diff options
author | Diego Nicola Barbato <dnbarbato@posteo.de> | 2020-03-16 18:43:20 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-04-08 19:35:34 +0200 |
commit | c1d81df93d4b67671fc4a8e0a80c0f02c5821663 (patch) | |
tree | bd5e48696e3b97fa0aefd5f556b242a7a02993aa | |
parent | 198571b264547f800803e554c8f21a9c95be959c (diff) | |
download | patches-c1d81df93d4b67671fc4a8e0a80c0f02c5821663.tar patches-c1d81df93d4b67671fc4a8e0a80c0f02c5821663.tar.gz |
download: Use correct system and guile in 'url-fetch/tarbomb' and 'url-fetch/zipbomb'.
Fixes <https://bugs.gnu.org/40115>.
Previously the result of `guix build -s $system $package' would depend on the
system Guix was built for if $package or one of its dependencies used
'url-fetch/tarbomb' or 'url-fetch/zipbomb' as the origin method of its
source (e.g. `guix build -s i686-linux ffmpeg' on i686-linux would build a
different derivation than on x86_64-linux).
This patch fixes this by explicitly passing the correct system and guile to
'gexp->derivation'.
* guix/download.scm (url-fetch/tarbomb): Pass #:system system and
#:guile-for-build guile to 'gexp->derivation', where guile is the derivation
of guile for system.
(url-fetch/zipbomb): Likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
-rw-r--r-- | guix/download.scm | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/guix/download.scm b/guix/download.scm index 91a2b4ce5f..c3dc5a208c 100644 --- a/guix/download.scm +++ b/guix/download.scm @@ -531,7 +531,8 @@ own. This helper makes it easier to deal with \"tar bombs\"." (string-append "tarbomb-" (or name file-name)) #:system system - #:guile guile))) + #:guile guile)) + (guile (package->derivation guile system))) ;; Take the tar bomb, and simply unpack it as a directory. ;; Use ungrafted tar/gzip so that the resulting tarball doesn't depend on ;; whether grafts are enabled. @@ -544,6 +545,8 @@ own. This helper makes it easier to deal with \"tar bombs\"." (chdir #$output) (invoke (string-append #$tar "/bin/tar") "xf" #$drv))) + #:system system + #:guile-for-build guile #:graft? #f #:local-build? #t))) @@ -566,7 +569,8 @@ own. This helper makes it easier to deal with \"zip bombs\"." (string-append "zipbomb-" (or name file-name)) #:system system - #:guile guile))) + #:guile guile)) + (guile (package->derivation guile system))) ;; Take the zip bomb, and simply unpack it as a directory. ;; Use ungrafted unzip so that the resulting tarball doesn't depend on ;; whether grafts are enabled. @@ -578,6 +582,8 @@ own. This helper makes it easier to deal with \"zip bombs\"." (chdir #$output) (invoke (string-append #$unzip "/bin/unzip") #$drv))) + #:system system + #:guile-for-build guile #:graft? #f #:local-build? #t))) |