From 334a911ace888ae82d0c34b99c237f6f0632ff8d Mon Sep 17 00:00:00 2001
From: Vladimír Čunát <vcunat@gmail.com>
Date: Mon, 10 Feb 2014 19:24:25 +0100
Subject: libyaml: minor update 0.1.4 -> .5

The CVE patches are in the release now.
---
 .../libraries/libyaml/cve-2013-6393_a.patch        |  11 --
 .../libraries/libyaml/cve-2013-6393_b.patch        |  16 ---
 .../libraries/libyaml/cve-2013-6393_c.patch        | 131 ---------------------
 pkgs/development/libraries/libyaml/default.nix     |  19 ++-
 4 files changed, 9 insertions(+), 168 deletions(-)
 delete mode 100644 pkgs/development/libraries/libyaml/cve-2013-6393_a.patch
 delete mode 100644 pkgs/development/libraries/libyaml/cve-2013-6393_b.patch
 delete mode 100644 pkgs/development/libraries/libyaml/cve-2013-6393_c.patch

(limited to 'pkgs/development/libraries/libyaml')

diff --git a/pkgs/development/libraries/libyaml/cve-2013-6393_a.patch b/pkgs/development/libraries/libyaml/cve-2013-6393_a.patch
deleted file mode 100644
index 130107341f7f2..0000000000000
--- a/pkgs/development/libraries/libyaml/cve-2013-6393_a.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/src/scanner.c	
-+++ a/src/scanner.c	
-@@ -2574,7 +2574,7 @@ 
- 
-     /* Resize the string to include the head. */
- 
--    while (string.end - string.start <= (int)length) {
-+    while ((size_t)(string.end - string.start) <= length) {
-         if (!yaml_string_extend(&string.start, &string.pointer, &string.end)) {
-             parser->error = YAML_MEMORY_ERROR;
-             goto error;
diff --git a/pkgs/development/libraries/libyaml/cve-2013-6393_b.patch b/pkgs/development/libraries/libyaml/cve-2013-6393_b.patch
deleted file mode 100644
index db2b9ff2bba6a..0000000000000
--- a/pkgs/development/libraries/libyaml/cve-2013-6393_b.patch
+++ /dev/null
@@ -1,16 +0,0 @@
---- a/src/api.c	
-+++ a/src/api.c	
-@@ -117,7 +117,12 @@ 
- YAML_DECLARE(int)
- yaml_stack_extend(void **start, void **top, void **end)
- {
--    void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
-+    void *new_start;
-+
-+    if ((char *)*end - (char *)*start >= INT_MAX / 2)
-+	return 0;
-+
-+    new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
- 
-     if (!new_start) return 0;
- 
diff --git a/pkgs/development/libraries/libyaml/cve-2013-6393_c.patch b/pkgs/development/libraries/libyaml/cve-2013-6393_c.patch
deleted file mode 100644
index dc1c50da4e876..0000000000000
--- a/pkgs/development/libraries/libyaml/cve-2013-6393_c.patch
+++ /dev/null
@@ -1,131 +0,0 @@
---- a/src/scanner.c	Mon Dec 24 03:51:32 2012 +0000
-+++ a/src/scanner.c	Mon Jan 27 19:48:28 2014 -0500
-@@ -615,11 +615,14 @@ 
-  */
- 
- static int
--yaml_parser_roll_indent(yaml_parser_t *parser, int column,
-+yaml_parser_roll_indent(yaml_parser_t *parser, size_t column,
-         int number, yaml_token_type_t type, yaml_mark_t mark);
- 
- static int
--yaml_parser_unroll_indent(yaml_parser_t *parser, int column);
-+yaml_parser_unroll_indent(yaml_parser_t *parser, size_t column);
-+
-+static int
-+yaml_parser_reset_indent(yaml_parser_t *parser);
- 
- /*
-  * Token fetchers.
-@@ -1206,7 +1209,7 @@ 
-  */
- 
- static int
--yaml_parser_roll_indent(yaml_parser_t *parser, int column,
-+yaml_parser_roll_indent(yaml_parser_t *parser, size_t column,
-         int number, yaml_token_type_t type, yaml_mark_t mark)
- {
-     yaml_token_t token;
-@@ -1216,7 +1219,7 @@ 
-     if (parser->flow_level)
-         return 1;
- 
--    if (parser->indent < column)
-+    if (parser->indent == -1 || parser->indent < column)
