From d3e1b77ac3d3dcf7686108c489c1c2c615790232 Mon Sep 17 00:00:00 2001
From: Martin Milata <martin@martinmilata.cz>
Date: Wed, 17 Jun 2020 22:06:05 +0200
Subject: json_c: add patch for CVE-2020-12762

Fixes: https://nvd.nist.gov/vuln/detail/CVE-2020-12762
---
 pkgs/development/libraries/json-c/default.nix | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'pkgs/development/libraries/json-c/default.nix')

diff --git a/pkgs/development/libraries/json-c/default.nix b/pkgs/development/libraries/json-c/default.nix
index 81ebc7baeb06..a3ddfe4c63c5 100644
--- a/pkgs/development/libraries/json-c/default.nix
+++ b/pkgs/development/libraries/json-c/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, autoconf }:
+{ stdenv, fetchurl, fetchpatch, autoconf }:
 
 stdenv.mkDerivation rec {
   name = "json-c-0.13.1";
@@ -7,6 +7,15 @@ stdenv.mkDerivation rec {
     sha256 = "0ch1v18wk703bpbyzj7h1mkwvsw4rw4qdwvgykscypvqq10678ll";
   };
 
+  patches = [
+    # https://nvd.nist.gov/vuln/detail/CVE-2020-12762
+    (fetchpatch {
+      name = "CVE-2020-12762.patch";
+      url = "https://github.com/json-c/json-c/commit/865b5a65199973bb63dff8e47a2f57e04fec9736.patch";
+      sha256 = "1g5afk4khhm1sb70xrva1pyznshcw3ipzp1g5z60dpzxy303pp6h";
+    })
+  ];
+
   outputs = [ "out" "dev" ];
 
   nativeBuildInputs = [ autoconf ];  # for autoheader
-- 
cgit 1.4.1