From d96f262166fe0d6cd62d301007e743581ec4a05d Mon Sep 17 00:00:00 2001
From: Vladimír Čunát <vcunat@gmail.com>
Date: Sat, 3 May 2014 17:17:34 +0200
Subject: json-c: update to 0.12, fixing CVE-2013-{6370,6371}

---
 pkgs/development/libraries/json-c/default.nix      | 24 ++++++++++++++++------
 .../libraries/json-c/unused-variable.patch         | 18 ++++++++++++++++
 2 files changed, 36 insertions(+), 6 deletions(-)
 create mode 100644 pkgs/development/libraries/json-c/unused-variable.patch

(limited to 'pkgs/development/libraries/json-c')

diff --git a/pkgs/development/libraries/json-c/default.nix b/pkgs/development/libraries/json-c/default.nix
index 78100521584b..ad425f2a3812 100644
--- a/pkgs/development/libraries/json-c/default.nix
+++ b/pkgs/development/libraries/json-c/default.nix
@@ -1,20 +1,32 @@
-{ stdenv, fetchurl }:
+{ stdenv, fetchurl, autoreconfHook }:
 
 stdenv.mkDerivation rec {
-  name = "json-c-0.9";
+  name = "json-c-0.12";
   src = fetchurl {
-    url = "http://oss.metaparadigm.com/json-c/json-c-0.9.tar.gz";
-    sha256 = "0xcl8cwzm860f8m0cdzyw6slwcddni4mraw4shvr3qgqkdn4hakh";
+    url    = "https://s3.amazonaws.com/json-c_releases/releases/${name}-nodoc.tar.gz";
+    sha256 = "0dgvjjyb9xva63l6sy70sdch2w4ryvacdmfd3fg2f2v13lqx5mkg";
   };
+
+  patches = [ ./unused-variable.patch ];
+
+  buildInputs = [ autoreconfHook ]; # won't configure without it, no idea why
+
+  # compatibility hack (for mypaint at least)
+  postInstall = ''
+    ln -s json-c.pc "$out/lib/pkgconfig/json.pc"
+  '';
+
   meta = with stdenv.lib; {
-    homepage = "http://oss.metaparadigm.com/json-c/";
     description = "A JSON implementation in C";
+    homepage    = https://github.com/json-c/json-c/wiki;
+    maintainers = with maintainers; [ lovek323 ];
+    platforms   = platforms.unix;
+
     longDescription = ''
       JSON-C implements a reference counting object model that allows you to
       easily construct JSON objects in C, output them as JSON formatted strings
       and parse JSON formatted strings back into the C representation of JSON
       objects.
     '';
-    hydraPlatforms = platforms.linux;
   };
 }
diff --git a/pkgs/development/libraries/json-c/unused-variable.patch b/pkgs/development/libraries/json-c/unused-variable.patch
new file mode 100644
index 000000000000..1726234c526d
--- /dev/null
+++ b/pkgs/development/libraries/json-c/unused-variable.patch
@@ -0,0 +1,18 @@
+See https://groups.google.com/forum/#!topic/json-c/TYodemkG338
+diff --git a/json_tokener.c b/json_tokener.c
+index 19de8ef..32bc8af 100644
+--- a/json_tokener.c
++++ b/json_tokener.c
+@@ -352,12 +352,10 @@ struct json_object* json_tokener_parse_ex(struct json_tokener *tok,
+ 
+     case json_tokener_state_inf: /* aka starts with 'i' */
+       {
+-	int size;
+ 	int size_inf;
+ 	int is_negative = 0;
+ 
+ 	printbuf_memappend_fast(tok->pb, &c, 1);
+-	size = json_min(tok->st_pos+1, json_null_str_len);
+ 	size_inf = json_min(tok->st_pos+1, json_inf_str_len);
+ 	char *infbuf = tok->pb->buf;
+ 	if (*infbuf == '-')
-- 
cgit 1.4.1