aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--build-aux/hydra/gnu-system.scm2
-rw-r--r--gnu-system.am26
-rw-r--r--gnu/packages/base.scm33
-rw-r--r--gnu/packages/bison.scm4
-rw-r--r--gnu/packages/commencement.scm51
-rw-r--r--gnu/packages/cpio.scm14
-rw-r--r--gnu/packages/cross-base.scm204
-rw-r--r--gnu/packages/databases.scm4
-rw-r--r--gnu/packages/flex.scm2
-rw-r--r--gnu/packages/gawk.scm4
-rw-r--r--gnu/packages/gcc.scm44
-rw-r--r--gnu/packages/gettext.scm3
-rw-r--r--gnu/packages/image.scm21
-rw-r--r--gnu/packages/ld-wrapper.in12
-rw-r--r--gnu/packages/linux.scm22
-rw-r--r--gnu/packages/make-bootstrap.scm22
-rw-r--r--gnu/packages/nettle.scm6
-rw-r--r--gnu/packages/openssl.scm4
-rw-r--r--gnu/packages/patches/cpio-fix-symlink-bad-length-test.patch44
-rw-r--r--gnu/packages/patches/findutils-localstatedir.patch14
-rw-r--r--gnu/packages/patches/gawk-shell.patch18
-rw-r--r--gnu/packages/patches/gcc-arm-link-spec-fix.patch4
-rw-r--r--gnu/packages/patches/gettext-msgunfmt.patch58
-rw-r--r--gnu/packages/patches/guile-linux-syscalls.patch6
-rw-r--r--gnu/packages/patches/libtiff-CVE-2012-4564.patch33
-rw-r--r--gnu/packages/patches/libtiff-CVE-2013-1960.patch148
-rw-r--r--gnu/packages/patches/libtiff-CVE-2013-1961.patch770
-rw-r--r--gnu/packages/patches/libtiff-CVE-2013-4231.patch19
-rw-r--r--gnu/packages/patches/libtiff-CVE-2013-4232.patch20
-rw-r--r--gnu/packages/patches/libtiff-CVE-2013-4243.patch39
-rw-r--r--gnu/packages/patches/libtiff-CVE-2013-4244.patch20
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch30
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8127-pt2.patch42
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8127-pt3.patch45
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8127-pt4.patch295
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8128-pt1.patch32
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8128-pt2.patch83
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8128-pt3.patch34
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8128-pt4.patch77
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8128-pt5.patch16
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-8129.patch45
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-9330.patch47
-rw-r--r--gnu/packages/patches/libtiff-CVE-2014-9655.patch88
-rw-r--r--gnu/packages/patches/patch-hurd-path-max.patch48
-rw-r--r--gnu/packages/patches/sed-hurd-path-max.patch34
-rw-r--r--gnu/packages/patches/tar-d_ino_in_dirent-fix.patch33
-rw-r--r--gnu/packages/patches/tar-skip-unreliable-tests.patch32
-rw-r--r--gnu/packages/perl.scm55
-rw-r--r--gnu/packages/xml.scm58
-rw-r--r--guix/packages.scm12
50 files changed, 2530 insertions, 247 deletions
diff --git a/build-aux/hydra/gnu-system.scm b/build-aux/hydra/gnu-system.scm
index 83cc6fb177..556dd7ac2e 100644
--- a/build-aux/hydra/gnu-system.scm
+++ b/build-aux/hydra/gnu-system.scm
@@ -101,7 +101,7 @@ SYSTEM."
;; Note: Don't put the '-final' package variants because (1) that's
;; implicit, and (2) they cannot be cross-built (due to the explicit input
;; chain.)
- (list gcc-4.8 gcc-4.7 glibc binutils
+ (list gcc-4.8 gcc-4.9 gcc-5.1 glibc binutils
gmp mpfr mpc coreutils findutils diffutils patch sed grep
gawk gnu-gettext hello guile-2.0 zlib gzip xz
%bootstrap-binaries-tarball
diff --git a/gnu-system.am b/gnu-system.am
index 1f7c4e8490..b43d541b05 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -402,6 +402,7 @@ dist_patch_DATA = \
gnu/packages/patches/cpio-CVE-2014-9112-pt3.patch \
gnu/packages/patches/cpio-CVE-2014-9112-pt4.patch \
gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch \
+ gnu/packages/patches/cpio-fix-symlink-bad-length-test.patch \
gnu/packages/patches/cpio-gets-undeclared.patch \
gnu/packages/patches/cpufrequtils-fix-aclocal.patch \
gnu/packages/patches/crossmap-allow-system-pysam.patch \
@@ -420,6 +421,7 @@ dist_patch_DATA = \
gnu/packages/patches/emacs-exec-path.patch \
gnu/packages/patches/eudev-rules-directory.patch \
gnu/packages/patches/findutils-absolute-paths.patch \
+ gnu/packages/patches/findutils-localstatedir.patch \
gnu/packages/patches/flashrom-use-libftdi1.patch \
gnu/packages/patches/flex-bison-tests.patch \
gnu/packages/patches/fltk-shared-lib-defines.patch \
@@ -430,6 +432,7 @@ dist_patch_DATA = \
gnu/packages/patches/gcc-libvtv-runpath.patch \
gnu/packages/patches/gcc-5.0-libvtv-runpath.patch \
gnu/packages/patches/geoclue-config.patch \
+ gnu/packages/patches/gettext-msgunfmt.patch \
gnu/packages/patches/ghostscript-runpath.patch \
gnu/packages/patches/gitolite-openssh-6.8-compat.patch \
gnu/packages/patches/glib-tests-desktop.patch \
@@ -470,6 +473,25 @@ dist_patch_DATA = \
gnu/packages/patches/liboop-mips64-deplibs-fix.patch \
gnu/packages/patches/libmad-mips-newgcc.patch \
gnu/packages/patches/libtheora-config-guess.patch \
+ gnu/packages/patches/libtiff-CVE-2012-4564.patch \
+ gnu/packages/patches/libtiff-CVE-2013-1960.patch \
+ gnu/packages/patches/libtiff-CVE-2013-1961.patch \
+ gnu/packages/patches/libtiff-CVE-2013-4231.patch \
+ gnu/packages/patches/libtiff-CVE-2013-4232.patch \
+ gnu/packages/patches/libtiff-CVE-2013-4243.patch \
+ gnu/packages/patches/libtiff-CVE-2013-4244.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8127-pt2.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8127-pt3.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8127-pt4.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8128-pt1.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8128-pt2.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8128-pt3.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8128-pt4.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8128-pt5.patch \
+ gnu/packages/patches/libtiff-CVE-2014-8129.patch \
+ gnu/packages/patches/libtiff-CVE-2014-9330.patch \
+ gnu/packages/patches/libtiff-CVE-2014-9655.patch \
gnu/packages/patches/libtool-skip-tests2.patch \
gnu/packages/patches/libssh-CVE-2014-0017.patch \
gnu/packages/patches/libvpx-fix-armhf-link.patch \
@@ -508,6 +530,7 @@ dist_patch_DATA = \
gnu/packages/patches/patchelf-page-size.patch \
gnu/packages/patches/patchelf-rework-for-arm.patch \
gnu/packages/patches/patchutils-xfail-gendiff-tests.patch \
+ gnu/packages/patches/patch-hurd-path-max.patch \
gnu/packages/patches/pavucontrol-sigsegv.patch \
gnu/packages/patches/perl-gd-options-passthrough-and-fontconfig.patch \
gnu/packages/patches/perl-module-pluggable-search.patch \
@@ -555,6 +578,7 @@ dist_patch_DATA = \
gnu/packages/patches/ratpoison-shell.patch \
gnu/packages/patches/readline-link-ncurses.patch \
gnu/packages/patches/ripperx-libm.patch \
+ gnu/packages/patches/sed-hurd-path-max.patch \
gnu/packages/patches/scheme48-tests.patch \
gnu/packages/patches/scotch-test-threading.patch \
gnu/packages/patches/sdl-libx11-1.6.patch \
@@ -566,6 +590,8 @@ dist_patch_DATA = \
gnu/packages/patches/soprano-find-clucene.patch \
gnu/packages/patches/subversion-sqlite-3.8.9-fix.patch \
gnu/packages/patches/superlu-dist-scotchmetis.patch \
+ gnu/packages/patches/tar-d_ino_in_dirent-fix.patch \
+ gnu/packages/patches/tar-skip-unreliable-tests.patch \
gnu/packages/patches/tcsh-fix-autotest.patch \
gnu/packages/patches/teckit-cstdio.patch \
gnu/packages/patches/texi2html-document-encoding.patch \
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index c6206fdce2..31331a1080 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -101,7 +101,8 @@ including, for example, recursive directory searching.")
".tar.bz2"))
(sha256
(base32
- "1myvrmh99jsvk7v3d7crm0gcrq51hmmm1r2kjyyci152in1x2j7h"))))
+ "1myvrmh99jsvk7v3d7crm0gcrq51hmmm1r2kjyyci152in1x2j7h"))
+ (patches (list (search-patch "sed-hurd-path-max.patch")))))
(build-system gnu-build-system)
(synopsis "Stream editor")
(arguments
@@ -136,7 +137,10 @@ implementation offers several extensions over the standard utility.")
version ".tar.xz"))
(sha256
(base32
- "1wi2zwm4c9r3h3b8y4w0nm0qq897kn8kyj9k22ba0iqvxj48vvk4"))))
+ "1wi2zwm4c9r3h3b8y4w0nm0qq897kn8kyj9k22ba0iqvxj48vvk4"))
+ (patches (map search-patch
+ '("tar-d_ino_in_dirent-fix.patch"
+ "tar-skip-unreliable-tests.patch")))))
(build-system gnu-build-system)
(synopsis "Managing tar archives")
(description
@@ -159,7 +163,8 @@ standard utility.")
version ".tar.xz"))
(sha256
(base32
- "16d2r9kpivaak948mxzc0bai45mqfw73m113wrkmbffnalv1b5gx"))))
+ "16d2r9kpivaak948mxzc0bai45mqfw73m113wrkmbffnalv1b5gx"))
+ (patches (list (search-patch "patch-hurd-path-max.patch")))))
(build-system gnu-build-system)
(native-inputs `(("ed", ed)))
(synopsis "Apply differences to originals, with optional backups")
@@ -205,14 +210,20 @@ interactive means to merge two files.")
(sha256
(base32
"0amn0bbwqvsvvsh6drfwz20ydc2czk374lzw5kksbh6bf78k4ks3"))
- (patches (list (search-patch "findutils-absolute-paths.patch")))))
+ (patches (map search-patch
+ '("findutils-absolute-paths.patch"
+ "findutils-localstatedir.patch")))))
(build-system gnu-build-system)
(arguments
- ;; Work around cross-compilation failure.
- ;; See <http://savannah.gnu.org/bugs/?27299#comment1>.
- (if (%current-target-system)
- '(#:configure-flags '("gl_cv_func_wcwidth_works=yes"))
- '()))
+ `(#:configure-flags (list
+ ;; Tell 'updatedb' to write to /var.
+ "--localstatedir=/var"
+
+ ;; Work around cross-compilation failure. See
+ ;; <http://savannah.gnu.org/bugs/?27299#comment1>.
+ ,@(if (%current-target-system)
+ '("gl_cv_func_wcwidth_works=yes")
+ '()))))
(synopsis "Operating on files matching given criteria")
(description
"Findutils supplies the basic file directory searching utilities of the
@@ -672,14 +683,14 @@ test environments.")
(define-public which
(package
(name "which")
- (version "2.20")
+ (version "2.21")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/which/which-"
version ".tar.gz"))
(sha256
(base32
- "1y2p50zadb36izzh2zw4dm5hvdiydqf3qa88l8kav20dcmfbc5yl"))))
+ "1bgafvy3ypbhhfznwjv1lxmd6mci3x1byilnnkc7gcr486wlb8pl"))))
(build-system gnu-build-system)
(home-page "https://gnu.org/software/which/")
(synopsis "Find full path of shell commands")
diff --git a/gnu/packages/bison.scm b/gnu/packages/bison.scm
index 43ab216797..c8ec8cc274 100644
--- a/gnu/packages/bison.scm
+++ b/gnu/packages/bison.scm
@@ -40,7 +40,9 @@
(base32
"1qbgf6q1n2z17k8g33444m0q68kf3fbiq65q7jlrzpvvj73jh957"))))
(build-system gnu-build-system)
- (native-inputs `(("perl" ,perl)))
+ (native-inputs `(("perl" ,perl)
+ ;; m4 is not present in PATH when cross-building
+ ("m4" ,m4)))
(inputs `(("flex" ,flex)))
(propagated-inputs `(("m4" ,m4)))
(home-page "http://www.gnu.org/software/bison/")
diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm
index a5402f0556..db91bec5da 100644
--- a/gnu/packages/commencement.scm
+++ b/gnu/packages/commencement.scm
@@ -137,6 +137,28 @@
(arguments
`(#:guile ,%bootstrap-guile
#:implicit-inputs? #f
+
+ #:modules ((guix build gnu-build-system)
+ (guix build utils)
+ (ice-9 ftw)) ; for 'scandir'
+ #:phases (alist-cons-after
+ 'install 'add-symlinks
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; The cross-gcc invokes 'as', 'ld', etc, without the
+ ;; triplet prefix, so add symlinks.
+ (let ((out (assoc-ref outputs "out"))
+ (triplet-prefix (string-append ,(boot-triplet) "-")))
+ (define (has-triplet-prefix? name)
+ (string-prefix? triplet-prefix name))
+ (define (remove-triplet-prefix name)
+ (substring name (string-length triplet-prefix)))
+ (with-directory-excursion (string-append out "/bin")
+ (for-each (lambda (name)
+ (symlink name (remove-triplet-prefix name)))
+ (scandir "." has-triplet-prefix?)))
+ #t))
+ %standard-phases)
+
,@(substitute-keyword-arguments (package-arguments binutils)
((#:configure-flags cf)
`(cons ,(string-append "--target=" (boot-triplet))
@@ -145,7 +167,7 @@
(define gcc-boot0
(package-with-bootstrap-guile
- (package (inherit gcc-4.8)
+ (package (inherit gcc-4.9)
(name "gcc-cross-boot0")
(arguments
`(#:guile ,%bootstrap-guile
@@ -155,7 +177,7 @@
(ice-9 regex)
(srfi srfi-1)
(srfi srfi-26))
- ,@(substitute-keyword-arguments (package-arguments gcc-4.8)
+ ,@(substitute-keyword-arguments (package-arguments gcc-4.9)
((#:configure-flags flags)
`(append (list ,(string-append "--target=" (boot-triplet))
@@ -177,6 +199,8 @@
"--disable-libsanitizer"
"--disable-libitm"
"--disable-libgomp"
+ "--disable-libcilkrts"
+ "--disable-libvtv"
"--disable-libssp"
"--disable-libquadmath"
"--disable-decimal-float")
@@ -216,7 +240,7 @@
(with-directory-excursion
(string-append out "/lib/gcc/"
,(boot-triplet)
- "/" ,(package-version gcc-4.8))
+ "/" ,(package-version gcc-4.9))
(symlink "libgcc.a" "libgcc_eh.a"))))
,phases))))))
@@ -232,7 +256,7 @@
;; No need for Texinfo at this stage.
(native-inputs (alist-delete "texinfo"
- (package-native-inputs gcc-4.8))))))
+ (package-native-inputs gcc-4.9))))))
(define perl-boot0
(package-with-bootstrap-guile
@@ -270,10 +294,7 @@
;; 2nd stage inputs.
`(("gcc" ,gcc-boot0)
("binutils-cross" ,binutils-boot0)
-
- ;; Keep "binutils" here because the cross-gcc invokes `as', not the
- ;; cross-`as'.
- ,@%boot0-inputs))
+ ,@(alist-delete "binutils" %boot0-inputs)))
(define glibc-final-with-bootstrap-bash
;; The final libc, "cross-built". If everything went well, the resulting
@@ -331,7 +352,7 @@
(define (cross-gcc-wrapper gcc binutils glibc bash)
"Return a wrapper for the pseudo-cross toolchain GCC/BINUTILS/GLIBC
that makes it available under the native tool names."
- (package (inherit gcc-4.8)
+ (package (inherit gcc-4.9)
(name (string-append (package-name gcc) "-wrapped"))
(source #f)
(build-system trivial-build-system)
@@ -498,7 +519,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
;; Intermediate libstdc++ that will allow us to build the final GCC
;; (remember that GCC-BOOT0 cannot build libstdc++.)
(package-with-bootstrap-guile
- (package (inherit gcc-4.8)
+ (package (inherit gcc-4.9)
(name "libstdc++")
(arguments
`(#:guile ,%bootstrap-guile
@@ -517,7 +538,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(assoc-ref %outputs "out")
"/include"
;; "/include/c++/"
- ;; ,(package-version gcc-4.8)
+ ;; ,(package-version gcc-4.9)
))))
(outputs '("out"))
(inputs %boot2-inputs)
@@ -529,6 +550,12 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
;; The final GCC.
(package (inherit gcc-boot0)
(name "gcc")
+
+ ;; XXX: Currently #:allowed-references applies to all the outputs but the
+ ;; "debug" output contains disallowed references, notably
+ ;; linux-libre-headers. Disable the debugging output to work around that.
+ (outputs (delete "debug" (package-outputs gcc-boot0)))
+
(arguments
`(#:guile ,%bootstrap-guile
#:implicit-inputs? #f
@@ -545,7 +572,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
;; doesn't honor $LIBRARY_PATH, which breaks `gnu-build-system'.)
,@(substitute-keyword-arguments (package-arguments gcc-boot0)
((#:configure-flags boot-flags)
- (let loop ((args (package-arguments gcc-4.8)))
+ (let loop ((args (package-arguments gcc-4.9)))
(match args
((#:configure-flags normal-flags _ ...)
normal-flags)
diff --git a/gnu/packages/cpio.scm b/gnu/packages/cpio.scm
index 87f85d00e8..cfb416239d 100644
--- a/gnu/packages/cpio.scm
+++ b/gnu/packages/cpio.scm
@@ -36,12 +36,14 @@
(sha256
(base32
"1gavgpzqwgkpagjxw72xgxz52y1ifgz0ckqh8g7cckz7jvyhp0mv"))
- (patches (list (search-patch "cpio-CVE-2014-9112-pt1.patch")
- (search-patch "cpio-CVE-2014-9112-pt2.patch")
- (search-patch "cpio-CVE-2014-9112-pt3.patch")
- (search-patch "cpio-CVE-2014-9112-pt4.patch")
- (search-patch "cpio-CVE-2014-9112-pt5.patch")
- (search-patch "cpio-gets-undeclared.patch")))))
+ (patches (map search-patch
+ '("cpio-CVE-2014-9112-pt1.patch"
+ "cpio-CVE-2014-9112-pt2.patch"
+ "cpio-CVE-2014-9112-pt3.patch"
+ "cpio-CVE-2014-9112-pt4.patch"
+ "cpio-CVE-2014-9112-pt5.patch"
+ "cpio-fix-symlink-bad-length-test.patch"
+ "cpio-gets-undeclared.patch")))))
(build-system gnu-build-system)
;; FIXME: autoconf is needed to run autom4te, to update to test suite
diff --git a/gnu/packages/cross-base.scm b/gnu/packages/cross-base.scm
index f1aca505d8..9c27483466 100644
--- a/gnu/packages/cross-base.scm
+++ b/gnu/packages/cross-base.scm
@@ -85,101 +85,107 @@ may be either a libc package or #f.)"
