: from eggs.gnu.org ([2001:470:142:3::10]:35203) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jEXS7-0006C5-Dq for guix-patches@gnu.org; Wed, 18 Mar 2020 08:05:41 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jEXS5-0006qz-MI for guix-patches@gnu.org; Wed, 18 Mar 2020 08:05:39 -0400 Received: from mout01.posteo.de ([185.67.36.65]:36800) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jEXS4-0006dI-AE for guix-patches@gnu.org; Wed, 18 Mar 2020 08:05:36 -0400 Received: from submission (posteo.de [89.146.220.130]) by mout01.posteo.de (Postfix) with ESMTPS id 8339E16005E for ; Wed, 18 Mar 2020 13:05:32 +0100 (CET) Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 48j7yz6Jd4z6tmL for ; Wed, 18 Mar 2020 13:05:31 +0100 (CET) From: Diego Nicola Barbato Date: Wed, 18 Mar 2020 13:05:31 +0100 Message-ID: <87d09927hw.fsf@GlaDOS.home> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 40115@debbugs.gnu.org --=-=-= Content-Type: text/plain Hi Guix, The attached patch fixes a bug where e.g. guix build -s i686-linux ffmpeg builds a different derivation on i686-linux than on x86_64-linux. This doesn't just affect ffmpeg but a whole class of packages which use or depend on a package that uses 'url-fetch/tarbomb' or 'url-fetch/zipbomb' as the origin method of its source. That's around 334 packages, among them diffoscope, enlightenment, gnome, ungoogled-chromium, and wine. The problem is fixed by explicitly passing the correct #:system and #:guile-for-build to 'gexp->derivation' (as is done in other origin methods such as 'git-fetch' or 'hg-fetch'). This shouldn't trigger any rebuils as it only affects the behaviour of `guix build -s $system $package' if $system differs from the system type of Guix itself. Regards, Diego --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-download-Use-correct-system-and-guile-in-url-fetch-t.patch >From 85594ce40c98ac5763b8295e2358567c6920188e Mon Sep 17 00:00:00 2001 From: Diego Nicola Barbato Date: Mon, 16 Mar 2020 18:43:20 +0100 Subject: [PATCH] download: Use correct system and guile in 'url-fetch/tarbomb' and 'url-fetch/zipbomb'. Previously the result of `guix build -s $system $package' would depend on the system Guix was built for if $package or one of its dependencies used 'url-fetch/tarbomb' or 'url-fetch/zipbomb' as the origin method of its source (e.g. `guix build -s i686-linux ffmpeg' on i686-linux would build a different derivation than on x86_64-linux). This patch fixes this by explicitly passing the correct system and guile to 'gexp->derivation'. * guix/download.scm (url-fetch/tarbomb): Pass #:system system and #:guile-for-build guile to 'gexp->derivation', where guile is the derivation of guile for system. (url-fetch/zipbomb): Likewise. --- guix/download.scm | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/guix/download.scm b/guix/download.scm index 91a2b4ce5f..c3dc5a208c 100644 --- a/guix/download.scm +++ b/guix/download.scm @@ -531,7 +531,8 @@ own. This helper makes it easier to deal with \"tar bombs\"." (string-append "tarbomb-" (or name file-name)) #:system system - #:guile guile))) + #:guile guile)) + (guile (package->derivation guile system))) ;; Take the tar bomb, and simply unpack it as a directory. ;; Use ungrafted tar/gzip so that the resulting tarball doesn't depend on ;; whether grafts are enabled. @@ -544,6 +545,8 @@ own. This helper makes it easier to deal with \"tar bombs\"." (chdir #$output) (invoke (string-append #$tar "/bin/tar") "xf" #$drv))) + #:system system + #:guile-for-build guile #:graft? #f #:local-build? #t))) @@ -566,7 +569,8 @@ own. This helper makes it easier to deal with \"zip bombs\"." (string-append "zipbomb-" (or name file-name)) #:system system - #:guile guile))) + #:guile guile)) + (guile (package->derivation guile system))) ;; Take the zip bomb, and simply unpack it as a directory. ;; Use ungrafted unzip so that the resulting tarball doesn't depend on ;; whether grafts are enabled. @@ -578,6 +582,8 @@ own. This helper makes it easier to deal with \"zip bombs\"." (chdir #$output) (invoke (string-append #$unzip "/bin/unzip") #$drv))) + #:system system + #:guile-for-build guile #:graft? #f #:local-build? #t))) -- 2.25.1 --=-=-=--