-     {
-         /*
-          * Push the current indentation level to the stack and set the new
-@@ -1254,7 +1257,7 @@ 
- 
- 
- static int
--yaml_parser_unroll_indent(yaml_parser_t *parser, int column)
-+yaml_parser_unroll_indent(yaml_parser_t *parser, size_t column)
- {
-     yaml_token_t token;
- 
-@@ -1263,6 +1266,15 @@ 
-     if (parser->flow_level)
-         return 1;
- 
-+    /*
-+     * column is unsigned and parser->indent is signed, so if
-+     * parser->indent is less than zero the conditional in the while
-+     * loop below is incorrect.  Guard against that.
-+     */
-+    
-+    if (parser->indent < 0)
-+        return 1;
-+
-     /* Loop through the intendation levels in the stack. */
- 
-     while (parser->indent > column)
-@@ -1283,6 +1295,41 @@ 
- }
- 
- /*
-+ * Pop indentation levels from the indents stack until the current
-+ * level resets to -1.  For each intendation level, append the
-+ * BLOCK-END token.
-+ */
-+
-+static int
-+yaml_parser_reset_indent(yaml_parser_t *parser)
-+{
-+    yaml_token_t token;
-+
-+    /* In the flow context, do nothing. */
-+
-+    if (parser->flow_level)
-+        return 1;
-+
-+    /* Loop through the intendation levels in the stack. */
-+
-+    while (parser->indent > -1)
-+    {
-+        /* Create a token and append it to the queue. */
-+
-+        TOKEN_INIT(token, YAML_BLOCK_END_TOKEN, parser->mark, parser->mark);
-+
-+        if (!ENQUEUE(parser, parser->tokens, token))
-+            return 0;
-+
-+        /* Pop the indentation level. */
-+
-+        parser->indent = POP(parser, parser->indents);
-+    }
-+
-+    return 1;
-+}
-+
-+/*
-  * Initialize the scanner and produce the STREAM-START token.
-  */
- 
-@@ -1338,7 +1385,7 @@ 
- 
-     /* Reset the indentation level. */
- 
--    if (!yaml_parser_unroll_indent(parser, -1))
-+    if (!yaml_parser_reset_indent(parser))
-         return 0;
- 
-     /* Reset simple keys. */
-@@ -1369,7 +1416,7 @@ 
- 
-     /* Reset the indentation level. */
- 
--    if (!yaml_parser_unroll_indent(parser, -1))
-+    if (!yaml_parser_reset_indent(parser))
-         return 0;
- 
-     /* Reset simple keys. */
-@@ -1407,7 +1454,7 @@ 
- 
-     /* Reset the indentation level. */
- 
--    if (!yaml_parser_unroll_indent(parser, -1))
-+    if (!yaml_parser_reset_indent(parser))
-         return 0;
- 
-     /* Reset simple keys. */
diff --git a/pkgs/development/libraries/libyaml/default.nix b/pkgs/development/libraries/libyaml/default.nix
index 93f19165e88d4..15ba83b757aaf 100644
--- a/pkgs/development/libraries/libyaml/default.nix
+++ b/pkgs/development/libraries/libyaml/default.nix
@@ -1,19 +1,18 @@
-{stdenv, fetchurl}:
-
+{ stdenv, fetchurl }:
+let
+  version = "0.1.5";
+in
 stdenv.mkDerivation {
-  name = "libyaml-0.1.4";
+  name = "libyaml-${version}";
 
   src = fetchurl {
-    url = http://pyyaml.org/download/libyaml/yaml-0.1.4.tar.gz;
-    sha256 = "0dvavrhxjrjfxgdgysxqfpdy08lpg3m9i8vxjyvdkcjsmra1by3v";
+    url = "http://pyyaml.org/download/libyaml/yaml-${version}.tar.gz";
+    sha256 = "1vrv5ly58bkmcyc049ad180f2m8iav6l9h3v8l2fqdmrny7yx1zs";
   };
 
-  # Downloaded on 2014-02-01 from https://bugzilla.redhat.com/show_bug.cgi?id=1033990
-  patches = [ ./cve-2013-6393_a.patch ./cve-2013-6393_b.patch ./cve-2013-6393_c.patch ];
-
-  meta = {
+  meta = with stdenv.lib; {
     homepage = http://pyyaml.org/;
     description = "A YAML 1.1 parser and emitter written in C";
-    license = "free";
+    license = licenses.mit;
   };
 }
-- 
cgit 1.4.1