;; Set the current target system so that 'glibc-dynamic-linker' returns the
;; right name.
(parameterize ((%current-target-system target))
- (substitute-keyword-arguments (package-arguments gcc-4.8)
- ((#:configure-flags flags)
- `(append (list ,(string-append "--target=" target)
- ,@(if libc
- '()
- `( ;; Disable features not needed at this stage.
- "--disable-shared" "--enable-static"
-
- ;; Disable C++ because libstdc++'s configure
- ;; script otherwise fails with "Link tests are not
- ;; allowed after GCC_NO_EXECUTABLES."
- "--enable-languages=c"
-
- "--disable-threads" ;libgcc, would need libc
- "--disable-libatomic"
- "--disable-libmudflap"
- "--disable-libgomp"
- "--disable-libssp"
- "--disable-libquadmath"
- "--disable-decimal-float" ;would need libc
- )))
-
- ,(if libc
- flags
- `(remove (cut string-match "--enable-languages.*" <>)
- ,flags))))
- ((#:make-flags flags)
- (if libc
- `(let ((libc (assoc-ref %build-inputs "libc")))
- ;; FLAGS_FOR_TARGET are needed for the target libraries to receive
- ;; the -Bxxx for the startfiles.
- (cons (string-append "FLAGS_FOR_TARGET=-B" libc "/lib")
- ,flags))
- flags))
- ((#:phases phases)
- (let ((phases
- `(alist-cons-after
- 'install 'make-cross-binutils-visible
- (lambda* (#:key outputs inputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (libexec (string-append out "/libexec/gcc/"
- ,target))
- (binutils (string-append
- (assoc-ref inputs "binutils-cross")
- "/bin/" ,target "-"))
- (wrapper (string-append
- (assoc-ref inputs "ld-wrapper-cross")
- "/bin/" ,target "-ld")))
- (for-each (lambda (file)
- (symlink (string-append binutils file)
- (string-append libexec "/"
- file)))
- '("as" "nm"))
- (symlink wrapper (string-append libexec "/ld"))
- #t))
- ,phases)))
- (if libc
- `(alist-cons-before
- 'configure 'set-cross-path
- (lambda* (#:key inputs #:allow-other-keys)
- ;; Add the cross Linux headers to CROSS_CPATH, and remove them
- ;; from CPATH.
- (let ((libc (assoc-ref inputs "libc"))
- (linux (assoc-ref inputs
- "libc/linux-headers")))
- (define (cross? x)
- ;; Return #t if X is a cross-libc or cross Linux.
- (or (string-prefix? libc x)
- (string-prefix? linux x)))
-
- (setenv "CROSS_CPATH"
- (string-append libc "/include:"
- linux "/include"))
- (setenv "CROSS_LIBRARY_PATH"
- (string-append libc "/lib"))
-
- (let ((cpath (search-path-as-string->list
- (getenv "CPATH")))
- (libpath (search-path-as-string->list
- (getenv "LIBRARY_PATH"))))
- (setenv "CPATH"
- (list->search-path-as-string
- (remove cross? cpath) ":"))
- (setenv "LIBRARY_PATH"
- (list->search-path-as-string
- (remove cross? libpath) ":"))
- #t)))
- ,phases)
- phases)))
- ((#:strip-binaries? _)
- ;; Disable stripping as this can break binaries, with object files of
- ;; libgcc.a showing up as having an unknown architecture. See
- ;; <http://lists.fedoraproject.org/pipermail/arm/2010-August/000663.html>
- ;; for instance.
- #f))))
+ ;; Disable stripping as this can break binaries, with object files of
+ ;; libgcc.a showing up as having an unknown architecture. See
+ ;; <http://lists.fedoraproject.org/pipermail/arm/2010-August/000663.html>
+ ;; for instance.
+ (let ((args `(#:strip-binaries? #f
+ ,@(package-arguments gcc-4.9))))
+ (substitute-keyword-arguments args
+ ((#:configure-flags flags)
+ `(append (list ,(string-append "--target=" target)
+ ,@(if libc
+ '()
+ `( ;; Disable features not needed at this stage.
+ "--disable-shared" "--enable-static"
+
+ ;; Disable C++ because libstdc++'s configure
+ ;; script otherwise fails with "Link tests are not
+ ;; allowed after GCC_NO_EXECUTABLES."
+ "--enable-languages=c"
+
+ "--disable-threads" ;libgcc, would need libc
+ "--disable-libatomic"
+ "--disable-libmudflap"
+ "--disable-libgomp"
+ "--disable-libssp"
+ "--disable-libquadmath"
+ "--disable-decimal-float" ;would need libc
+ )))
+
+ ,(if libc
+ flags
+ `(remove (cut string-match "--enable-languages.*" <>)
+ ,flags))))
+ ((#:make-flags flags)
+ (if libc
+ `(let ((libc (assoc-ref %build-inputs "libc")))
+ ;; FLAGS_FOR_TARGET are needed for the target libraries to receive
+ ;; the -Bxxx for the startfiles.
+ (cons (string-append "FLAGS_FOR_TARGET=-B" libc "/lib")
+ ,flags))
+ flags))
+ ((#:phases phases)
+ (let ((phases
+ `(alist-cons-after
+ 'install 'make-cross-binutils-visible
+ (lambda* (#:key outputs inputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (libexec (string-append out "/libexec/gcc/"
+ ,target))
+ (binutils (string-append
+ (assoc-ref inputs "binutils-cross")
+ "/bin/" ,target "-"))
+ (wrapper (string-append
+ (assoc-ref inputs "ld-wrapper-cross")
+ "/bin/" ,target "-ld")))
+ (for-each (lambda (file)
+ (symlink (string-append binutils file)
+ (string-append libexec "/"
+ file)))
+ '("as" "nm"))
+ (symlink wrapper (string-append libexec "/ld"))
+ #t))
+ (alist-replace
+ 'install
+ (lambda _
+ ;; Unlike our 'strip' phase, this will do the right thing
+ ;; for cross-compilers.
+ (zero? (system* "make" "install-strip")))
+ ,phases))))
+ (if libc
+ `(alist-cons-before
+ 'configure 'set-cross-path
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; Add the cross Linux headers to CROSS_CPATH, and remove them
+ ;; from CPATH.
+ (let ((libc (assoc-ref inputs "libc"))
+ (linux (assoc-ref inputs
+ "libc/linux-headers")))
+ (define (cross? x)
+ ;; Return #t if X is a cross-libc or cross Linux.
+ (or (string-prefix? libc x)
+ (string-prefix? linux x)))
+
+ (setenv "CROSS_CPATH"
+ (string-append libc "/include:"
+ linux "/include"))
+ (setenv "CROSS_LIBRARY_PATH"
+ (string-append libc "/lib"))
+
+ (let ((cpath (search-path-as-string->list
+ (getenv "CPATH")))
+ (libpath (search-path-as-string->list
+ (getenv "LIBRARY_PATH"))))
+ (setenv "CPATH"
+ (list->search-path-as-string
+ (remove cross? cpath) ":"))
+ (setenv "LIBRARY_PATH"
+ (list->search-path-as-string
+ (remove cross? libpath) ":"))
+ #t)))
+ ,phases)
+ phases)))))))
(define (cross-gcc-patches target)
"Return GCC patches needed for TARGET."
@@ -193,14 +199,14 @@ may be either a libc package or #f.)"
"Return a cross-compiler for TARGET, where TARGET is a GNU triplet. Use
XBINUTILS as the associated cross-Binutils. If LIBC is false, then build a
GCC that does not target a libc; otherwise, target that libc."
- (package (inherit gcc-4.8)
+ (package (inherit gcc-4.9)
(name (string-append "gcc-cross-"
(if libc "" "sans-libc-")
target))
- (source (origin (inherit (package-source gcc-4.8))
+ (source (origin (inherit (package-source gcc-4.9))
(patches
(append
- (origin-patches (package-source gcc-4.8))
+ (origin-patches (package-source gcc-4.9))
(cons (search-patch "gcc-cross-environment-variables.patch")
(cross-gcc-patches target))))))
@@ -230,7 +236,7 @@ GCC that does not target a libc; otherwise, target that libc."
("libc-native" ,@(assoc-ref %final-inputs "libc"))
;; Remaining inputs.
- ,@(let ((inputs (append (package-inputs gcc-4.8)
+ ,@(let ((inputs (append (package-inputs gcc-4.9)
(alist-delete "libc" %final-inputs))))
(if libc
`(("libc" ,libc)
diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index 3e3fd1a560..3ab2fcdcf3 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -284,7 +284,7 @@ types are supported, as is encryption.")
(define-public sqlite
(package
(name "sqlite")
- (version "3.8.9")
+ (version "3.8.10.2")
(source (origin
(method url-fetch)
;; TODO: Download from sqlite.org once this bug :
@@ -304,7 +304,7 @@ types are supported, as is encryption.")
"/sqlite-autoconf-" numeric-version ".tar.gz")))
(sha256
(base32
- "18k90bbfvvgc5204nm1hzw0vsj9ygzv7zbq3z6zrya6j5hwvdsvn"))))
+ "09nnaqx50gl1vmfvdipirizr61q3s0ywlql50f9kr1bx9rdfb0l3"))))
(build-system gnu-build-system)
(inputs `(("readline" ,readline)))
(arguments
diff --git a/gnu/packages/flex.scm b/gnu/packages/flex.scm
index e76535cc17..7988e930e7 100644
--- a/gnu/packages/flex.scm
+++ b/gnu/packages/flex.scm
@@ -60,6 +60,8 @@
(inputs (alist-delete "flex" (package-inputs bison))))))
`(("bison" ,bison-for-tests)
("indent" ,indent))))
+ ;; m4 is not present in PATH when cross-building
+ (native-inputs `(("m4" ,m4)))
(propagated-inputs `(("m4" ,m4)))
(home-page "http://flex.sourceforge.net/")
(synopsis "Fast lexical analyser generator")
diff --git a/gnu/packages/gawk.scm b/gnu/packages/gawk.scm
index 06ecf6a064..d2639a32a3 100644
--- a/gnu/packages/gawk.scm
+++ b/gnu/packages/gawk.scm
@@ -28,13 +28,13 @@
(define-public gawk
(package
(name "gawk")
- (version "4.1.1")
+ (version "4.1.3")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/gawk/gawk-" version
".tar.xz"))
(sha256
- (base32 "1nz83vpss8xv7m475sv4qhhj40g74nvcw0y9kwq9ds8wzfmcdm7g"))))
+ (base32 "09d6pmx6h3i2glafm0jd1v1iyrs03vcyv2rkz12jisii3vlmbkz3"))))
(build-system gnu-build-system)
(arguments
`(#:parallel-tests? #f ; test suite fails in parallel
diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
index b652521bb8..beb007e95b 100644
--- a/gnu/packages/gcc.scm
+++ b/gnu/packages/gcc.scm
@@ -64,15 +64,7 @@ where the OS part is overloaded to denote a specific ABI---into GCC
'())))
(define-public gcc-4.7
- (let* ((stripped? #t) ; TODO: make this a parameter
- (install-target
- (lambda ()
- ;; The 'install-strip' rule uses the native 'strip' instead of
- ;; 'TARGET-strip' when cross-compiling. Thus, use 'install' in that
- ;; case.
- (if (and stripped? (not (%current-target-system)))
- "install-strip"
- "install")))
+ (let* ((stripped? #t) ;whether to strip the compiler, not the libraries
(maybe-target-tools
(lambda ()
;; Return the `_FOR_TARGET' variables that are needed when
@@ -144,8 +136,9 @@ where the OS part is overloaded to denote a specific ABI---into GCC
;; Separate out the run-time support libraries because all the
;; dynamic-linked objects depend on it.
- (outputs '("out" ; commands, etc. (60+ MiB)
- "lib")) ; libgcc_s, libgomp, etc. (15+ MiB)
+ (outputs '("out" ;commands, etc. (60+ MiB)
+ "lib" ;libgcc_s, libgomp, etc. (15+ MiB)
+ "debug")) ;debug symbols of run-time libraries
(inputs `(("gmp" ,gmp)
("mpfr" ,mpfr)
@@ -160,7 +153,6 @@ where the OS part is overloaded to denote a specific ABI---into GCC
(arguments
`(#:out-of-source? #t
- #:strip-binaries? ,stripped?
#:configure-flags ,(configure-flags)
#:make-flags
;; None of the flags below are needed when doing a Canadian cross.
@@ -235,8 +227,8 @@ where the OS part is overloaded to denote a specific ABI---into GCC
;; below, make sure to update the relevant code in
;; %gcc-static package as needed.
(format #f "#define GNU_USER_TARGET_LIB_SPEC \
-\"-L~a/lib %{!static:-rpath=~a/lib %{!static-libgcc:-rpath=~a/lib64 -rpath=~a/lib -lgcc_s}} \" ~a"
- libc libc libdir libdir suffix))
+\"-L~a/lib %{!static:-rpath=~a/lib %{!static-libgcc:-rpath=~a/lib -lgcc_s}} \" ~a"
+ libc libc libdir suffix))
(("#define GNU_USER_TARGET_STARTFILE_SPEC.*$" line)
(format #f "#define STANDARD_STARTFILE_PREFIX_1 \"~a/lib\"
#define STANDARD_STARTFILE_PREFIX_2 \"\"
@@ -248,6 +240,20 @@ where the OS part is overloaded to denote a specific ABI---into GCC
(("static char const sed_cmd_z\\[\\] =.*;")
"static char const sed_cmd_z[] = \"sed\";"))
+ (when (file-exists? "libbacktrace")
+ ;; GCC 4.8+ comes with libbacktrace. By default it builds
+ ;; with -Werror, which fails with a -Wcast-qual error in glibc
+ ;; 2.21's stdlib-bsearch.h. Remove -Werror.
+ (substitute* "libbacktrace/configure"
+ (("WARN_FLAGS=(.*)-Werror" _ flags)
+ (string-append "WARN_FLAGS=" flags)))
+
+ (when (file-exists? "libsanitizer/libbacktrace")
+ ;; Same in libsanitizer's bundled copy (!) found in 4.9+.
+ (substitute* "libsanitizer/libbacktrace/Makefile.in"
+ (("-Werror")
+ ""))))
+
;; Add a RUNPATH to libstdc++.so so that it finds libgcc_s.
;; See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=32354>
;; and <http://bugs.gnu.org/20358>.
@@ -280,11 +286,7 @@ where the OS part is overloaded to denote a specific ABI---into GCC
(substitute* "Makefile"
(("^TOPLEVEL_CONFIGURE_ARGUMENTS=(.*)$" _ rest)
"TOPLEVEL_CONFIGURE_ARGUMENTS=\n")))
- (alist-replace 'install
- (lambda* (#:key outputs #:allow-other-keys)
- (zero?
- (system* "make" ,(install-target))))
- %standard-phases)))))
+ %standard-phases))))
(native-search-paths
(list (search-path-specification
@@ -313,10 +315,6 @@ Go. It also includes runtime support libraries for these languages.")
(sha256
(base32
"15c6gwm6dzsaagamxkak5smdkf1rdfbqqjs9jdbrp3lbg4ism02a"))
-
- ;; ARM 'link' spec issue reported at
- ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65711> and
- ;; <https://gcc.gnu.org/ml/gcc-patches/2015-04/msg01387.html>.
(patches (list (search-patch "gcc-arm-link-spec-fix.patch")))))))
(define-public gcc-4.9
diff --git a/gnu/packages/gettext.scm b/gnu/packages/gettext.scm
index 3a96cd613c..9289946178 100644
--- a/gnu/packages/gettext.scm
+++ b/gnu/packages/gettext.scm
@@ -42,7 +42,8 @@
version ".tar.gz"))
(sha256
(base32
- "0gvz86m4cs8bdf3mwmwsyx6lrq4ydfxgadrgd9jlx32z3bnz3jca"))))
+ "0gvz86m4cs8bdf3mwmwsyx6lrq4ydfxgadrgd9jlx32z3bnz3jca"))
+ (patches (list (search-patch "gettext-msgunfmt.patch")))))
(build-system gnu-build-system)
(inputs
`(("expat" ,expat)))
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 17da5f6391..ad4acb787e 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -112,7 +112,26 @@ image files in PBMPLUS PPM/PGM, GIF, BMP, and Targa file formats.")
(uri (string-append "ftp://ftp.remotesensing.org/pub/libtiff/tiff-"
version ".tar.gz"))
(sha256 (base32
- "0wj8d1iwk9vnpax2h29xqc2hwknxg3s0ay2d5pxkg59ihbifn6pa"))))
+ "0wj8d1iwk9vnpax2h29xqc2hwknxg3s0ay2d5pxkg59ihbifn6pa"))
+ (patches (map search-patch '("libtiff-CVE-2012-4564.patch"
+ "libtiff-CVE-2013-1960.patch"
+ "libtiff-CVE-2013-1961.patch"
+ "libtiff-CVE-2013-4231.patch"
+ "libtiff-CVE-2013-4232.patch"
+ "libtiff-CVE-2013-4244.patch"
+ "libtiff-CVE-2013-4243.patch"
+ "libtiff-CVE-2014-9330.patch"
+ "libtiff-CVE-2014-8127-pt1.patch"
+ "libtiff-CVE-2014-8127-pt2.patch"
+ "libtiff-CVE-2014-8127-pt3.patch"
+ "libtiff-CVE-2014-8127-pt4.patch"
+ "libtiff-CVE-2014-8128-pt1.patch"
+ "libtiff-CVE-2014-8128-pt2.patch"
+ "libtiff-CVE-2014-8128-pt3.patch"
+ "libtiff-CVE-2014-8129.patch"
+ "libtiff-CVE-2014-9655.patch"
+ "libtiff-CVE-2014-8128-pt4.patch"
+ "libtiff-CVE-2014-8128-pt5.patch")))))
(build-system gnu-build-system)
(inputs `(("zlib" ,zlib)
("libjpeg-8" ,libjpeg-8)))
diff --git a/gnu/packages/ld-wrapper.in b/gnu/packages/ld-wrapper.in
index db662e7d76..c3d6fa1005 100644
--- a/gnu/packages/ld-wrapper.in
+++ b/gnu/packages/ld-wrapper.in
@@ -143,12 +143,16 @@ exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line))
(define path+files+args
(fold (lambda (argument result)
(match result
- ((library-path library-files ("-dynamic-linker" . rest))
- ;; When passed '-dynamic-linker ld.so', ignore 'ld.so'.
