aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDiego Nicola Barbato <dnbarbato@posteo.de>2020-03-16 18:43:20 +0100
committerLudovic Courtès <ludo@gnu.org>2020-04-08 19:35:34 +0200
commitc1d81df93d4b67671fc4a8e0a80c0f02c5821663 (patch)
treebd5e48696e3b97fa0aefd5f556b242a7a02993aa
parent198571b264547f800803e554c8f21a9c95be959c (diff)
downloadguix-c1d81df93d4b67671fc4a8e0a80c0f02c5821663.tar
guix-c1d81df93d4b67671fc4a8e0a80c0f02c5821663.tar.gz
download: Use correct system and guile in 'url-fetch/tarbomb' and 'url-fetch/zipbomb'.
Fixes <https://bugs.gnu.org/40115>. Previously the result of `guix build -s $system $package' would depend on the system Guix was built for if $package or one of its dependencies used 'url-fetch/tarbomb' or 'url-fetch/zipbomb' as the origin method of its source (e.g. `guix build -s i686-linux ffmpeg' on i686-linux would build a different derivation than on x86_64-linux). This patch fixes this by explicitly passing the correct system and guile to 'gexp->derivation'. * guix/download.scm (url-fetch/tarbomb): Pass #:system system and #:guile-for-build guile to 'gexp->derivation', where guile is the derivation of guile for system. (url-fetch/zipbomb): Likewise. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
-rw-r--r--guix/download.scm10
1 files changed, 8 insertions, 2 deletions
diff --git a/guix/download.scm b/guix/download.scm
index 91a2b4ce5f..c3dc5a208c 100644
--- a/guix/download.scm
+++ b/guix/download.scm
@@ -531,7 +531,8 @@ own. This helper makes it easier to deal with \"tar bombs\"."
(string-append "tarbomb-"
(or name file-name))
#:system system
- #:guile guile)))
+ #:guile guile))
+ (guile (package->derivation guile system)))
;; Take the tar bomb, and simply unpack it as a directory.
;; Use ungrafted tar/gzip so that the resulting tarball doesn't depend on
;; whether grafts are enabled.
@@ -544,6 +545,8 @@ own. This helper makes it easier to deal with \"tar bombs\"."
(chdir #$output)
(invoke (string-append #$tar "/bin/tar")
"xf" #$drv)))
+ #:system system
+ #:guile-for-build guile
#:graft? #f
#:local-build? #t)))
@@ -566,7 +569,8 @@ own. This helper makes it easier to deal with \"zip bombs\"."
(string-append "zipbomb-"
(or name file-name))
#:system system
- #:guile guile)))
+ #:guile guile))
+ (guile (package->derivation guile system)))
;; Take the zip bomb, and simply unpack it as a directory.
;; Use ungrafted unzip so that the resulting tarball doesn't depend on
;; whether grafts are enabled.
@@ -578,6 +582,8 @@ own. This helper makes it easier to deal with \"zip bombs\"."
(chdir #$output)
(invoke (string-append #$unzip "/bin/unzip")
#$drv)))
+ #:system system
+ #:guile-for-build guile
#:graft? #f
#:local-build? #t)))