From: ludo@gnu.org (Ludovic Courtès)
To: Adonay Felipe Nogueira <adfeno@openmailbox.org>
Cc: guix-devel@gnu.org
Subject: Re: Writing recipe for Crypto++, and getting build errors
Date: Mon, 26 Sep 2016 18:30:11 +0900 [thread overview]
Message-ID: <87h993nh3w.fsf@gnu.org> (raw)
In-Reply-To: <1474555752.3435.6.camel@adfeno-VPCEG17FB> (Adonay Felipe Nogueira's message of "Thu, 22 Sep 2016 11:49:12 -0300")
[-- Attachment #1: Type: text/plain, Size: 887 bytes --]
Hello!
Adonay Felipe Nogueira <adfeno@openmailbox.org> skribis:
> Archive: /gnu/store/52v106n4y88myk2c8nykymfidq6080ws-cryptopp-5.6.4.zip
> inflating: 3way.cpp
> inflating: 3way.h
[...]
> ?: 0 [chdir "3way.cpp"]
>
> ERROR: In procedure chdir:
> ERROR: In procedure chdir: Not a directory
The problem here is that this .zip file is a “tar bomb”, meaning that it
unpacks everything in the current directory, which the apply-snippet
logic isn’t prepared to deal with.
The way we’ve addressed it in the past is by using the
‘url-fetch/tarbomb’ procedure defined in (guix download). That method
is currently limited to tarballs, so we’d need a variant that deals with
zip files (see patch below).
If ‘url-fetch/zipbomb’ from the patch below works for you, I’ll apply
it.
Thanks!
Ludo’.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: Type: text/x-patch, Size: 1778 bytes --]
diff --git a/guix/download.scm b/guix/download.scm
index 649e96b..7f82ff2 100644
--- a/guix/download.scm
+++ b/guix/download.scm
@@ -35,6 +35,7 @@
#:export (%mirrors
url-fetch
url-fetch/tarbomb
+ url-fetch/zipbomb
download-to-store))
;;; Commentary:
@@ -427,6 +428,28 @@ own. This helper makes it easier to deal with \"tar bombs\"."
"xf" #$drv)))
#:local-build? #t)))
+(define* (url-fetch/zipbomb url hash-algo hash
+ #:optional name
+ #:key (system (%current-system))
+ (guile (default-guile)))
+ "Similar to 'url-fetch' but unpack the zip file at URL in a directory of its
+own. This helper makes it easier to deal with \"zip bombs\"."
+ (define unzip
+ (module-ref (resolve-interface '(gnu packages zip)) 'unzip))
+
+ (mlet %store-monad ((drv (url-fetch url hash-algo hash
+ (string-append "tarbomb-" name)
+ #:system system
+ #:guile guile)))
+ ;; Take the zip bomb, and simply unpack it as a directory.
+ (gexp->derivation name
+ #~(begin
+ (mkdir #$output)
+ (chdir #$output)
+ (zero? (system* (string-append #$unzip "/bin/unzip")
+ #$drv)))
+ #:local-build? #t)))
+
(define* (download-to-store store url #:optional (name (basename url))
#:key (log (current-error-port)) recursive?)
"Download from URL to STORE, either under NAME or URL's basename if
next prev parent reply other threads:[~2016-09-26 15:50 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-21 15:24 Writing recipe for Crypto++, and getting build errors Adonay Felipe Nogueira
2016-09-22 1:18 ` Ben Woodcroft
2016-09-22 1:22 ` Ben Woodcroft
2016-09-22 14:49 ` Adonay Felipe Nogueira
2016-09-22 22:43 ` Ben Woodcroft
2016-09-30 11:39 ` Adonay Felipe Nogueira
2016-09-26 9:30 ` Ludovic Courtès [this message]
2016-09-30 11:35 ` Adonay Felipe Nogueira
2016-09-30 20:10 ` Ludovic Courtès
2016-10-15 20:47 ` Adonay Felipe Nogueira
2016-10-15 20:53 ` Efraim Flashner
2016-10-15 21:47 ` Adonay Felipe Nogueira
2016-10-17 13:11 ` Ludovic Courtès
2016-10-17 13:22 ` Adonay Felipe Nogueira
2016-09-30 11:39 ` Adonay Felipe Nogueira
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h993nh3w.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=adfeno@openmailbox.org \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.