- ;; See <http://bugs.gnu.org/20102>.
+ ((library-path library-files
+ ((and flag
+ (or "-dynamic-linker" "-plugin"))
+ . rest))
+ ;; When passed '-dynamic-linker ld.so', ignore 'ld.so'; when
+ ;; passed '-plugin liblto_plugin.so', ignore
+ ;; 'liblto_plugin.so'. See <http://bugs.gnu.org/20102>.
(list library-path
library-files
- (cons* argument "-dynamic-linker" rest)))
+ (cons* argument flag rest)))
((library-path library-files previous-args)
(cond ((string-prefix? "-L" argument) ;augment the search path
(list (append library-path
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index f636b91bf0..1b220c4e32 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -108,12 +108,21 @@
(and (zero? (system* "make"
(string-append "INSTALL_HDR_PATH=" out)
"headers_install"))
- (mkdir (string-append out "/include/config"))
- (call-with-output-file
- (string-append out
- "/include/config/kernel.release")
- (lambda (p)
- (format p "~a-default~%" ,version))))))))
+ (begin
+ (mkdir (string-append out "/include/config"))
+ (call-with-output-file
+ (string-append out
+ "/include/config/kernel.release")
+ (lambda (p)
+ (format p "~a-default~%" ,version)))
+
+ ;; Remove the '.install' and '..install.cmd' files; the
+ ;; latter contains store paths, which pulls in bootstrap
+ ;; binaries in the build environment, and prevents bit
+ ;; reproducibility for the bootstrap binaries.
+ (for-each delete-file (find-files out "\\.install"))
+
+ #t))))))
(package
(name "linux-libre-headers")
(version version)
@@ -135,6 +144,7 @@
(alist-replace
'install ,install-phase
(alist-delete 'configure %standard-phases)))
+ #:allowed-references ()
#:tests? #f))
(synopsis "GNU Linux-Libre kernel headers")
(description "Headers of the Linux-Libre kernel.")
diff --git a/gnu/packages/make-bootstrap.scm b/gnu/packages/make-bootstrap.scm
index 7f1b6d50b0..2a7c4bd6f2 100644
--- a/gnu/packages/make-bootstrap.scm
+++ b/gnu/packages/make-bootstrap.scm
@@ -103,11 +103,11 @@ for `sh' in $PATH, and without nscd, and with static NSS modules."
("cross-binutils" ,(cross-binutils target))
,@%final-inputs))
`(("libc" ,(glibc-for-bootstrap))
- ("gcc" ,(package (inherit gcc-4.8)
+ ("gcc" ,(package (inherit gcc-4.9)
(outputs '("out")) ; all in one so libgcc_s is easily found
(inputs
`(("libc",(glibc-for-bootstrap))
- ,@(package-inputs gcc-4.8)))))
+ ,@(package-inputs gcc-4.9)))))
,@(fold alist-delete %final-inputs '("libc" "gcc")))))
(package-with-explicit-inputs p inputs
@@ -181,7 +181,7 @@ for `sh' in $PATH, and without nscd, and with static NSS modules."
;; Since we use `-static', remove
;; `-export-dynamic'.
(substitute* "configure"
- (("-export-dynamic") "")))
+ (("-Wl,-export-dynamic") "")))
,phases)))))
(inputs (if (%current-target-system)
`(("bash" ,%bash-static))
@@ -374,10 +374,6 @@ for `sh' in $PATH, and without nscd, and with static NSS modules."
(copy-recursively (string-append linux "/include/asm-generic")
(string-append incdir "/asm-generic"))
- ;; Remove the '.install' and '..install.cmd' files; the latter
- ;; contains store paths, which prevents bit reproducibility.
- (for-each delete-file (find-files incdir "\\.install"))
-
#t))))
(inputs `(("libc" ,(let ((target (%current-target-system)))
(if target
@@ -393,7 +389,7 @@ for `sh' in $PATH, and without nscd, and with static NSS modules."
(define %gcc-static
;; A statically-linked GCC, with stripped-down functionality.
(package-with-relocatable-glibc
- (package (inherit gcc-4.8)
+ (package (inherit gcc-4.9)
(name "gcc-static")
(outputs '("out")) ; all in one
(arguments
@@ -402,7 +398,7 @@ for `sh' in $PATH, and without nscd, and with static NSS modules."
(srfi srfi-1)
(srfi srfi-26)
(ice-9 regex))
- ,@(substitute-keyword-arguments (package-arguments gcc-4.8)
+ ,@(substitute-keyword-arguments (package-arguments gcc-4.9)
((#:guile _) #f)
((#:implicit-inputs? _) #t)
((#:configure-flags flags)
@@ -426,6 +422,8 @@ for `sh' in $PATH, and without nscd, and with static NSS modules."
"--disable-libsanitizer"
"--disable-libitm"
"--disable-libgomp"
+ "--disable-libcilkrts"
+ "--disable-libvtv"
"--disable-libssp"
"--disable-libquadmath"
"--disable-decimal-float")
@@ -455,12 +453,12 @@ for `sh' in $PATH, and without nscd, and with static NSS modules."
("gmp-native" ,gmp)
("mpfr-native" ,mpfr)
("mpc-native" ,mpc)
- ,@(package-native-inputs gcc-4.8))
- (package-native-inputs gcc-4.8))))))
+ ,@(package-native-inputs gcc-4.9))
+ (package-native-inputs gcc-4.9))))))
(define %gcc-stripped
;; The subset of GCC files needed for bootstrap.
- (package (inherit gcc-4.8)
+ (package (inherit gcc-4.9)
(name "gcc-stripped")
(build-system trivial-build-system)
(source #f)
diff --git a/gnu/packages/nettle.scm b/gnu/packages/nettle.scm
index ed140d43c0..77c5080c0a 100644
--- a/gnu/packages/nettle.scm
+++ b/gnu/packages/nettle.scm
@@ -56,17 +56,17 @@ themselves.")
(license gpl2+)))
(define-public nettle
- ;; This version is not API-compatible with version 2. In particular GnuTLS
+ ;; This version is not API-compatible with version 2. In particular, lsh
;; cannot use it yet. So keep it separate.
(package (inherit nettle-2)
- (version "3.1")
+ (version "3.1.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/nettle/nettle-"
version ".tar.gz"))
(sha256
(base32
- "1ly9kz5fgc8ilykz07crqwgjsfn4p2s6565gj1aq0w4fr179v1gn"))))
+ "0k1x57zviysvi91lkk66cg8v819vywm5g5yqs22wppfqcifx5m2z"))))
(arguments
(substitute-keyword-arguments (package-arguments nettle-2)
((#:configure-flags flags)
diff --git a/gnu/packages/openssl.scm b/gnu/packages/openssl.scm
index dec51a1e04..92f702e59d 100644
--- a/gnu/packages/openssl.scm
+++ b/gnu/packages/openssl.scm
@@ -29,14 +29,14 @@
(define-public openssl
(package
(name "openssl")
- (version "1.0.2b")
+ (version "1.0.2c")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.openssl.org/source/openssl-" version
".tar.gz"))
(sha256
(base32
- "0gwf4fy1yqmai6wph0g9lh09iarwxaa70hm7jm0rf1qakz68im6m"))
+ "10vasdg52qiyqvgbp14n9z7ghglmhzvag9qpiz2nfqssycvvlf00"))
(patches (list (search-patch "openssl-runpath.patch")))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl)))
diff --git a/gnu/packages/patches/cpio-fix-symlink-bad-length-test.patch b/gnu/packages/patches/cpio-fix-symlink-bad-length-test.patch
new file mode 100644
index 0000000000..58a5a478c9
--- /dev/null
+++ b/gnu/packages/patches/cpio-fix-symlink-bad-length-test.patch
@@ -0,0 +1,44 @@
+From bebf9662c406d1d137a66c567d8748b489d352e7 Mon Sep 17 00:00:00 2001
+From: Pavel Raiskup <praiskup@redhat.com>
+Date: Thu, 4 Jun 2015 13:27:42 +0200
+Subject: [PATCH] tests: fix expected output for old file
+
+Thanks Victor Rodriguez. Upstream thread:
+http://lists.gnu.org/archive/html/bug-cpio/2015-06/msg00000.html
+
+* tests/symlink-bad-length.at (STDOUT): Expect the year string
+'2014' is printed and not time because the file in archive is
+older than 6 months.
+* Thanks: Mention Victor.
+---
+ THANKS | 1 +
+ tests/symlink-bad-length.at | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/THANKS b/THANKS
+index 45b0dfb..3228df9 100644
+--- a/THANKS
++++ b/THANKS
+@@ -23,6 +23,7 @@ Mitsuru Chinen <mchinen@yamato.ibm.com>
+ Peter Breitenlohner <peb@mppmu.mpg.de>
+ Peter Vrabec <pvrabec@redhat.com>
+ Robert Millan <rmh@aybabtu.com>
++Victor Rodriguez <vm.rod25@gmail.com>
+
+ Local Variables:
+ mode: Fundamental
+diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at
+index e1a7093..2cdc692 100644
+--- a/tests/symlink-bad-length.at
++++ b/tests/symlink-bad-length.at
+@@ -57,7 +57,7 @@ cat stderr | grep -v \
+ echo >&2 STDERR
+ ],
+ [0],
+-[-rw-rw-r-- 1 10029 10031 13 Nov 25 11:52 FILE
++[-rw-rw-r-- 1 10029 10031 13 Nov 25 2014 FILE
+ ],[STDERR
+ ])
+
+--
+2.1.0
diff --git a/gnu/packages/patches/findutils-localstatedir.patch b/gnu/packages/patches/findutils-localstatedir.patch
new file mode 100644
index 0000000000..c774303cf1
--- /dev/null
+++ b/gnu/packages/patches/findutils-localstatedir.patch
@@ -0,0 +1,14 @@
+Do not try to create $localstatedir (aka. /var) since we don't have
+write access.
+
+--- findutils-4.4.2/locate/Makefile.in 2015-06-04 12:40:52.690935795 +0200
++++ findutils-4.4.2/locate/Makefile.in 2015-06-04 12:41:32.087286685 +0200
+@@ -1212,7 +1212,7 @@ updatedb: updatedb.sh Makefile
+ chmod +x $@
+
+ install-data-hook:
+- $(top_srcdir)/build-aux/mkinstalldirs $(DESTDIR)$(localstatedir)
++ true
+
+ dblocation.texi: Makefile
+ echo '@set LOCATE_DB $(LOCATE_DB)' > $@
diff --git a/gnu/packages/patches/gawk-shell.patch b/gnu/packages/patches/gawk-shell.patch
index 89b8540a8d..80e9c65475 100644
--- a/gnu/packages/patches/gawk-shell.patch
+++ b/gnu/packages/patches/gawk-shell.patch
@@ -2,9 +2,9 @@ As for libc's `system', change Awk to look for `sh' in $PATH. This patch is
only meant to be used during bootstrapping, where we don't know in advance the
absolute file name of `sh'.
---- gawk-4.0.0/io.c 2011-05-18 20:47:29.000000000 +0200
-+++ gawk-4.0.0/io.c 2012-12-18 15:56:06.000000000 +0100
-@@ -1759,7 +1759,7 @@ two_way_open(const char *str, struct red
+--- gawk-4.1.3/io.c 2015-05-19 15:37:20.000000000 +0200
++++ gawk-4.1.3/io.c 2015-06-09 18:39:36.918414881 +0200
+@@ -1945,7 +1945,7 @@ two_way_open(const char *str, struct red
signal(SIGPIPE, SIG_DFL);
@@ -13,22 +13,22 @@ absolute file name of `sh'.
_exit(errno == ENOENT ? 127 : 126);
case -1:
-@@ -1924,7 +1924,7 @@ use_pipes:
- || close(ctop[0]) == -1 || close(ctop[1]) == -1)
+@@ -2129,7 +2129,7 @@ use_pipes:
fatal(_("close of pipe failed (%s)"), strerror(errno));
/* stderr does NOT get dup'ed onto child's stdout */
+ signal(SIGPIPE, SIG_DFL);
- execl("/bin/sh", "sh", "-c", str, NULL);
+ execlp("sh", "sh", "-c", str, NULL);
_exit(errno == ENOENT ? 127 : 126);
}
- #endif /* NOT __EMX__ */
-@@ -2074,7 +2074,7 @@ gawk_popen(const char *cmd, struct redir
- fatal(_("moving pipe to stdout in child failed (dup: %s)"), strerror(errno));
+ #endif /* NOT __EMX__, NOT __MINGW32__ */
+@@ -2323,7 +2323,7 @@ gawk_popen(const char *cmd, struct redir
if (close(p[0]) == -1 || close(p[1]) == -1)
fatal(_("close of pipe failed (%s)"), strerror(errno));
+ signal(SIGPIPE, SIG_DFL);
- execl("/bin/sh", "sh", "-c", cmd, NULL);
+ execlp("sh", "sh", "-c", cmd, NULL);
_exit(errno == ENOENT ? 127 : 126);
}
- #endif /* NOT __EMX__ */
+ #endif /* NOT __EMX__, NOT __MINGW32__ */
diff --git a/gnu/packages/patches/gcc-arm-link-spec-fix.patch b/gnu/packages/patches/gcc-arm-link-spec-fix.patch
index 0ffe8a1810..e00ed1bac0 100644
--- a/gnu/packages/patches/gcc-arm-link-spec-fix.patch
+++ b/gnu/packages/patches/gcc-arm-link-spec-fix.patch
@@ -1,6 +1,10 @@
Do not pass -dynamic-linker to linker when !shared.
Fixes <http://bugs.gnu.org/20102>.
+ARM 'link' spec issue reported at
+https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65711 and
+https://gcc.gnu.org/ml/gcc-patches/2015-04/msg01387.html.
+
Patch by Ludovic Courtès <ludo@gnu.org>.
--- gcc-4.8.4/gcc/config/arm/linux-elf.h.orig 2015-04-08 20:31:20.376900478 +0200
diff --git a/gnu/packages/patches/gettext-msgunfmt.patch b/gnu/packages/patches/gettext-msgunfmt.patch
new file mode 100644
index 0000000000..4a50abddc2
--- /dev/null
+++ b/gnu/packages/patches/gettext-msgunfmt.patch
@@ -0,0 +1,58 @@
+From <http://git.savannah.gnu.org/cgit/gettext.git/patch/?id=5d3eeaa0d3b7f4f6932bd29d859925a940b69459>.
+
+2015-03-11 Daiki Ueno <ueno@gnu.org>
+
+ msgunfmt: Check allocated size for static segment
+ Reported by Max Lin in:
+ http://lists.gnu.org/archive/html/bug-gettext/2015-03/msg00005.html
+ * read-mo.c (get_sysdep_string): Check if the embedded segment
+ size is valid, before adding it to the string length.
