about summary refs log tree commit diff
path: root/pkgs/development/libraries/openexr/3.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/development/libraries/openexr/3.nix')
-rw-r--r--pkgs/development/libraries/openexr/3.nix18
1 files changed, 18 insertions, 0 deletions
diff --git a/pkgs/development/libraries/openexr/3.nix b/pkgs/development/libraries/openexr/3.nix
index 24af4e429a020..3cfe173875c03 100644
--- a/pkgs/development/libraries/openexr/3.nix
+++ b/pkgs/development/libraries/openexr/3.nix
@@ -1,6 +1,7 @@
 { lib
 , stdenv
 , fetchFromGitHub
+, fetchpatch
 , zlib
 , cmake
 , imath
@@ -19,9 +20,26 @@ stdenv.mkDerivation rec {
     sha256 = "sha256-Bi6yTcZBWTsWWMm3A7FVYblvSXKLSkHmhGvpNYGiOzE=";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2021-45942.patch";
+      url = "https://github.com/AcademySoftwareFoundation/openexr/commit/11cad77da87c4fa2aab7d58dd5339e254db7937e.patch";
+      sha256 = "1qa8662ga5i0lyfi9mkj9s9bygdg7h1i6ahki28c664kxrlsakch";
+    })
+  ];
+
+  # tests are determined to use /var/tmp on unix
+  postPatch = ''
+    cat <(find . -name tmpDir.h) <(echo src/test/OpenEXRCoreTest/main.cpp) | while read -r f ; do
+      substituteInPlace $f --replace '/var/tmp' "$TMPDIR"
+    done
+  '';
+
   nativeBuildInputs = [ cmake ];
   propagatedBuildInputs = [ imath zlib ];
 
+  doCheck = true;
+
   meta = with lib; {
     description = "A high dynamic-range (HDR) image file format";
     homepage = "https://www.openexr.com/";
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-10-10 16:11:16 +0000