+
+diff --git a/gettext-tools/src/read-mo.c b/gettext-tools/src/read-mo.c
+index b97bbad..1c024a8 100644
+--- a/gettext-tools/src/read-mo.c
++++ b/gettext-tools/src/read-mo.c
+@@ -149,6 +149,7 @@ get_sysdep_string (const struct binary_mo_file *bfp, size_t offset,
+ nls_uint32 s_offset;
+
+ /* Compute the length. */
++ s_offset = get_uint32 (bfp, offset);
+ length = 0;
+ for (i = 4; ; i += 8)
+ {
+@@ -158,9 +159,14 @@ get_sysdep_string (const struct binary_mo_file *bfp, size_t offset,
+ nls_uint32 ss_length;
+ nls_uint32 ss_offset;
+ size_t ss_end;
++ size_t s_end;
+ size_t n;
+
++ s_end = xsum (s_offset, segsize);
++ if (size_overflow_p (s_end) || s_end > bfp->size)
++ error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
+ length += segsize;
++ s_offset += segsize;
+
+ if (sysdepref == SEGMENTS_END)
+ break;
+@@ -175,7 +181,7 @@ get_sysdep_string (const struct binary_mo_file *bfp, size_t offset,
+ ss_end = xsum (ss_offset, ss_length);
+ if (size_overflow_p (ss_end) || ss_end > bfp->size)
+ error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
+- if (!(ss_length > 0 && bfp->data[ss_offset + ss_length - 1] == '\0'))
++ if (!(ss_length > 0 && bfp->data[ss_end - 1] == '\0'))
+ {
+ char location[30];
+ sprintf (location, "sysdep_segment[%u]", (unsigned int) sysdepref);
+@@ -198,11 +204,8 @@ get_sysdep_string (const struct binary_mo_file *bfp, size_t offset,
+ nls_uint32 sysdep_segment_offset;
+ nls_uint32 ss_length;
+ nls_uint32 ss_offset;
+- size_t s_end = xsum (s_offset, segsize);
+ size_t n;
+
+- if (size_overflow_p (s_end) || s_end > bfp->size)
+- error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
+ memcpy (p, bfp->data + s_offset, segsize);
+ p += segsize;
+ s_offset += segsize;
diff --git a/gnu/packages/patches/guile-linux-syscalls.patch b/gnu/packages/patches/guile-linux-syscalls.patch
index 57c7f2589d..25a5e90e35 100644
--- a/gnu/packages/patches/guile-linux-syscalls.patch
+++ b/gnu/packages/patches/guile-linux-syscalls.patch
@@ -7,12 +7,13 @@ diff --git a/libguile/posix.c b/libguile/posix.c
index 324f21b..cbee94d 100644
--- a/libguile/posix.c
+++ b/libguile/posix.c
-@@ -2286,6 +2286,261 @@ scm_init_popen (void)
+@@ -2245,6 +2245,263 @@ scm_init_popen (void)
}
#endif
+
+/* Linux! */
++#ifdef __linux__
+
+#include <sys/mount.h>
+#include "libguile/foreign.h"
@@ -265,7 +266,10 @@ index 324f21b..cbee94d 100644
+ return scm_from_short (ifr.ifr_flags);
+}
+#undef FUNC_NAME
++#endif
+
void
scm_init_posix ()
{
+--
+2.4.1
diff --git a/gnu/packages/patches/libtiff-CVE-2012-4564.patch b/gnu/packages/patches/libtiff-CVE-2012-4564.patch
new file mode 100644
index 0000000000..472f9ca35f
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2012-4564.patch
@@ -0,0 +1,33 @@
+Copied from Debian
+
+Index: tiff-4.0.3/tools/ppm2tiff.c
+===================================================================
+--- tiff-4.0.3.orig/tools/ppm2tiff.c 2013-06-23 10:36:50.779629492 -0400
++++ tiff-4.0.3/tools/ppm2tiff.c 2013-06-23 10:36:50.775629494 -0400
+@@ -89,6 +89,7 @@
+ int c;
+ extern int optind;
+ extern char* optarg;
++ tmsize_t scanline_size;
+
+ if (argc < 2) {
+ fprintf(stderr, "%s: Too few arguments\n", argv[0]);
+@@ -237,8 +238,16 @@
+ }
+ if (TIFFScanlineSize(out) > linebytes)
+ buf = (unsigned char *)_TIFFmalloc(linebytes);
+- else
+- buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
++ else {
++ scanline_size = TIFFScanlineSize(out);
++ if (scanline_size != 0)
++ buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
++ else {
++ fprintf(stderr, "%s: scanline size overflow\n",infile);
++ (void) TIFFClose(out);
++ exit(-2);
++ }
++ }
+ if (resolution > 0) {
+ TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution);
+ TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution);
diff --git a/gnu/packages/patches/libtiff-CVE-2013-1960.patch b/gnu/packages/patches/libtiff-CVE-2013-1960.patch
new file mode 100644
index 0000000000..341063f25d
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2013-1960.patch
@@ -0,0 +1,148 @@
+Copied from Debian
+
+Index: tiff-4.0.3/tools/tiff2pdf.c
+===================================================================
+--- tiff-4.0.3.orig/tools/tiff2pdf.c 2013-06-23 10:36:50.979629486 -0400
++++ tiff-4.0.3/tools/tiff2pdf.c 2013-06-23 10:36:50.975629486 -0400
+@@ -3341,33 +3341,56 @@
+ uint32 height){
+
+ tsize_t i=0;
+- uint16 ri =0;
+- uint16 v_samp=1;
+- uint16 h_samp=1;
+- int j=0;
+-
+- i++;
+-
+- while(i<(*striplength)){
++
++ while (i < *striplength) {
++ tsize_t datalen;
++ uint16 ri;
++ uint16 v_samp;
++ uint16 h_samp;
++ int j;
++ int ncomp;
++
++ /* marker header: one or more FFs */
++ if (strip[i] != 0xff)
++ return(0);
++ i++;
++ while (i < *striplength && strip[i] == 0xff)
++ i++;
++ if (i >= *striplength)
++ return(0);
++ /* SOI is the only pre-SOS marker without a length word */
++ if (strip[i] == 0xd8)
++ datalen = 0;
++ else {
++ if ((*striplength - i) <= 2)
++ return(0);
++ datalen = (strip[i+1] << 8) | strip[i+2];
++ if (datalen < 2 || datalen >= (*striplength - i))
++ return(0);
++ }
+ switch( strip[i] ){
+- case 0xd8:
+- /* SOI - start of image */
++ case 0xd8: /* SOI - start of image */
+ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), 2);
+ *bufferoffset+=2;
+- i+=2;
+ break;
+- case 0xc0:
+- case 0xc1:
+- case 0xc3:
+- case 0xc9:
+- case 0xca:
++ case 0xc0: /* SOF0 */
++ case 0xc1: /* SOF1 */
++ case 0xc3: /* SOF3 */
++ case 0xc9: /* SOF9 */
++ case 0xca: /* SOF10 */
+ if(no==0){
+- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2);
+- for(j=0;j<buffer[*bufferoffset+9];j++){
+- if( (buffer[*bufferoffset+11+(2*j)]>>4) > h_samp)
+- h_samp = (buffer[*bufferoffset+11+(2*j)]>>4);
+- if( (buffer[*bufferoffset+11+(2*j)] & 0x0f) > v_samp)
+- v_samp = (buffer[*bufferoffset+11+(2*j)] & 0x0f);
++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2);
++ ncomp = buffer[*bufferoffset+9];
++ if (ncomp < 1 || ncomp > 4)
++ return(0);
++ v_samp=1;
++ h_samp=1;
++ for(j=0;j<ncomp;j++){
++ uint16 samp = buffer[*bufferoffset+11+(3*j)];
++ if( (samp>>4) > h_samp)
++ h_samp = (samp>>4);
++ if( (samp & 0x0f) > v_samp)
++ v_samp = (samp & 0x0f);
+ }
+ v_samp*=8;
+ h_samp*=8;
+@@ -3381,45 +3404,43 @@
+ (unsigned char) ((height>>8) & 0xff);
+ buffer[*bufferoffset+6]=
+ (unsigned char) (height & 0xff);
+- *bufferoffset+=strip[i+2]+2;
+- i+=strip[i+2]+2;
+-
++ *bufferoffset+=datalen+2;
++ /* insert a DRI marker */
+ buffer[(*bufferoffset)++]=0xff;
+ buffer[(*bufferoffset)++]=0xdd;
+ buffer[(*bufferoffset)++]=0x00;
+ buffer[(*bufferoffset)++]=0x04;
+ buffer[(*bufferoffset)++]=(ri >> 8) & 0xff;
+ buffer[(*bufferoffset)++]= ri & 0xff;
+- } else {
+- i+=strip[i+2]+2;
+ }
+ break;
+- case 0xc4:
+- case 0xdb:
+- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2);
+- *bufferoffset+=strip[i+2]+2;
+- i+=strip[i+2]+2;
++ case 0xc4: /* DHT */
++ case 0xdb: /* DQT */
++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2);
++ *bufferoffset+=datalen+2;
+ break;
+- case 0xda:
++ case 0xda: /* SOS */
+ if(no==0){
+- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2);
+- *bufferoffset+=strip[i+2]+2;
+- i+=strip[i+2]+2;
++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2);
++ *bufferoffset+=datalen+2;
+ } else {
+ buffer[(*bufferoffset)++]=0xff;
+ buffer[(*bufferoffset)++]=
+ (unsigned char)(0xd0 | ((no-1)%8));
+- i+=strip[i+2]+2;
+ }
+- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), (*striplength)-i-1);
+- *bufferoffset+=(*striplength)-i-1;
++ i += datalen + 1;
++ /* copy remainder of strip */
++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i]), *striplength - i);
++ *bufferoffset+= *striplength - i;
+ return(1);
+ default:
+- i+=strip[i+2]+2;
++ /* ignore any other marker */
++ break;
+ }
++ i += datalen + 1;
+ }
+-
+
++ /* failed to find SOS marker */
+ return(0);
+ }
+ #endif
diff --git a/gnu/packages/patches/libtiff-CVE-2013-1961.patch b/gnu/packages/patches/libtiff-CVE-2013-1961.patch
new file mode 100644
index 0000000000..9c2481ce83
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2013-1961.patch
@@ -0,0 +1,770 @@
+Copied from Debian
+
+Index: tiff-4.0.3/contrib/dbs/xtiff/xtiff.c
+===================================================================
+--- tiff-4.0.3.orig/contrib/dbs/xtiff/xtiff.c 2013-06-23 10:36:51.163629483 -0400
++++ tiff-4.0.3/contrib/dbs/xtiff/xtiff.c 2013-06-23 10:36:51.147629484 -0400
+@@ -512,9 +512,9 @@
+ Arg args[1];
+
+ if (tfMultiPage)
+- sprintf(buffer, "%s - page %d", fileName, tfDirectory);
++ snprintf(buffer, sizeof(buffer), "%s - page %d", fileName, tfDirectory);
+ else
+- strcpy(buffer, fileName);
++ snprintf(buffer, sizeof(buffer), "%s", fileName);
+ XtSetArg(args[0], XtNlabel, buffer);
+ XtSetValues(labelWidget, args, 1);
+ }
+Index: tiff-4.0.3/libtiff/tif_dirinfo.c
+===================================================================
+--- tiff-4.0.3.orig/libtiff/tif_dirinfo.c 2013-06-23 10:36:51.163629483 -0400
++++ tiff-4.0.3/libtiff/tif_dirinfo.c 2013-06-23 10:36:51.147629484 -0400
+@@ -711,7 +711,7 @@
+ * note that this name is a special sign to TIFFClose() and
+ * _TIFFSetupFields() to free the field
+ */
+- sprintf(fld->field_name, "Tag %d", (int) tag);
++ snprintf(fld->field_name, 32, "Tag %d", (int) tag);
+
+ return fld;
+ }
+Index: tiff-4.0.3/libtiff/tif_codec.c
+===================================================================
+--- tiff-4.0.3.orig/libtiff/tif_codec.c 2013-06-23 10:36:51.163629483 -0400
++++ tiff-4.0.3/libtiff/tif_codec.c 2013-06-23 10:36:51.151629482 -0400
+@@ -108,7 +108,8 @@
+ const TIFFCodec* c = TIFFFindCODEC(tif->tif_dir.td_compression);
+ char compression_code[20];
+
+- sprintf( compression_code, "%d", tif->tif_dir.td_compression );
++ snprintf(compression_code, sizeof(compression_code), "%d",
++ tif->tif_dir.td_compression );
+ TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
+ "%s compression support is not configured",
+ c ? c->name : compression_code );
+Index: tiff-4.0.3/tools/tiffdither.c
+===================================================================
+--- tiff-4.0.3.orig/tools/tiffdither.c 2013-06-23 10:36:51.163629483 -0400
++++ tiff-4.0.3/tools/tiffdither.c 2013-06-23 10:36:51.151629482 -0400
+@@ -260,7 +260,7 @@
+ TIFFSetField(out, TIFFTAG_FILLORDER, fillorder);
+ else
+ CopyField(TIFFTAG_FILLORDER, shortv);
+- sprintf(thing, "Dithered B&W version of %s", argv[optind]);
++ snprintf(thing, sizeof(thing), "Dithered B&W version of %s", argv[optind]);
+ TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, thing);
+ CopyField(TIFFTAG_PHOTOMETRIC, shortv);
+ CopyField(TIFFTAG_ORIENTATION, shortv);
+Index: tiff-4.0.3/tools/rgb2ycbcr.c
+===================================================================
+--- tiff-4.0.3.orig/tools/rgb2ycbcr.c 2013-06-23 10:36:51.163629483 -0400
++++ tiff-4.0.3/tools/rgb2ycbcr.c 2013-06-23 10:36:51.151629482 -0400
+@@ -332,7 +332,8 @@
+ TIFFSetField(out, TIFFTAG_PLANARCONFIG, PLANARCONFIG_CONTIG);
+ { char buf[2048];
+ char *cp = strrchr(TIFFFileName(in), '/');
+- sprintf(buf, "YCbCr conversion of %s", cp ? cp+1 : TIFFFileName(in));
++ snprintf(buf, sizeof(buf), "YCbCr conversion of %s",
++ cp ? cp+1 : TIFFFileName(in));
+ TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, buf);
+ }
+ TIFFSetField(out, TIFFTAG_SOFTWARE, TIFFGetVersion());
+Index: tiff-4.0.3/tools/tiff2pdf.c
+===================================================================
+--- tiff-4.0.3.orig/tools/tiff2pdf.c 2013-06-23 10:36:51.163629483 -0400
++++ tiff-4.0.3/tools/tiff2pdf.c 2013-06-23 10:36:51.151629482 -0400
+@@ -3630,7 +3630,9 @@
+ char buffer[16];
+ int buflen=0;
+
+- buflen=sprintf(buffer, "%%PDF-%u.%u ", t2p->pdf_majorversion&0xff, t2p->pdf_minorversion&0xff);
++ buflen = snprintf(buffer, sizeof(buffer), "%%PDF-%u.%u ",
++ t2p->pdf_majorversion&0xff,
++ t2p->pdf_minorversion&0xff);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t)"\n%\342\343\317\323\n", 7);
+
+@@ -3644,10 +3646,10 @@
+ tsize_t t2p_write_pdf_obj_start(uint32 number, TIFF* output){
+
+ tsize_t written=0;
+- char buffer[16];
++ char buffer[32];
+ int buflen=0;
+
+- buflen=sprintf(buffer, "%lu", (unsigned long)number);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)number);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen );
+ written += t2pWriteFile(output, (tdata_t) " 0 obj\n", 7);
+
+@@ -3686,13 +3688,13 @@
+ written += t2pWriteFile(output, (tdata_t) "/", 1);
+ for (i=0;i<namelen;i++){
+ if ( ((unsigned char)name[i]) < 0x21){
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ nextchar=1;
+ }
+ if ( ((unsigned char)name[i]) > 0x7E){
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ nextchar=1;
+@@ -3700,57 +3702,57 @@
+ if (nextchar==0){
+ switch (name[i]){
+ case 0x23:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x25:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x28:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x29:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x2F:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x3C:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x3E:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x5B:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x5D:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x7B:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+ case 0x7D:
+- sprintf(buffer, "#%.2X", name[i]);
++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]);
+ buffer[sizeof(buffer) - 1] = '\0';
+ written += t2pWriteFile(output, (tdata_t) buffer, 3);
+ break;
+@@ -3865,14 +3867,14 @@
+ tsize_t t2p_write_pdf_stream_dict(tsize_t len, uint32 number, TIFF* output){
+
+ tsize_t written=0;
+- char buffer[16];
++ char buffer[32];
+ int buflen=0;
+
+ written += t2pWriteFile(output, (tdata_t) "/Length ", 8);
+ if(len!=0){
+ written += t2p_write_pdf_stream_length(len, output);
+ } else {
+- buflen=sprintf(buffer, "%lu", (unsigned long)number);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)number);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6);
+ }
+@@ -3913,10 +3915,10 @@
+ tsize_t t2p_write_pdf_stream_length(tsize_t len, TIFF* output){
+
+ tsize_t written=0;
+- char buffer[16];
++ char buffer[32];
+ int buflen=0;
+
+- buflen=sprintf(buffer, "%lu", (unsigned long)len);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)len);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "\n", 1);
+
+@@ -3930,7 +3932,7 @@
+ tsize_t t2p_write_pdf_catalog(T2P* t2p, TIFF* output)
+ {
+ tsize_t written = 0;
+- char buffer[16];
++ char buffer[32];
+ int buflen = 0;
+
+ written += t2pWriteFile(output,
+@@ -3969,7 +3971,6 @@
+ written += t2p_write_pdf_string(t2p->pdf_datetime, output);
+ }
+ written += t2pWriteFile(output, (tdata_t) "\n/Producer ", 11);
+- _TIFFmemset((tdata_t)buffer, 0x00, sizeof(buffer));
+ snprintf(buffer, sizeof(buffer), "libtiff / tiff2pdf - %d", TIFFLIB_VERSION);
+ written += t2p_write_pdf_string(buffer, output);
+ written += t2pWriteFile(output, (tdata_t) "\n", 1);
+@@ -4110,7 +4111,7 @@
+ {
+ tsize_t written=0;
+ tdir_t i=0;
+- char buffer[16];
++ char buffer[32];
+ int buflen=0;
+
+ int page=0;
+@@ -4118,7 +4119,7 @@
+ (tdata_t) "<< \n/Type /Pages \n/Kids [ ", 26);
+ page = t2p->pdf_pages+1;
+ for (i=0;i<t2p->tiff_pagecount;i++){
+- buflen=sprintf(buffer, "%d", page);
++ buflen=snprintf(buffer, sizeof(buffer), "%d", page);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R ", 5);
+ if ( ((i+1)%8)==0 ) {
+@@ -4133,8 +4134,7 @@
+ }
+ }
+ written += t2pWriteFile(output, (tdata_t) "] \n/Count ", 10);
+- _TIFFmemset(buffer, 0x00, 16);
+- buflen=sprintf(buffer, "%d", t2p->tiff_pagecount);
++ buflen=snprintf(buffer, sizeof(buffer), "%d", t2p->tiff_pagecount);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " \n>> \n", 6);
+
+@@ -4149,28 +4149,28 @@
+
+ unsigned int i=0;
+ tsize_t written=0;
+- char buffer[16];
++ char buffer[256];
+ int buflen=0;
+
+ written += t2pWriteFile(output, (tdata_t) "<<\n/Type /Page \n/Parent ", 24);
+- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_pages);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_pages);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6);
+ written += t2pWriteFile(output, (tdata_t) "/MediaBox [", 11);
+- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.x1);
++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.x1);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " ", 1);
+- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.y1);
++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.y1);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " ", 1);
+- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.x2);
++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.x2);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " ", 1);
+- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.y2);
++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.y2);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "] \n", 3);
+ written += t2pWriteFile(output, (tdata_t) "/Contents ", 10);
+- buflen=sprintf(buffer, "%lu", (unsigned long)(object + 1));
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(object + 1));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6);
+ written += t2pWriteFile(output, (tdata_t) "/Resources << \n", 15);
+@@ -4178,15 +4178,13 @@
+ written += t2pWriteFile(output, (tdata_t) "/XObject <<\n", 12);
+ for(i=0;i<t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount;i++){
+ written += t2pWriteFile(output, (tdata_t) "/Im", 3);
+- buflen = sprintf(buffer, "%u", t2p->pdf_page+1);
++ buflen = snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "_", 1);
+- buflen = sprintf(buffer, "%u", i+1);
++ buflen = snprintf(buffer, sizeof(buffer), "%u", i+1);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " ", 1);
+- buflen = sprintf(
+- buffer,
+- "%lu",
++ buflen = snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)(object+3+(2*i)+t2p->tiff_pages[t2p->pdf_page].page_extra));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R ", 5);
+@@ -4198,12 +4196,10 @@
+ } else {
+ written += t2pWriteFile(output, (tdata_t) "/XObject <<\n", 12);
+ written += t2pWriteFile(output, (tdata_t) "/Im", 3);
+- buflen = sprintf(buffer, "%u", t2p->pdf_page+1);
++ buflen = snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " ", 1);
+- buflen = sprintf(
+- buffer,
+- "%lu",
++ buflen = snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)(object+3+(2*i)+t2p->tiff_pages[t2p->pdf_page].page_extra));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R ", 5);
+@@ -4212,9 +4208,7 @@
+ if(t2p->tiff_transferfunctioncount != 0) {
+ written += t2pWriteFile(output, (tdata_t) "/ExtGState <<", 13);
+ t2pWriteFile(output, (tdata_t) "/GS1 ", 5);
+- buflen = sprintf(
+- buffer,
+- "%lu",
++ buflen = snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)(object + 3));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R ", 5);
+@@ -4587,7 +4581,7 @@
+ if(t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount>0){
+ for(i=0;i<t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount; i++){
+ box=t2p->tiff_tiles[t2p->pdf_page].tiles_tiles[i].tile_box;
+- buflen=sprintf(buffer,
++ buflen=snprintf(buffer, sizeof(buffer),
+ "q %s %.4f %.4f %.4f %.4f %.4f %.4f cm /Im%d_%ld Do Q\n",
+ t2p->tiff_transferfunctioncount?"/GS1 gs ":"",
+ box.mat[0],
+@@ -4602,7 +4596,7 @@
+ }
+ } else {
+ box=t2p->pdf_imagebox;
+- buflen=sprintf(buffer,
++ buflen=snprintf(buffer, sizeof(buffer),
+ "q %s %.4f %.4f %.4f %.4f %.4f %.4f cm /Im%d Do Q\n",
+ t2p->tiff_transferfunctioncount?"/GS1 gs ":"",
+ box.mat[0],
+@@ -4627,59 +4621,48 @@
+ TIFF* output){
+
+ tsize_t written=0;
+- char buffer[16];
++ char buffer[32];
+ int buflen=0;
+
+ written += t2p_write_pdf_stream_dict(0, t2p->pdf_xrefcount+1, output);
+ written += t2pWriteFile(output,
+ (tdata_t) "/Type /XObject \n/Subtype /Image \n/Name /Im",
+ 42);
+- buflen=sprintf(buffer, "%u", t2p->pdf_page+1);
++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ if(tile != 0){
+ written += t2pWriteFile(output, (tdata_t) "_", 1);
+- buflen=sprintf(buffer, "%lu", (unsigned long)tile);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)tile);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ }
+ written += t2pWriteFile(output, (tdata_t) "\n/Width ", 8);
+- _TIFFmemset((tdata_t)buffer, 0x00, 16);
+ if(tile==0){
+- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->tiff_width);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_width);
+ } else {
+ if(t2p_tile_is_right_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)!=0){
+- buflen=sprintf(
+- buffer,
+- "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilewidth);
+ } else {
+- buflen=sprintf(
+- buffer,
+- "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilewidth);
+ }
+ }
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "\n/Height ", 9);
+- _TIFFmemset((tdata_t)buffer, 0x00, 16);
+ if(tile==0){
+- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->tiff_length);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_length);
+ } else {
+ if(t2p_tile_is_bottom_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)!=0){
+- buflen=sprintf(
+- buffer,
+- "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilelength);
+ } else {
+- buflen=sprintf(
+- buffer,
+- "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilelength);
+ }
+ }
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "\n/BitsPerComponent ", 19);
+- _TIFFmemset((tdata_t)buffer, 0x00, 16);
+- buflen=sprintf(buffer, "%u", t2p->tiff_bitspersample);
++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_bitspersample);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "\n/ColorSpace ", 13);
+ written += t2p_write_pdf_xobject_cs(t2p, output);
+@@ -4723,11 +4706,10 @@
+ t2p->pdf_colorspace ^= T2P_CS_PALETTE;
+ written += t2p_write_pdf_xobject_cs(t2p, output);
+ t2p->pdf_colorspace |= T2P_CS_PALETTE;
+- buflen=sprintf(buffer, "%u", (0x0001 << t2p->tiff_bitspersample)-1 );
++ buflen=snprintf(buffer, sizeof(buffer), "%u", (0x0001 << t2p->tiff_bitspersample)-1 );
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " ", 1);
+- _TIFFmemset(buffer, 0x00, 16);
+- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_palettecs );
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_palettecs );
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R ]\n", 7);
+ return(written);
+@@ -4761,10 +4743,10 @@
+ X_W /= Y_W;
+ Z_W /= Y_W;
+ Y_W = 1.0F;
+- buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W);
++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "/Range ", 7);
+- buflen=sprintf(buffer, "[%d %d %d %d] \n",
++ buflen=snprintf(buffer, sizeof(buffer), "[%d %d %d %d] \n",
+ t2p->pdf_labrange[0],
+ t2p->pdf_labrange[1],
+ t2p->pdf_labrange[2],
+@@ -4780,26 +4762,26 @@
+ tsize_t t2p_write_pdf_transfer(T2P* t2p, TIFF* output){
+
+ tsize_t written=0;
+- char buffer[16];
++ char buffer[32];
+ int buflen=0;
+
+ written += t2pWriteFile(output, (tdata_t) "<< /Type /ExtGState \n/TR ", 25);
+ if(t2p->tiff_transferfunctioncount == 1){
+- buflen=sprintf(buffer, "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)(t2p->pdf_xrefcount + 1));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R ", 5);
+ } else {
+ written += t2pWriteFile(output, (tdata_t) "[ ", 2);
+- buflen=sprintf(buffer, "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)(t2p->pdf_xrefcount + 1));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R ", 5);
+- buflen=sprintf(buffer, "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)(t2p->pdf_xrefcount + 2));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R ", 5);
+- buflen=sprintf(buffer, "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)(t2p->pdf_xrefcount + 3));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R ", 5);
+@@ -4821,7 +4803,7 @@
+ written += t2pWriteFile(output, (tdata_t) "/FunctionType 0 \n", 17);
+ written += t2pWriteFile(output, (tdata_t) "/Domain [0.0 1.0] \n", 19);
+ written += t2pWriteFile(output, (tdata_t) "/Range [0.0 1.0] \n", 18);
+- buflen=sprintf(buffer, "/Size [%u] \n", (1<<t2p->tiff_bitspersample));
++ buflen=snprintf(buffer, sizeof(buffer), "/Size [%u] \n", (1<<t2p->tiff_bitspersample));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "/BitsPerSample 16 \n", 19);
+ written += t2p_write_pdf_stream_dict(((tsize_t)1)<<(t2p->tiff_bitspersample+1), 0, output);
+@@ -4848,7 +4830,7 @@
+ tsize_t t2p_write_pdf_xobject_calcs(T2P* t2p, TIFF* output){
+
+ tsize_t written=0;
+- char buffer[128];
++ char buffer[256];
+ int buflen=0;
+
+ float X_W=0.0;
+@@ -4916,16 +4898,16 @@
+ written += t2pWriteFile(output, (tdata_t) "<< \n", 4);
+ if(t2p->pdf_colorspace & T2P_CS_CALGRAY){
+ written += t2pWriteFile(output, (tdata_t) "/WhitePoint ", 12);
+- buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W);
++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "/Gamma 2.2 \n", 12);
+ }
+ if(t2p->pdf_colorspace & T2P_CS_CALRGB){
+ written += t2pWriteFile(output, (tdata_t) "/WhitePoint ", 12);
+- buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W);
++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "/Matrix ", 8);
+- buflen=sprintf(buffer, "[%.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f] \n",
++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f] \n",
+ X_R, Y_R, Z_R,
+ X_G, Y_G, Z_G,
+ X_B, Y_B, Z_B);
+@@ -4944,11 +4926,11 @@
+ tsize_t t2p_write_pdf_xobject_icccs(T2P* t2p, TIFF* output){
+
+ tsize_t written=0;
+- char buffer[16];
++ char buffer[32];
+ int buflen=0;
+
+ written += t2pWriteFile(output, (tdata_t) "[/ICCBased ", 11);
+- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_icccs);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_icccs);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " 0 R] \n", 7);
+
+@@ -4958,11 +4940,11 @@
+ tsize_t t2p_write_pdf_xobject_icccs_dict(T2P* t2p, TIFF* output){
+
+ tsize_t written=0;
+- char buffer[16];
++ char buffer[32];
+ int buflen=0;
+
+ written += t2pWriteFile(output, (tdata_t) "/N ", 3);
+- buflen=sprintf(buffer, "%u \n", t2p->tiff_samplesperpixel);
++ buflen=snprintf(buffer, sizeof(buffer), "%u \n", t2p->tiff_samplesperpixel);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) "/Alternate ", 11);
+ t2p->pdf_colorspace ^= T2P_CS_ICCBASED;
+@@ -5027,7 +5009,7 @@
+ tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output){
+
+ tsize_t written=0;
+- char buffer[16];
++ char buffer[32];
+ int buflen=0;
+
+ if(t2p->pdf_compression==T2P_COMPRESS_NONE){
+@@ -5042,41 +5024,33 @@
+ written += t2pWriteFile(output, (tdata_t) "<< /K -1 ", 9);
+ if(tile==0){
+ written += t2pWriteFile(output, (tdata_t) "/Columns ", 9);
+- buflen=sprintf(buffer, "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_width);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " /Rows ", 7);
+- buflen=sprintf(buffer, "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_length);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ } else {
+ if(t2p_tile_is_right_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)==0){
+ written += t2pWriteFile(output, (tdata_t) "/Columns ", 9);
+- buflen=sprintf(
+- buffer,
+- "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilewidth);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ } else {
+ written += t2pWriteFile(output, (tdata_t) "/Columns ", 9);
+- buflen=sprintf(
+- buffer,
+- "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilewidth);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ }
+ if(t2p_tile_is_bottom_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)==0){
+ written += t2pWriteFile(output, (tdata_t) " /Rows ", 7);
+- buflen=sprintf(
+- buffer,
+- "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilelength);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ } else {
+ written += t2pWriteFile(output, (tdata_t) " /Rows ", 7);
+- buflen=sprintf(
+- buffer,
+- "%lu",
++ buflen=snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilelength);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ }
+@@ -5103,21 +5077,17 @@
+ if(t2p->pdf_compressionquality%100){
+ written += t2pWriteFile(output, (tdata_t) "/DecodeParms ", 13);
+ written += t2pWriteFile(output, (tdata_t) "<< /Predictor ", 14);
+- _TIFFmemset(buffer, 0x00, 16);
+- buflen=sprintf(buffer, "%u", t2p->pdf_compressionquality%100);
++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_compressionquality%100);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " /Columns ", 10);
+- _TIFFmemset(buffer, 0x00, 16);
+- buflen = sprintf(buffer, "%lu",
++ buflen = snprintf(buffer, sizeof(buffer), "%lu",
+ (unsigned long)t2p->tiff_width);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " /Colors ", 9);
+- _TIFFmemset(buffer, 0x00, 16);
+- buflen=sprintf(buffer, "%u", t2p->tiff_samplesperpixel);
++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_samplesperpixel);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " /BitsPerComponent ", 19);
+- _TIFFmemset(buffer, 0x00, 16);
+- buflen=sprintf(buffer, "%u", t2p->tiff_bitspersample);
++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_bitspersample);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) ">>\n", 3);
+ }
+@@ -5137,16 +5107,16 @@
+ tsize_t t2p_write_pdf_xreftable(T2P* t2p, TIFF* output){
+
+ tsize_t written=0;
+- char buffer[21];
++ char buffer[64];
+ int buflen=0;
+ uint32 i=0;
+
+ written += t2pWriteFile(output, (tdata_t) "xref\n0 ", 7);
+- buflen=sprintf(buffer, "%lu", (unsigned long)(t2p->pdf_xrefcount + 1));
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount + 1));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+ written += t2pWriteFile(output, (tdata_t) " \n0000000000 65535 f \n", 22);
+ for (i=0;i<t2p->pdf_xrefcount;i++){
+- sprintf(buffer, "%.10lu 00000 n \n",
++ snprintf(buffer, sizeof(buffer), "%.10lu 00000 n \n",
+ (unsigned long)t2p->pdf_xrefoffsets[i]);
+ written += t2pWriteFile(output, (tdata_t) buffer, 20);
+ }
+@@ -5170,17 +5140,14 @@
+ snprintf(t2p->pdf_fileid + i, 9, "%.8X", rand());
+
+ written += t2pWriteFile(output, (tdata_t) "trailer\n<<\n/Size ", 17);
+- buflen = sprintf(buffer, "%lu", (unsigned long)(t2p->pdf_xrefcount+1));
++ buflen = snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount+1));
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+- _TIFFmemset(buffer, 0x00, 32);
+ written += t2pWriteFile(output, (tdata_t) "\n/Root ", 7);
+- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_catalog);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_catalog);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+- _TIFFmemset(buffer, 0x00, 32);
+ written += t2pWriteFile(output, (tdata_t) " 0 R \n/Info ", 12);
+- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_info);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_info);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+- _TIFFmemset(buffer, 0x00, 32);
+ written += t2pWriteFile(output, (tdata_t) " 0 R \n/ID[<", 11);
+ written += t2pWriteFile(output, (tdata_t) t2p->pdf_fileid,
+ sizeof(t2p->pdf_fileid) - 1);
+@@ -5188,9 +5155,8 @@
+ written += t2pWriteFile(output, (tdata_t) t2p->pdf_fileid,
+ sizeof(t2p->pdf_fileid) - 1);
+ written += t2pWriteFile(output, (tdata_t) ">]\n>>\nstartxref\n", 16);
+- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_startxref);
++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_startxref);
+ written += t2pWriteFile(output, (tdata_t) buffer, buflen);
+- _TIFFmemset(buffer, 0x00, 32);
+ written += t2pWriteFile(output, (tdata_t) "\n%%EOF\n", 7);
+
+ return(written);
+Index: tiff-4.0.3/tools/tiff2ps.c
+===================================================================
+--- tiff-4.0.3.orig/tools/tiff2ps.c 2013-06-23 10:36:51.163629483 -0400
++++ tiff-4.0.3/tools/tiff2ps.c 2013-06-23 10:36:51.155629481 -0400
+@@ -1781,8 +1781,8 @@
+ imageOp = "imagemask";
+
+ (void)strcpy(im_x, "0");
+- (void)sprintf(im_y, "%lu", (long) h);
+- (void)sprintf(im_h, "%lu", (long) h);
++ (void)snprintf(im_y, sizeof(im_y), "%lu", (long) h);
++ (void)snprintf(im_h, sizeof(im_h), "%lu", (long) h);
+ tile_width = w;
+ tile_height = h;
+ if (TIFFIsTiled(tif)) {
+@@ -1803,7 +1803,7 @@
+ }
+ if (tile_height < h) {
+ fputs("/im_y 0 def\n", fd);
+- (void)sprintf(im_y, "%lu im_y sub", (unsigned long) h);
++ (void)snprintf(im_y, sizeof(im_y), "%lu im_y sub", (unsigned long) h);
+ }
+ } else {
+ repeat_count = tf_numberstrips;
+@@ -1815,7 +1815,7 @@
+ fprintf(fd, "/im_h %lu def\n",
+ (unsigned long) tile_height);
+ (void)strcpy(im_h, "im_h");
+- (void)sprintf(im_y, "%lu im_y sub", (unsigned long) h);
++ (void)snprintf(im_y, sizeof(im_y), "%lu im_y sub", (unsigned long) h);
+ }
+ }
+
+Index: tiff-4.0.3/tools/tiffcrop.c
+===================================================================
+--- tiff-4.0.3.orig/tools/tiffcrop.c 2013-06-23 10:36:51.163629483 -0400
++++ tiff-4.0.3/tools/tiffcrop.c 2013-06-23 10:36:51.159629481 -0400
+@@ -2077,7 +2077,7 @@
+ return 1;
+ }
+
+- sprintf (filenum, "-%03d%s", findex, export_ext);
++ snprintf(filenum, sizeof(filenum), "-%03d%s", findex, export_ext);
+ filenum[14] = '\0';
+ strncat (exportname, filenum, 15);
+ }
+@@ -2230,8 +2230,8 @@
+
+ /* dump.infilename is guaranteed to be NUL termimated and have 20 bytes
+ fewer than PATH_MAX */
+- memset (temp_filename, '\0', PATH_MAX + 1);
+- sprintf (temp_filename, "%s-read-%03d.%s", dump.infilename, dump_images,
++ snprintf(temp_filename, sizeof(temp_filename), "%s-read-%03d.%s",
++ dump.infilename, dump_images,
+ (dump.format == DUMP_TEXT) ? "txt" : "raw");
+ if ((dump.infile = fopen(temp_filename, dump.mode)) == NULL)
+ {
+@@ -2249,8 +2249,8 @@
+
+ /* dump.outfilename is guaranteed to be NUL termimated and have 20 bytes
+ fewer than PATH_MAX */
+- memset (temp_filename, '\0', PATH_MAX + 1);
+- sprintf (temp_filename, "%s-write-%03d.%s", dump.outfilename, dump_images,
++ snprintf(temp_filename, sizeof(temp_filename), "%s-write-%03d.%s",
++ dump.outfilename, dump_images,
+ (dump.format == DUMP_TEXT) ? "txt" : "raw");
+ if ((dump.outfile = fopen(temp_filename, dump.mode)) == NULL)
+ {
+Index: tiff-4.0.3/tools/tiff2bw.c
+===================================================================
+--- tiff-4.0.3.orig/tools/tiff2bw.c 2013-06-23 10:36:51.163629483 -0400
++++ tiff-4.0.3/tools/tiff2bw.c 2013-06-23 10:36:51.159629481 -0400
+@@ -205,7 +205,7 @@
+ }
+ }
+ TIFFSetField(out, TIFFTAG_PHOTOMETRIC, PHOTOMETRIC_MINISBLACK);
+- sprintf(thing, "B&W version of %s", argv[optind]);
++ snprintf(thing, sizeof(thing), "B&W version of %s", argv[optind]);
+ TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, thing);
+ TIFFSetField(out, TIFFTAG_SOFTWARE, "tiff2bw");
+ outbuf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
diff --git a/gnu/packages/patches/libtiff-CVE-2013-4231.patch b/gnu/packages/patches/libtiff-CVE-2013-4231.patch
new file mode 100644
index 0000000000..c71f7dac2e
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2013-4231.patch
@@ -0,0 +1,19 @@
+Copied from Debian
+
+Description: Buffer overflow in gif2tiff
+Bug: http://bugzilla.maptools.org/show_bug.cgi?id=2450
+Bug-Debian: http://bugs.debian.org/719303
+
+Index: tiff-4.0.3/tools/gif2tiff.c
+===================================================================
+--- tiff-4.0.3.orig/tools/gif2tiff.c 2013-08-22 11:46:11.960846910 -0400
++++ tiff-4.0.3/tools/gif2tiff.c 2013-08-22 11:46:11.956846910 -0400
+@@ -333,6 +333,8 @@
+ int status = 1;
+
+ datasize = getc(infile);
++ if (datasize > 12)
++ return 0;
+ clear = 1 << datasize;
+ eoi = clear + 1;
+ avail = clear + 2;
diff --git a/gnu/packages/patches/libtiff-CVE-2013-4232.patch b/gnu/packages/patches/libtiff-CVE-2013-4232.patch
new file mode 100644
index 0000000000..3a92f61fef
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2013-4232.patch
@@ -0,0 +1,20 @@
+Copied from Debian
+
+Description: use after free in tiff2pdf
+Bug: http://bugzilla.maptools.org/show_bug.cgi?id=2449
+Bug-Debian: http://bugs.debian.org/719303
+
+Index: tiff-4.0.3/tools/tiff2pdf.c
+===================================================================
+--- tiff-4.0.3.orig/tools/tiff2pdf.c 2013-08-22 11:46:37.292847242 -0400
++++ tiff-4.0.3/tools/tiff2pdf.c 2013-08-22 11:46:37.292847242 -0400
+@@ -2461,7 +2461,8 @@
+ (unsigned long) t2p->tiff_datasize,
+ TIFFFileName(input));
+ t2p->t2p_error = T2P_ERR_ERROR;
+- _TIFFfree(buffer);
++ _TIFFfree(buffer);
++ return(0);
+ } else {
+ buffer=samplebuffer;
+ t2p->tiff_datasize *= t2p->tiff_samplesperpixel;
diff --git a/gnu/packages/patches/libtiff-CVE-2013-4243.patch b/gnu/packages/patches/libtiff-CVE-2013-4243.patch
new file mode 100644
index 0000000000..a10884cd89
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2013-4243.patch
@@ -0,0 +1,39 @@
+Copied from Debian
+
+Index: tiff/tools/gif2tiff.c
+===================================================================
+--- tiff.orig/tools/gif2tiff.c
++++ tiff/tools/gif2tiff.c
+@@ -280,6 +280,10 @@ readgifimage(char* mode)
+ fprintf(stderr, "no colormap present for image\n");
+ return (0);
+ }
++ if (width == 0 || height == 0) {
++ fprintf(stderr, "Invalid value of width or height\n");
++ return(0);
++ }
+ if ((raster = (unsigned char*) _TIFFmalloc(width*height+EXTRAFUDGE)) == NULL) {
+ fprintf(stderr, "not enough memory for image\n");
+ return (0);
+@@ -404,6 +408,10 @@ process(register int code, unsigned char
+ fprintf(stderr, "bad input: code=%d is larger than clear=%d\n",code, clear);
+ return 0;
+ }
++ if (*fill >= raster + width*height) {
++ fprintf(stderr, "raster full before eoi code\n");
++ return 0;
++ }
+ *(*fill)++ = suffix[code];
+ firstchar = oldcode = code;
+ return 1;
+@@ -434,6 +442,10 @@ process(register int code, unsigned char
+ }
+ oldcode = incode;
+ do {
++ if (*fill >= raster + width*height) {
++ fprintf(stderr, "raster full before eoi code\n");
++ return 0;
++ }
+ *(*fill)++ = *--stackp;
+ } while (stackp > stack);
+ return 1;
diff --git a/gnu/packages/patches/libtiff-CVE-2013-4244.patch b/gnu/packages/patches/libtiff-CVE-2013-4244.patch
new file mode 100644
index 0000000000..be9c65c311
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2013-4244.patch
@@ -0,0 +1,20 @@
+Copied from Debian
+
+Description: OOB write in gif2tiff
+Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=996468
+
+Index: tiff-4.0.3/tools/gif2tiff.c
+===================================================================
+--- tiff-4.0.3.orig/tools/gif2tiff.c 2013-08-24 11:17:13.546447901 -0400
++++ tiff-4.0.3/tools/gif2tiff.c 2013-08-24 11:17:13.546447901 -0400
+@@ -400,6 +400,10 @@
+ }
+
+ if (oldcode == -1) {
++ if (code >= clear) {
++ fprintf(stderr, "bad input: code=%d is larger than clear=%d\n",code, clear);
++ return 0;
++ }
+ *(*fill)++ = suffix[code];
+ firstchar = oldcode = code;
+ return 1;
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch b/gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch
new file mode 100644
index 0000000000..7f70edb86f
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch
@@ -0,0 +1,30 @@
+Copied from Debian
+
+From 0782c759084daaf9e4de7ee6be7543081823455e Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Sun, 21 Dec 2014 20:58:29 +0000
+Subject: [PATCH] * tools/tiff2bw.c: when Photometric=RGB, the utility only
+ works if SamplesPerPixel = 3. Enforce that
+ http://bugzilla.maptools.org/show_bug.cgi?id=2485 (CVE-2014-8127)
+
+---
+ ChangeLog | 6 ++++++
+ tools/tiff2bw.c | 5 +++++
+ 2 files changed, 11 insertions(+)
+
+diff --git a/tools/tiff2bw.c b/tools/tiff2bw.c
+index 22467cd..94b8e31 100644
+--- a/tools/tiff2bw.c
++++ b/tools/tiff2bw.c
+@@ -171,6 +171,11 @@ main(int argc, char* argv[])
+ argv[optind], samplesperpixel);
+ return (-1);
+ }
++ if( photometric == PHOTOMETRIC_RGB && samplesperpixel != 3) {
++ fprintf(stderr, "%s: Bad samples/pixel %u for PHOTOMETRIC_RGB.\n",
++ argv[optind], samplesperpixel);
++ return (-1);
++ }
+ TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bitspersample);
+ if (bitspersample != 8) {
+ fprintf(stderr,
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8127-pt2.patch b/gnu/packages/patches/libtiff-CVE-2014-8127-pt2.patch
new file mode 100644
index 0000000000..a177ebfa21
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8127-pt2.patch
@@ -0,0 +1,42 @@
+Copied from Debian
+
+From 3996fa0f84f4a8b7e65fe4b8f0681711022034ea Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Sun, 21 Dec 2014 20:04:31 +0000
+Subject: [PATCH] * tools/pal2rgb.c, tools/thumbnail.c: fix crash by disabling
+ TIFFTAG_INKNAMES copying. The right fix would be to properly copy it, but not
+ worth the burden for those esoteric utilities.
+ http://bugzilla.maptools.org/show_bug.cgi?id=2484 (CVE-2014-8127)
+
+---
+ ChangeLog | 7 +++++++
+ tools/pal2rgb.c | 2 +-
+ tools/thumbnail.c | 2 +-
+ 3 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
+index bfe7899..3fc3de3 100644
+--- a/tools/pal2rgb.c
++++ b/tools/pal2rgb.c
+@@ -372,7 +372,7 @@ static struct cpTag {
+ { TIFFTAG_CLEANFAXDATA, 1, TIFF_SHORT },
+ { TIFFTAG_CONSECUTIVEBADFAXLINES, 1, TIFF_LONG },
+ { TIFFTAG_INKSET, 1, TIFF_SHORT },
+- { TIFFTAG_INKNAMES, 1, TIFF_ASCII },
++ /*{ TIFFTAG_INKNAMES, 1, TIFF_ASCII },*/ /* Needs much more complicated logic. See tiffcp */
+ { TIFFTAG_DOTRANGE, 2, TIFF_SHORT },
+ { TIFFTAG_TARGETPRINTER, 1, TIFF_ASCII },
+ { TIFFTAG_SAMPLEFORMAT, 1, TIFF_SHORT },
+diff --git a/tools/thumbnail.c b/tools/thumbnail.c
+index c50bbff..73f9c34 100644
+--- a/tools/thumbnail.c
++++ b/tools/thumbnail.c
+@@ -257,7 +257,7 @@ static struct cpTag {
+ { TIFFTAG_CLEANFAXDATA, 1, TIFF_SHORT },
+ { TIFFTAG_CONSECUTIVEBADFAXLINES, 1, TIFF_LONG },
+ { TIFFTAG_INKSET, 1, TIFF_SHORT },
+- { TIFFTAG_INKNAMES, 1, TIFF_ASCII },
++ /*{ TIFFTAG_INKNAMES, 1, TIFF_ASCII },*/ /* Needs much more complicated logic. See tiffcp */
+ { TIFFTAG_DOTRANGE, 2, TIFF_SHORT },
+ { TIFFTAG_TARGETPRINTER, 1, TIFF_ASCII },
+ { TIFFTAG_SAMPLEFORMAT, 1, TIFF_SHORT },
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8127-pt3.patch b/gnu/packages/patches/libtiff-CVE-2014-8127-pt3.patch
new file mode 100644
index 0000000000..b8a3703c4c
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8127-pt3.patch
@@ -0,0 +1,45 @@
+Copied from Debian
+
+From 1f7359b00663804d96c3a102bcb6ead9812c1509 Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Tue, 23 Dec 2014 10:15:35 +0000
+Subject: [PATCH] * libtiff/tif_read.c: fix several invalid comparisons of a
+ uint64 value with <= 0 by casting it to int64 first. This solves crashing bug
+ on corrupted images generated by afl.
+
+---
+ ChangeLog | 6 ++++++
+ libtiff/tif_read.c | 6 +++---
+ 2 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/libtiff/tif_read.c b/libtiff/tif_read.c
+index 2ba822a..dfc5b07 100644
+--- a/libtiff/tif_read.c
++++ b/libtiff/tif_read.c
+@@ -458,7 +458,7 @@ TIFFReadRawStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size)
+ return ((tmsize_t)(-1));
+ }
+ bytecount = td->td_stripbytecount[strip];
+- if (bytecount <= 0) {
++ if ((int64)bytecount <= 0) {
+ #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
+ TIFFErrorExt(tif->tif_clientdata, module,
+ "%I64u: Invalid strip byte count, strip %lu",
+@@ -498,7 +498,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip)
+ if ((tif->tif_flags&TIFF_NOREADRAW)==0)
+ {
+ uint64 bytecount = td->td_stripbytecount[strip];
+- if (bytecount <= 0) {
++ if ((int64)bytecount <= 0) {
+ #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
+ TIFFErrorExt(tif->tif_clientdata, module,
+ "Invalid strip byte count %I64u, strip %lu",
+@@ -801,7 +801,7 @@ TIFFFillTile(TIFF* tif, uint32 tile)
+ if ((tif->tif_flags&TIFF_NOREADRAW)==0)
+ {
+ uint64 bytecount = td->td_stripbytecount[tile];
+- if (bytecount <= 0) {
++ if ((int64)bytecount <= 0) {
+ #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
+ TIFFErrorExt(tif->tif_clientdata, module,
+ "%I64u: Invalid tile byte count, tile %lu",
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8127-pt4.patch b/gnu/packages/patches/libtiff-CVE-2014-8127-pt4.patch
new file mode 100644
index 0000000000..62d903c650
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8127-pt4.patch
@@ -0,0 +1,295 @@
+Copied from Debian
+
+From 662f74445b2fea2eeb759c6524661118aef567ca Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Sun, 21 Dec 2014 15:15:31 +0000
+Subject: [PATCH] Fix various crasher bugs on fuzzed images. *
+ libtiff/tif_dir.c: TIFFSetField(): refuse to set negative values for
+ TIFFTAG_XRESOLUTION and TIFFTAG_YRESOLUTION that cause asserts when writing
+ the directory * libtiff/tif_dirread.c: TIFFReadDirectory(): refuse to read
+ ColorMap or TransferFunction if BitsPerSample has not yet been read,
+ otherwise reading it later will cause user code to crash if BitsPerSample > 1
+ * libtiff/tif_getimage.c: TIFFRGBAImageOK(): return FALSE if LOGLUV with
+ SamplesPerPixel != 3, or if CIELAB with SamplesPerPixel != 3 or BitsPerSample
+ != 8 * libtiff/tif_next.c: in the "run mode", use tilewidth for tiled images
+ instead of imagewidth to avoid crash * tools/bmp2tiff.c: fix crash due to int
+ overflow related to input BMP dimensions * tools/tiff2pdf.c: fix crash due to
+ invalid tile count (should likely be checked by libtiff too). Detect invalid
+ settings of BitsPerSample/SamplesPerPixel for CIELAB / ITULAB *
+ tools/tiffcrop.c: fix crash due to invalid TileWidth/TileHeight *
+ tools/tiffdump.c: fix crash due to overflow of entry count.
+
+---
+ ChangeLog | 19 +++++++++++++++++++
+ libtiff/tif_dir.c | 21 +++++++++++++++++++--
+ libtiff/tif_dirread.c | 17 +++++++++++++++++
+ libtiff/tif_getimage.c | 15 +++++++++++++++
+ libtiff/tif_next.c | 2 ++
+ tools/bmp2tiff.c | 15 +++++++++++++++
+ tools/tiff2pdf.c | 41 +++++++++++++++++++++++++++++++++++++++++
+ tools/tiffcrop.c | 7 ++++---
+ tools/tiffdump.c | 9 ++++++---
+ 9 files changed, 138 insertions(+), 8 deletions(-)
+
+diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
+index 98cf66d..ab43a28 100644
+--- a/libtiff/tif_dir.c
++++ b/libtiff/tif_dir.c
+@@ -160,6 +160,7 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap)
+ TIFFDirectory* td = &tif->tif_dir;
+ int status = 1;
+ uint32 v32, i, v;
++ double dblval;
+ char* s;
+ const TIFFField *fip = TIFFFindField(tif, tag, TIFF_ANY);
+ uint32 standard_tag = tag;
+@@ -284,10 +285,16 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap)
+ setDoubleArrayOneValue(&td->td_smaxsamplevalue, va_arg(ap, double), td->td_samplesperpixel);
+ break;
+ case TIFFTAG_XRESOLUTION:
+- td->td_xresolution = (float) va_arg(ap, double);
++ dblval = va_arg(ap, double);
++ if( dblval < 0 )
++ goto badvaluedouble;
++ td->td_xresolution = (float) dblval;
+ break;
+ case TIFFTAG_YRESOLUTION:
+- td->td_yresolution = (float) va_arg(ap, double);
++ dblval = va_arg(ap, double);
++ if( dblval < 0 )
++ goto badvaluedouble;
++ td->td_yresolution = (float) dblval;
+ break;
+ case TIFFTAG_PLANARCONFIG:
+ v = (uint16) va_arg(ap, uint16_vap);
+@@ -694,6 +701,16 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap)
+ va_end(ap);
+ }
+ return (0);
++badvaluedouble:
++ {
++ const TIFFField* fip=TIFFFieldWithTag(tif,tag);
++ TIFFErrorExt(tif->tif_clientdata, module,
++ "%s: Bad value %f for \"%s\" tag",
++ tif->tif_name, dblval,
++ fip ? fip->field_name : "Unknown");
++ va_end(ap);
++ }
++ return (0);
+ }
+
+ /*
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index 391c823..f66c9a7 100644
+--- a/libtiff/tif_dirread.c
++++ b/libtiff/tif_dirread.c
+@@ -3430,6 +3430,8 @@ TIFFReadDirectory(TIFF* tif)
+ const TIFFField* fip;
+ uint32 fii=FAILED_FII;
+ toff_t nextdiroff;
++ int bitspersample_read = FALSE;
++
+ tif->tif_diroff=tif->tif_nextdiroff;
+ if (!TIFFCheckDirOffset(tif,tif->tif_nextdiroff))
+ return 0; /* last offset or bad offset (IFD looping) */
+@@ -3706,6 +3708,8 @@ TIFFReadDirectory(TIFF* tif)
+ }
+ if (!TIFFSetField(tif,dp->tdir_tag,value))
+ goto bad;
++ if( dp->tdir_tag == TIFFTAG_BITSPERSAMPLE )
++ bitspersample_read = TRUE;
+ }
+ break;
+ case TIFFTAG_SMINSAMPLEVALUE:
+@@ -3763,6 +3767,19 @@ TIFFReadDirectory(TIFF* tif)
+ uint32 countrequired;
+ uint32 incrementpersample;
+ uint16* value=NULL;
++ /* It would be dangerous to instanciate those tag values */
++ /* since if td_bitspersample has not yet been read (due to */
++ /* unordered tags), it could be read afterwards with a */
++ /* values greater than the default one (1), which may cause */
++ /* crashes in user code */
++ if( !bitspersample_read )
++ {
++ fip = TIFFFieldWithTag(tif,dp->tdir_tag);
++ TIFFWarningExt(tif->tif_clientdata,module,
++ "Ignoring %s since BitsPerSample tag not found",
++ fip ? fip->field_name : "unknown tagname");
++ continue;
++ }
+ countpersample=(1L<<tif->tif_dir.td_bitspersample);
+ if ((dp->tdir_tag==TIFFTAG_TRANSFERFUNCTION)&&(dp->tdir_count==(uint64)countpersample))
+ {
+diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
+index 074d32a..396ad08 100644
+--- a/libtiff/tif_getimage.c
++++ b/libtiff/tif_getimage.c
+@@ -182,8 +182,23 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[1024])
+ "Planarconfiguration", td->td_planarconfig);
+ return (0);
+ }
++ if( td->td_samplesperpixel != 3 )
++ {
++ sprintf(emsg,
++ "Sorry, can not handle image with %s=%d",
++ "Samples/pixel", td->td_samplesperpixel);
++ return 0;
++ }
+ break;
+ case PHOTOMETRIC_CIELAB:
++ if( td->td_samplesperpixel != 3 || td->td_bitspersample != 8 )
++ {
++ sprintf(emsg,
++ "Sorry, can not handle image with %s=%d and %s=%d",
++ "Samples/pixel", td->td_samplesperpixel,
++ "Bits/sample", td->td_bitspersample);
++ return 0;
++ }
+ break;
+ default:
+ sprintf(emsg, "Sorry, can not handle image with %s=%d",
+diff --git a/libtiff/tif_next.c b/libtiff/tif_next.c
+index 55e2537..a53c716 100644
+--- a/libtiff/tif_next.c
++++ b/libtiff/tif_next.c
+@@ -102,6 +102,8 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s)
+ default: {
+ uint32 npixels = 0, grey;
+ uint32 imagewidth = tif->tif_dir.td_imagewidth;
++ if( isTiled(tif) )
++ imagewidth = tif->tif_dir.td_tilewidth;
+
+ /*
+ * The scanline is composed of a sequence of constant
+diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
+index dfda963..f202b41 100644
+--- a/tools/tiff2pdf.c
++++ b/tools/tiff2pdf.c
+@@ -1167,6 +1167,15 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
+ if( (TIFFGetField(input, TIFFTAG_PLANARCONFIG, &xuint16) != 0)
+ && (xuint16 == PLANARCONFIG_SEPARATE ) ){
+ TIFFGetField(input, TIFFTAG_SAMPLESPERPIXEL, &xuint16);
++ if( (t2p->tiff_tiles[i].tiles_tilecount % xuint16) != 0 )
++ {
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "Invalid tile count, %s",
++ TIFFFileName(input));
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
+ t2p->tiff_tiles[i].tiles_tilecount/= xuint16;
+ }
+ if( t2p->tiff_tiles[i].tiles_tilecount > 0){
+@@ -1552,6 +1561,22 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){
+ #endif
+ break;
+ case PHOTOMETRIC_CIELAB:
++ if( t2p->tiff_samplesperpixel != 3){
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "Unsupported samplesperpixel = %d for CIELAB",
++ t2p->tiff_samplesperpixel);
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
++ if( t2p->tiff_bitspersample != 8){
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "Invalid bitspersample = %d for CIELAB",
++ t2p->tiff_bitspersample);
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
+ t2p->pdf_labrange[0]= -127;
+ t2p->pdf_labrange[1]= 127;
+ t2p->pdf_labrange[2]= -127;
+@@ -1567,6 +1592,22 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){
+ t2p->pdf_colorspace=T2P_CS_LAB;
+ break;
+ case PHOTOMETRIC_ITULAB:
++ if( t2p->tiff_samplesperpixel != 3){
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "Unsupported samplesperpixel = %d for ITULAB",
++ t2p->tiff_samplesperpixel);
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
++ if( t2p->tiff_bitspersample != 8){
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "Invalid bitspersample = %d for ITULAB",
++ t2p->tiff_bitspersample);
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
+ t2p->pdf_labrange[0]=-85;
+ t2p->pdf_labrange[1]=85;
+ t2p->pdf_labrange[2]=-75;
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index f5530bb..4088463 100644
+--- a/tools/tiffcrop.c
++++ b/tools/tiffcrop.c
+@@ -1205,9 +1205,10 @@ static int writeBufferToContigTiles (TIFF* out, uint8* buf, uint32 imagelength,
+ tsize_t tilesize = TIFFTileSize(out);
+ unsigned char *tilebuf = NULL;
+
+- TIFFGetField(out, TIFFTAG_TILELENGTH, &tl);
+- TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw);
+- TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps);
++ if( !TIFFGetField(out, TIFFTAG_TILELENGTH, &tl) ||
++ !TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw) ||
++ !TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps) )
++ return 1;
+
+ tile_buffsize = tilesize;
+ if (tilesize < (tsize_t)(tl * tile_rowsize))
+diff --git a/tools/tiffdump.c b/tools/tiffdump.c
+index cf5d62f..8247765 100644
+--- a/tools/tiffdump.c
++++ b/tools/tiffdump.c
+@@ -374,6 +374,8 @@ ReadDirectory(int fd, unsigned int ix, uint64 off)
+ void* datamem;
+ uint64 dataoffset;
+ int datatruncated;
++ int datasizeoverflow;
++
+ tag = *(uint16*)dp;
+ if (swabflag)
+ TIFFSwabShort(&tag);
+@@ -412,13 +414,14 @@ ReadDirectory(int fd, unsigned int ix, uint64 off)
+ else
+ typewidth = datawidth[type];
+ datasize = count*typewidth;
++ datasizeoverflow = (typewidth > 0 && datasize / typewidth != count);
+ datafits = 1;
+ datamem = dp;
+ dataoffset = 0;
+ datatruncated = 0;
+ if (!bigtiff)
+ {
+- if (datasize>4)
++ if (datasizeoverflow || datasize>4)
+ {
+ uint32 dataoffset32;
+ datafits = 0;
+@@ -432,7 +435,7 @@ ReadDirectory(int fd, unsigned int ix, uint64 off)
+ }
+ else
+ {
+- if (datasize>8)
++ if (datasizeoverflow || datasize>8)
+ {
+ datafits = 0;
+ datamem = NULL;
+@@ -442,7 +445,7 @@ ReadDirectory(int fd, unsigned int ix, uint64 off)
+ }
+ dp += sizeof(uint64);
+ }
+- if (datasize>0x10000)
++ if (datasizeoverflow || datasize>0x10000)
+ {
+ datatruncated = 1;
+ count = 0x10000/typewidth;
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8128-pt1.patch b/gnu/packages/patches/libtiff-CVE-2014-8128-pt1.patch
new file mode 100644
index 0000000000..fda018b7bb
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8128-pt1.patch
@@ -0,0 +1,32 @@
+Copied from Debian
+
+From 3206e0c752a62da1ae606867113ed3bf9bf73306 Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Sun, 21 Dec 2014 19:53:59 +0000
+Subject: [PATCH] * tools/thumbnail.c: fix out-of-buffer write
+ http://bugzilla.maptools.org/show_bug.cgi?id=2489 (CVE-2014-8128)
+
+---
+ ChangeLog | 5 +++++
+ tools/thumbnail.c | 8 +++++++-
+ 2 files changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/tools/thumbnail.c b/tools/thumbnail.c
+index fab63f6..c50bbff 100644
+--- a/tools/thumbnail.c
++++ b/tools/thumbnail.c
+@@ -568,7 +568,13 @@ setImage1(const uint8* br, uint32 rw, uint32 rh)
+ err -= limit;
+ sy++;
+ if (err >= limit)
+- rows[nrows++] = br + bpr*sy;
++ {
++ /* We should perhaps error loudly, but I can't make sense of that */
++ /* code... */
++ if( nrows == 256 )
++ break;
++ rows[nrows++] = br + bpr*sy;
++ }
+ }
+ setrow(row, nrows, rows);
+ row += tnw;
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8128-pt2.patch b/gnu/packages/patches/libtiff-CVE-2014-8128-pt2.patch
new file mode 100644
index 0000000000..6f9ef85d14
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8128-pt2.patch
@@ -0,0 +1,83 @@
+Copied from Debian
+
+From 8b6e80fca434525497e5a31c3309a3bab5b3c1c8 Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Sun, 21 Dec 2014 18:52:42 +0000
+Subject: [PATCH] * tools/thumbnail.c, tools/tiffcmp.c: only read/write
+ TIFFTAG_GROUP3OPTIONS or TIFFTAG_GROUP4OPTIONS if compression is
+ COMPRESSION_CCITTFAX3 or COMPRESSION_CCITTFAX4
+ http://bugzilla.maptools.org/show_bug.cgi?id=2493 (CVE-2014-8128)
+
+---
+ ChangeLog | 7 +++++++
+ tools/thumbnail.c | 21 ++++++++++++++++++++-
+ tools/tiffcmp.c | 17 +++++++++++++++--
+ 3 files changed, 42 insertions(+), 3 deletions(-)
+
+diff --git a/tools/thumbnail.c b/tools/thumbnail.c
+index a98a881..fab63f6 100644
+--- a/tools/thumbnail.c
++++ b/tools/thumbnail.c
+@@ -274,7 +274,26 @@ cpTags(TIFF* in, TIFF* out)
+ {
+ struct cpTag *p;
+ for (p = tags; p < &tags[NTAGS]; p++)
+- cpTag(in, out, p->tag, p->count, p->type);
++ {
++ /* Horrible: but TIFFGetField() expects 2 arguments to be passed */
++ /* if we request a tag that is defined in a codec, but that codec */
++ /* isn't used */
++ if( p->tag == TIFFTAG_GROUP3OPTIONS )
++ {
++ uint16 compression;
++ if( !TIFFGetField(in, TIFFTAG_COMPRESSION, &compression) ||
++ compression != COMPRESSION_CCITTFAX3 )
++ continue;
++ }
++ if( p->tag == TIFFTAG_GROUP4OPTIONS )
++ {
++ uint16 compression;
++ if( !TIFFGetField(in, TIFFTAG_COMPRESSION, &compression) ||
++ compression != COMPRESSION_CCITTFAX4 )
++ continue;
++ }
++ cpTag(in, out, p->tag, p->count, p->type);
++ }
+ }
+ #undef NTAGS
+
+diff --git a/tools/tiffcmp.c b/tools/tiffcmp.c
+index 508a461..d6392af 100644
+--- a/tools/tiffcmp.c
++++ b/tools/tiffcmp.c
+@@ -260,6 +260,7 @@ tiffcmp(TIFF* tif1, TIFF* tif2)
+ static int
+ cmptags(TIFF* tif1, TIFF* tif2)
+ {
++ uint16 compression1, compression2;
+ CmpLongField(TIFFTAG_SUBFILETYPE, "SubFileType");
+ CmpLongField(TIFFTAG_IMAGEWIDTH, "ImageWidth");
+ CmpLongField(TIFFTAG_IMAGELENGTH, "ImageLength");
+@@ -276,8 +277,20 @@ cmptags(TIFF* tif1, TIFF* tif2)
+ CmpShortField(TIFFTAG_SAMPLEFORMAT, "SampleFormat");
+ CmpFloatField(TIFFTAG_XRESOLUTION, "XResolution");
+ CmpFloatField(TIFFTAG_YRESOLUTION, "YResolution");
+- CmpLongField(TIFFTAG_GROUP3OPTIONS, "Group3Options");
+- CmpLongField(TIFFTAG_GROUP4OPTIONS, "Group4Options");
++ if( TIFFGetField(tif1, TIFFTAG_COMPRESSION, &compression1) &&
++ compression1 == COMPRESSION_CCITTFAX3 &&
++ TIFFGetField(tif2, TIFFTAG_COMPRESSION, &compression2) &&
++ compression2 == COMPRESSION_CCITTFAX3 )
++ {
++ CmpLongField(TIFFTAG_GROUP3OPTIONS, "Group3Options");
++ }
++ if( TIFFGetField(tif1, TIFFTAG_COMPRESSION, &compression1) &&
++ compression1 == COMPRESSION_CCITTFAX4 &&
++ TIFFGetField(tif2, TIFFTAG_COMPRESSION, &compression2) &&
++ compression2 == COMPRESSION_CCITTFAX4 )
++ {
++ CmpLongField(TIFFTAG_GROUP4OPTIONS, "Group4Options");
++ }
+ CmpShortField(TIFFTAG_RESOLUTIONUNIT, "ResolutionUnit");
+ CmpShortField(TIFFTAG_PLANARCONFIG, "PlanarConfiguration");
+ CmpLongField(TIFFTAG_ROWSPERSTRIP, "RowsPerStrip");
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8128-pt3.patch b/gnu/packages/patches/libtiff-CVE-2014-8128-pt3.patch
new file mode 100644
index 0000000000..200af0ef8b
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8128-pt3.patch
@@ -0,0 +1,34 @@
+Copied from Debian
+
+From 266bc48054b018a2f1d74562aa48eb2f509436d5 Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Sun, 21 Dec 2014 17:36:36 +0000
+Subject: [PATCH] * tools/tiff2pdf.c: check return code of TIFFGetField() when
+ reading TIFFTAG_SAMPLESPERPIXEL
+
+---
+ ChangeLog | 5 +++++
+ tools/tiff2pdf.c | 10 +++++++++-
+ 2 files changed, 14 insertions(+), 1 deletion(-)
+
+Index: tiff-4.0.3/tools/tiff2pdf.c
+===================================================================
+--- tiff-4.0.3.orig/tools/tiff2pdf.c
++++ tiff-4.0.3/tools/tiff2pdf.c
+@@ -1164,7 +1164,15 @@ void t2p_read_tiff_init(T2P* t2p, TIFF*
+ t2p->tiff_pages[i].page_tilecount;
+ if( (TIFFGetField(input, TIFFTAG_PLANARCONFIG, &xuint16) != 0)
+ && (xuint16 == PLANARCONFIG_SEPARATE ) ){
+- TIFFGetField(input, TIFFTAG_SAMPLESPERPIXEL, &xuint16);
++ if( !TIFFGetField(input, TIFFTAG_SAMPLESPERPIXEL, &xuint16) )
++ {
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "Missing SamplesPerPixel, %s",
++ TIFFFileName(input));
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
+ if( (t2p->tiff_tiles[i].tiles_tilecount % xuint16) != 0 )
+ {
+ TIFFError(
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8128-pt4.patch b/gnu/packages/patches/libtiff-CVE-2014-8128-pt4.patch
new file mode 100644
index 0000000000..fda4045504
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8128-pt4.patch
@@ -0,0 +1,77 @@
+Copied from Debian
+
+Picked from CVE: diff -u -r1.14 -r1.15
+http://bugzilla.maptools.org/show_bug.cgi?id=2501
+
+Author: Even Rouault <even.rouault@spatialys.com>
+
+--- tiff-4.0.3.orig/tools/tiffdither.c
++++ tiff-4.0.3/tools/tiffdither.c
+@@ -39,6 +39,7 @@
+ #endif
+
+ #include "tiffio.h"
++#include "tiffiop.h"
+
+ #define streq(a,b) (strcmp(a,b) == 0)
+ #define strneq(a,b,n) (strncmp(a,b,n) == 0)
+@@ -56,7 +57,7 @@ static void usage(void);
+ * Floyd-Steinberg error propragation with threshold.
+ * This code is stolen from tiffmedian.
+ */
+-static void
++static int
+ fsdither(TIFF* in, TIFF* out)
+ {
+ unsigned char *outline, *inputline, *inptr;
+@@ -68,14 +69,19 @@ fsdither(TIFF* in, TIFF* out)
+ int lastline, lastpixel;
+ int bit;
+ tsize_t outlinesize;
++ int errcode = 0;
+
+ imax = imagelength - 1;
+ jmax = imagewidth - 1;
+ inputline = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(in));
+- thisline = (short *)_TIFFmalloc(imagewidth * sizeof (short));
+- nextline = (short *)_TIFFmalloc(imagewidth * sizeof (short));
++ thisline = (short *)_TIFFmalloc(TIFFSafeMultiply(tmsize_t, imagewidth, sizeof (short)));
++ nextline = (short *)_TIFFmalloc(TIFFSafeMultiply(tmsize_t, imagewidth, sizeof (short)));
+ outlinesize = TIFFScanlineSize(out);
+ outline = (unsigned char *) _TIFFmalloc(outlinesize);
++ if (! (inputline && thisline && nextline && outline)) {
++ fprintf(stderr, "Out of memory.\n");
++ goto skip_on_error;
++ }
+
+ /*
+ * Get first line
+@@ -93,7 +99,7 @@ fsdither(TIFF* in, TIFF* out)
+ nextline = tmpptr;
+ lastline = (i == imax);
+ if (TIFFReadScanline(in, inputline, i, 0) <= 0)
+- break;
++ goto skip_on_error;
+ inptr = inputline;
+ nextptr = nextline;
+ for (j = 0; j < imagewidth; ++j)
+@@ -131,13 +137,18 @@ fsdither(TIFF* in, TIFF* out)
+ }
+ }
+ if (TIFFWriteScanline(out, outline, i-1, 0) < 0)
+- break;
++ goto skip_on_error;
+ }
++ goto exit_label;
++
+ skip_on_error:
++ errcode = 1;
++ exit_label:
+ _TIFFfree(inputline);
+ _TIFFfree(thisline);
+ _TIFFfree(nextline);
+ _TIFFfree(outline);
++ return errcode;
+ }
+
+ static uint16 compression = COMPRESSION_PACKBITS;
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8128-pt5.patch b/gnu/packages/patches/libtiff-CVE-2014-8128-pt5.patch
new file mode 100644
index 0000000000..a555a18747
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8128-pt5.patch
@@ -0,0 +1,16 @@
+Copied from Debian
+
+Patches by Petr Gajdos (pgajdos@suse.cz) from
+http://bugzilla.maptools.org/show_bug.cgi?id=2499
+
+--- tiff-4.0.3.orig/libtiff/tif_dirinfo.c
++++ tiff-4.0.3/libtiff/tif_dirinfo.c
+@@ -141,6 +141,8 @@ tiffFields[] = {
+ { TIFFTAG_FAXDCS, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_ASCII, FIELD_CUSTOM, TRUE, FALSE, "FaxDcs", NULL },
+ { TIFFTAG_STONITS, 1, 1, TIFF_DOUBLE, 0, TIFF_SETGET_DOUBLE, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "StoNits", NULL },
+ { TIFFTAG_INTEROPERABILITYIFD, 1, 1, TIFF_IFD8, 0, TIFF_SETGET_UNDEFINED, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "InteroperabilityIFDOffset", NULL },
++ { TIFFTAG_CONSECUTIVEBADFAXLINES, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UINT32, FIELD_CUSTOM, TRUE, FALSE, "ConsecutiveBadFaxLines", NULL },
++ { TIFFTAG_PREDICTOR, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UINT16, FIELD_CUSTOM, FALSE, FALSE, "Predictor", NULL },
+ /* begin DNG tags */
+ { TIFFTAG_DNGVERSION, 4, 4, TIFF_BYTE, 0, TIFF_SETGET_C0_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "DNGVersion", NULL },
+ { TIFFTAG_DNGBACKWARDVERSION, 4, 4, TIFF_BYTE, 0, TIFF_SETGET_C0_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "DNGBackwardVersion", NULL },
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8129.patch b/gnu/packages/patches/libtiff-CVE-2014-8129.patch
new file mode 100644
index 0000000000..091ec8f573
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-8129.patch
@@ -0,0 +1,45 @@
+Copied from Debian
+
+From cd82b5267ad4c10eb91e4ee8a716a81362cf851c Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Sun, 21 Dec 2014 18:07:48 +0000
+Subject: [PATCH] * libtiff/tif_next.c: check that BitsPerSample = 2. Fixes
+ http://bugzilla.maptools.org/show_bug.cgi?id=2487 (CVE-2014-8129)
+
+---
+ ChangeLog | 5 +++++
+ libtiff/tif_next.c | 17 +++++++++++++++++
+ 2 files changed, 22 insertions(+)
+
+diff --git a/libtiff/tif_next.c b/libtiff/tif_next.c
+index a53c716..d834196 100644
+--- a/libtiff/tif_next.c
++++ b/libtiff/tif_next.c
+@@ -141,10 +141,27 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s)
+ return (0);
+ }
+
++static int
++NeXTPreDecode(TIFF* tif, uint16 s)
++{
++ static const char module[] = "NeXTPreDecode";
++ TIFFDirectory *td = &tif->tif_dir;
++ (void)s;
++
++ if( td->td_bitspersample != 2 )
++ {
++ TIFFErrorExt(tif->tif_clientdata, module, "Unsupported BitsPerSample = %d",
++ td->td_bitspersample);
++ return (0);
++ }
++ return (1);
++}
++
+ int
+ TIFFInitNeXT(TIFF* tif, int scheme)
+ {
+ (void) scheme;
++ tif->tif_predecode = NeXTPreDecode;
+ tif->tif_decoderow = NeXTDecode;
+ tif->tif_decodestrip = NeXTDecode;
+ tif->tif_decodetile = NeXTDecode;
diff --git a/gnu/packages/patches/libtiff-CVE-2014-9330.patch b/gnu/packages/patches/libtiff-CVE-2014-9330.patch
new file mode 100644
index 0000000000..c3c5fc0367
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-9330.patch
@@ -0,0 +1,47 @@
+Copied from Debian
+
+Description: CVE-2014-9330
+ Integer overflow in bmp2tiff
+Origin: upstream, http://bugzilla.maptools.org/show_bug.cgi?id=2494
+Bug: http://bugzilla.maptools.org/show_bug.cgi?id=2494
+Bug-Debian: http://bugs.debian.org/773987
+
+Index: tiff/tools/bmp2tiff.c
+===================================================================
+--- tiff.orig/tools/bmp2tiff.c
++++ tiff/tools/bmp2tiff.c
+@@ -1,4 +1,4 @@
+-/* $Id: bmp2tiff.c,v 1.23 2010-03-10 18:56:49 bfriesen Exp $
++/* $Id: bmp2tiff.c,v 1.24 2014-12-21 15:15:32 erouault Exp $
+ *
+ * Project: libtiff tools
+ * Purpose: Convert Windows BMP files in TIFF.
+@@ -403,6 +403,13 @@ main(int argc, char* argv[])
+
+ width = info_hdr.iWidth;
+ length = (info_hdr.iHeight > 0) ? info_hdr.iHeight : -info_hdr.iHeight;
++ if( width <= 0 || length <= 0 )
++ {
++ TIFFError(infilename,
++ "Invalid dimensions of BMP file" );
++ close(fd);
++ return -1;
++ }
+
+ switch (info_hdr.iBitCount)
+ {
+@@ -593,6 +600,14 @@ main(int argc, char* argv[])
+
+ compr_size = file_hdr.iSize - file_hdr.iOffBits;
+ uncompr_size = width * length;
++ /* Detect int overflow */
++ if( uncompr_size / width != length )
++ {
++ TIFFError(infilename,
++ "Invalid dimensions of BMP file" );
++ close(fd);
++ return -1;
++ }
+ comprbuf = (unsigned char *) _TIFFmalloc( compr_size );
+ if (!comprbuf) {
+ TIFFError(infilename,
diff --git a/gnu/packages/patches/libtiff-CVE-2014-9655.patch b/gnu/packages/patches/libtiff-CVE-2014-9655.patch
new file mode 100644
index 0000000000..065804d03a
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2014-9655.patch
@@ -0,0 +1,88 @@
+Copied from Debian
+
+From 40a5955cbf0df62b1f9e9bd7d9657b0070725d19 Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Mon, 29 Dec 2014 12:09:11 +0000
+Subject: [PATCH] * libtiff/tif_next.c: add new tests to check that we don't
+ read outside of the compressed input stream buffer.
+
+* libtiff/tif_getimage.c: in OJPEG case, fix checks on strile width/height
+---
+ ChangeLog | 9 +++++++++
+ libtiff/tif_getimage.c | 12 +++++++-----
+ libtiff/tif_next.c | 4 +++-
+ 3 files changed, 19 insertions(+), 6 deletions(-)
+
+diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
+index a4f46d9..3ad8ee7 100644
+--- a/libtiff/tif_getimage.c
++++ b/libtiff/tif_getimage.c
+@@ -1871,7 +1871,7 @@ DECLAREContigPutFunc(putcontig8bitYCbCr42tile)
+
+ (void) y;
+ fromskew = (fromskew * 10) / 4;
+- if ((h & 3) == 0 && (w & 1) == 0) {
++ if ((w & 3) == 0 && (h & 1) == 0) {
+ for (; h >= 2; h -= 2) {
+ x = w>>2;
+ do {
+@@ -1948,7 +1948,7 @@ DECLAREContigPutFunc(putcontig8bitYCbCr41tile)
+ /* XXX adjust fromskew */
+ do {
+ x = w>>2;
+- do {
++ while(x>0) {
+ int32 Cb = pp[4];
+ int32 Cr = pp[5];
+
+@@ -1959,7 +1959,8 @@ DECLAREContigPutFunc(putcontig8bitYCbCr41tile)
+
+ cp += 4;
+ pp += 6;
+- } while (--x);
++ x--;
++ }
+
+ if( (w&3) != 0 )
+ {
+@@ -2050,7 +2051,7 @@ DECLAREContigPutFunc(putcontig8bitYCbCr21tile)
+ fromskew = (fromskew * 4) / 2;
+ do {
+ x = w>>1;
+- do {
++ while(x>0) {
+ int32 Cb = pp[2];
+ int32 Cr = pp[3];
+
+@@ -2059,7 +2060,8 @@ DECLAREContigPutFunc(putcontig8bitYCbCr21tile)
+
+ cp += 2;
+ pp += 4;
+- } while (--x);
++ x --;
++ }
+
+ if( (w&1) != 0 )
+ {
+diff --git a/libtiff/tif_next.c b/libtiff/tif_next.c
+index d834196..dd669cc 100644
+--- a/libtiff/tif_next.c
++++ b/libtiff/tif_next.c
+@@ -71,7 +71,7 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s)
+ TIFFErrorExt(tif->tif_clientdata, module, "Fractional scanlines cannot be read");
+ return (0);
+ }
+- for (row = buf; occ > 0; occ -= scanline, row += scanline) {
++ for (row = buf; cc > 0 && occ > 0; occ -= scanline, row += scanline) {
+ n = *bp++, cc--;
+ switch (n) {
+ case LITERALROW:
+@@ -90,6 +90,8 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s)
+ * The scanline has a literal span that begins at some
+ * offset.
+ */
++ if( cc < 4 )
++ goto bad;
+ off = (bp[0] * 256) + bp[1];
+ n = (bp[2] * 256) + bp[3];
+ if (cc < 4+n || off+n > scanline)
diff --git a/gnu/packages/patches/patch-hurd-path-max.patch b/gnu/packages/patches/patch-hurd-path-max.patch
new file mode 100644
index 0000000000..81e37930c2
--- /dev/null
+++ b/gnu/packages/patches/patch-hurd-path-max.patch
@@ -0,0 +1,48 @@
+See <http://lists.gnu.org/archive/html/bug-patch/2015-06/msg00009.html>
+
+From 0507dfad5f060161f01840067e1bb1615257b636 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
+Date: Mon, 8 Jun 2015 17:27:56 +0200
+Subject: [PATCH] Do not rely on PATH_MAX when reading a symlink target.
+
+* src/util.c (move_file, copy_file): Use 'fromst->st_size + 1' and
+'tost->st_size + 1' for the allocation, and 'fromst->st_size' and
+'tost->st_size' instead of PATH_MAX. Fixes compilation on GNU/Hurd.
+---
+ src/util.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/util.c b/src/util.c
+index 82a7e37..c4c0f9d 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -460,12 +460,12 @@ move_file (char const *from, bool *from_needs_removal,
+
+ /* FROM contains the contents of the symlink we have patched; need
+ to convert that back into a symlink. */
+- char *buffer = xmalloc (PATH_MAX);
++ char *buffer = xmalloc (fromst->st_size + 1);
+ int fd, size = 0, i;
+
+ if ((fd = safe_open (from, O_RDONLY | O_BINARY, 0)) < 0)
+ pfatal ("Can't reopen file %s", quotearg (from));
+- while ((i = read (fd, buffer + size, PATH_MAX - size)) > 0)
++ while ((i = read (fd, buffer + size, fromst->st_size - size)) > 0)
+ size += i;
+ if (i != 0 || close (fd) != 0)
+ read_fatal ();
+@@ -610,9 +610,9 @@ copy_file (char const *from, char const *to, struct stat *tost,
+
+ if (S_ISLNK (mode))
+ {
+- char *buffer = xmalloc (PATH_MAX);
++ char *buffer = xmalloc (tost->st_size + 1);
+
+- if (safe_readlink (from, buffer, PATH_MAX) < 0)
++ if (safe_readlink (from, buffer, tost->st_size) < 0)
+ pfatal ("Can't read %s %s", "symbolic link", from);
+ if (safe_symlink (buffer, to) != 0)
+ pfatal ("Can't create %s %s", "symbolic link", to);
+--
+2.4.2
+
diff --git a/gnu/packages/patches/sed-hurd-path-max.patch b/gnu/packages/patches/sed-hurd-path-max.patch
new file mode 100644
index 0000000000..5226cba4cb
--- /dev/null
+++ b/gnu/packages/patches/sed-hurd-path-max.patch
@@ -0,0 +1,34 @@
+7bb8d35d0330161a5af5341471d0c183a067e8c2
+Author: Jose E. Marchesi <jemarch@gnu.org>
+Date: Sun Oct 6 14:43:38 2013 +0200
+
+ Set PATH_MAX to some constant in case it is not defined in system
+ headers.
+
+ 2013-10-06 Jose E. Marchesi <jemarch@gnu.org>
+
+ * basicdefs.h (PATH_MAX): Defined to some constant in case it is
+ not defined by system headers.
+ * sed/utils.c: Do not include pathmax.h anymore.
+ * bootstrap.conf (gnulib_modules): Do not use the gnulib module
+ pathmax.
+
+diff --git a/basicdefs.h b/basicdefs.h
+index 0d28a97..09f5beb 100644
+--- a/basicdefs.h
++++ b/basicdefs.h
+@@ -40,6 +41,13 @@ typedef unsigned long countT;
+ #define obstack_chunk_alloc ck_malloc
+ #define obstack_chunk_free free
+
++/* MAX_PATH is not defined in some platforms, most notably GNU/Hurd.
++ In that case we define it here to some constant. Note however that
++ this relies in the fact that sed does reallocation if a buffer
++ needs to be larger than PATH_MAX. */
++#ifndef PATH_MAX
++# define PATH_MAX 200
++#endif
+
+ /* handle misdesigned <ctype.h> macros (snarfed from lib/regex.c) */
+ /* Jim Meyering writes:
+
diff --git a/gnu/packages/patches/tar-d_ino_in_dirent-fix.patch b/gnu/packages/patches/tar-d_ino_in_dirent-fix.patch
new file mode 100644
index 0000000000..39d8e2b20a
--- /dev/null
+++ b/gnu/packages/patches/tar-d_ino_in_dirent-fix.patch
@@ -0,0 +1,33 @@
+commit e9ddc08da0982f36581ae5a8c7763453ff41cfe8
+Author: Sergey Poznyakoff <gray@gnu.org>
+Date: Thu Sep 25 00:22:16 2014 +0300
+
+ Bugfixes.
+
+ * doc/tar.1: Fix typo in font spec.
+ * src/tar.c (sort_mode_arg, sort_mode_flag): Protect "inode"
+ (SAVEDIR_SORT_INODE) with D_INO_IN_DIRENT
+
+diff --git a/src/tar.c b/src/tar.c
+index 225c624..f8102e0 100644
+--- a/src/tar.c
++++ b/src/tar.c
+@@ -1341,14 +1341,18 @@ static char filename_terminator;
+ static char const *const sort_mode_arg[] = {
+ "none",
+ "name",
++#if D_INO_IN_DIRENT
+ "inode",
++#endif
+ NULL
+ };
+
+ static int sort_mode_flag[] = {
+ SAVEDIR_SORT_NONE,
+ SAVEDIR_SORT_NAME,
++#if D_INO_IN_DIRENT
+ SAVEDIR_SORT_INODE
++#endif
+ };
+
+ ARGMATCH_VERIFY (sort_mode_arg, sort_mode_flag); \ No newline at end of file
diff --git a/gnu/packages/patches/tar-skip-unreliable-tests.patch b/gnu/packages/patches/tar-skip-unreliable-tests.patch
new file mode 100644
index 0000000000..27f0d7df11
--- /dev/null
+++ b/gnu/packages/patches/tar-skip-unreliable-tests.patch
@@ -0,0 +1,32 @@
+Skip tests that rely on unlinkat(2) behavior that varies between
+kernel versions and is unspecified.
+
+See <http://bugs.gnu.org/20597>
+and <http://lists.gnu.org/archive/html/bug-tar/2015-06/msg00000.html>.
+
+--- tar-1.28/tests/testsuite 2014-07-27 22:35:27.000000000 +0200
++++ tar-1.28/tests/testsuite 2015-06-16 00:21:16.906380739 +0200
+@@ -34680,6 +34680,7 @@ find .
+ )"
+ at_fn_check_prepare_notrace 'an embedded newline' "remfiles08a.at:31"
+ ( $at_check_trace;
++exit 77
+ mkdir gnu
+ (cd gnu
+ TEST_TAR_FORMAT=gnu
+@@ -34762,6 +34763,7 @@ find .
+ )"
+ at_fn_check_prepare_notrace 'an embedded newline' "remfiles08b.at:36"
+ ( $at_check_trace;
++exit 77
+ mkdir gnu
+ (cd gnu
+ TEST_TAR_FORMAT=gnu
+@@ -34850,6 +34852,7 @@ find .
+ )"
+ at_fn_check_prepare_notrace 'a `...` command substitution' "remfiles08c.at:31"
+ ( $at_check_trace;
++exit 77
+ mkdir gnu
+ (cd gnu
+ TEST_TAR_FORMAT=gnu
diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm
index ec6f89a626..3d28455405 100644
--- a/gnu/packages/perl.scm
+++ b/gnu/packages/perl.scm
@@ -51,28 +51,39 @@
(arguments
'(#:tests? #f
#:phases
- (alist-replace
- 'configure
- (lambda* (#:key inputs outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out"))
- (libc (assoc-ref inputs "libc")))
- ;; Use the right path for `pwd'.
- (substitute* "dist/Cwd/Cwd.pm"
- (("/bin/pwd")
- (which "pwd")))
-
- (zero?
- (system* "./Configure"
- (string-append "-Dprefix=" out)
- (string-append "-Dman1dir=" out "/share/man/man1")
- (string-append "-Dman3dir=" out "/share/man/man3")
- "-de" "-Dcc=gcc"
- "-Uinstallusrbinperl"
- "-Dinstallstyle=lib/perl5"
- "-Duseshrplib"
- (string-append "-Dlocincpth=" libc "/include")
- (string-append "-Dloclibpth=" libc "/lib")))))
- %standard-phases)))
+ (modify-phases %standard-phases
+ (replace
+ 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out"))
+ (libc (assoc-ref inputs "libc")))
+ ;; Use the right path for `pwd'.
+ (substitute* "dist/Cwd/Cwd.pm"
+ (("/bin/pwd")
+ (which "pwd")))
+
+ (zero?
+ (system* "./Configure"
+ (string-append "-Dprefix=" out)
+ (string-append "-Dman1dir=" out "/share/man/man1")
+ (string-append "-Dman3dir=" out "/share/man/man3")
+ "-de" "-Dcc=gcc"
+ "-Uinstallusrbinperl"
+ "-Dinstallstyle=lib/perl5"
+ "-Duseshrplib"
+ (string-append "-Dlocincpth=" libc "/include")
+ (string-append "-Dloclibpth=" libc "/lib"))))))
+
+ (add-before
+ 'strip 'make-shared-objects-writable
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; The 'lib/perl5' directory contains ~50 MiB of .so. Make them
+ ;; writable so that 'strip' actually strips them.
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib")))
+ (for-each (lambda (dso)
+ (chmod dso #o755))
+ (find-files lib "\\.so$"))))))))
(native-search-paths (list (search-path-specification
(variable "PERL5LIB")
(files '("lib/perl5/site_perl")))))
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index a7925d9aa6..c4ec33e2d7 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
@@ -34,6 +35,7 @@
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
#:use-module (guix build-system perl)
+ #:use-module (guix build-system python)
#:use-module (gnu packages linux))
(define-public expat
@@ -59,22 +61,19 @@ things the parser might find in the XML document (like start tags).")
(define-public libxml2
(package
(name "libxml2")
- (version "2.9.0")
+ (version "2.9.2")
(source (origin
(method url-fetch)
(uri (string-append "ftp://xmlsoft.org/libxml2/libxml2-"
version ".tar.gz"))
(sha256
(base32
- "10ib8bpar2pl68aqksfinvfmqknwnk7i35ibq6yjl8dpb0cxj9dd"))))
+ "1g6mf03xcabmk5ing1lwqmasr803616gb2xhn7pll10x2l5w6y2i"))))
(build-system gnu-build-system)
(home-page "http://www.xmlsoft.org/")
(synopsis "C parser for XML")
(propagated-inputs `(("zlib" ,zlib))) ; libxml2.la says '-lz'.
- (native-inputs `(("perl" ,perl)
- ("python" ,python-2))) ; incompatible with Python 3 (print syntax)
-
-
+ (native-inputs `(("perl" ,perl)))
;; $XML_CATALOG_FILES lists 'catalog.xml' files found in under the 'xml'
;; sub-directory of any given package.
(native-search-paths (list (search-path-specification
@@ -84,29 +83,40 @@ things the parser might find in the XML document (like start tags).")
(file-pattern "^catalog\\.xml$")
(file-type 'regular))))
(search-paths native-search-paths)
-
- (arguments
- `(#:phases
- (alist-replace
- 'install
- (lambda* (#:key inputs outputs #:allow-other-keys #:rest args)
- (let ((install (assoc-ref %standard-phases 'install))
- (glibc (assoc-ref inputs ,(if (%current-target-system)
- "cross-libc" "libc")))
- (out (assoc-ref outputs "out")))
- (apply install args)
- (chdir "python")
- (substitute* "setup.py"
- (("/opt/include")
- (string-append glibc "/include")))
- (system* "python" "setup.py" "install"
- (string-append "--prefix=" out))))
- %standard-phases)))
(description
"Libxml2 is the XML C parser and toolkit developed for the Gnome project
(but it is usable outside of the Gnome platform).")
(license license:x11)))
+(define-public python-libxml2
+ (package (inherit libxml2)
+ (name "python-libxml2")
+ (build-system python-build-system)
+ (arguments
+ `(;; XXX: Tests are specified in 'Makefile.am', but not in 'setup.py'.
+ #:tests? #f
+ #:phases
+ (modify-phases %standard-phases
+ (add-before
+ 'build 'configure
+ (lambda* (#:key inputs #:allow-other-keys)
+ (chdir "python")
+ (let ((glibc (assoc-ref inputs ,(if (%current-target-system)
+ "cross-libc" "libc")))
+ (libxml2 (assoc-ref inputs "libxml2")))
+ (substitute* "setup.py"
+ ;; For 'libxml2/libxml/tree.h'.
+ (("ROOT = r'/usr'")
+ (format #f "ROOT = r'~a'" libxml2))
+ ;; For 'iconv.h'.
+ (("/opt/include")
+ (string-append glibc "/include")))))))))
+ (inputs `(("libxml2" ,libxml2)))
+ (synopsis "Python bindings for the libxml2 library")))
+
+(define-public python2-libxml2
+ (package-with-python2 python-libxml2))
+
(define-public libxslt
(package
(name "libxslt")
diff --git a/guix/packages.scm b/guix/packages.scm
index c900541e53..5a280857ea 100644
--- a/guix/packages.scm
+++ b/guix/packages.scm
@@ -316,8 +316,11 @@ representation."
(string-append (package-name package) "-" (package-version package)))
(define (%standard-patch-inputs)
- (let ((ref (lambda (module var)
- (module-ref (resolve-interface module) var))))
+ (let* ((canonical (module-ref (resolve-interface '(gnu packages base))
+ 'canonical-package))
+ (ref (lambda (module var)
+ (canonical
+ (module-ref (resolve-interface module) var)))))
`(("tar" ,(ref '(gnu packages base) 'tar))
("xz" ,(ref '(gnu packages compression) 'xz))
("bzip2" ,(ref '(gnu packages compression) 'bzip2))
@@ -325,8 +328,7 @@ representation."
("lzip" ,(ref '(gnu packages compression) 'lzip))
("unzip" ,(ref '(gnu packages zip) 'unzip))
("patch" ,(ref '(gnu packages base) 'patch))
- ("locales" ,(ref '(gnu packages commencement)
- 'glibc-utf8-locales-final)))))
+ ("locales" ,(ref '(gnu packages base) 'glibc-utf8-locales)))))
(define (default-guile)
"Return the default Guile package used to run the build code of
@@ -446,7 +448,7 @@ IMPORTED-MODULES specify modules to use/import for use by SNIPPET."
;; SOURCE may be either a directory or a tarball.
(and (if (file-is-directory? #+source)
- (let* ((store (or (getenv "NIX_STORE") "/gnu/store"))
+ (let* ((store (%store-directory))
(len (+ 1 (string-length store)))
(base (string-drop #+source len))
(dash (string-index base #\-))
generated by cgit v1.2.3 (git 2.45.0) at 2024-11-18 21:56:49 +0000