tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / development / libraries / audiofile / default.nix
at fix-function-merge 97 lines 3.5 kB view raw
1{ stdenv, lib, fetchurl, fetchpatch, alsa-lib, AudioUnit, CoreServices }: 2 3let 4 5 fetchDebianPatch = { name, debname, sha256 }: 6 fetchpatch { 7 inherit sha256 name; 8 url = "https://salsa.debian.org/multimedia-team/audiofile/raw/debian/0.3.6-4/debian/patches/${debname}"; 9 }; 10 11in 12 13stdenv.mkDerivation rec { 14 pname = "audiofile"; 15 version = "0.3.6"; 16 17 buildInputs = 18 lib.optionals stdenv.isLinux [ 19 alsa-lib 20 ] ++ lib.optionals stdenv.isDarwin [ 21 CoreServices AudioUnit 22 ]; 23 24 src = fetchurl { 25 url = "https://audiofile.68k.org/audiofile-${version}.tar.gz"; 26 sha256 = "0rb927zknk9kmhprd8rdr4azql4gn2dp75a36iazx2xhkbqhvind"; 27 }; 28 29 outputs = [ "out" "dev" "man" ]; 30 31 # std::unary_function has been removed in c++17 32 makeFlags = [ "CXXFLAGS=-std=c++11" ]; 33 34 # Even when statically linking, libstdc++.la is put in dependency_libs here, 35 # and hence libstdc++.so passed to the linker, just pass -lstdc++ and let the 36 # compiler do what it does best. (libaudiofile.la is a generated file, so we 37 # have to run `make` that far first). 38 # 39 # Without this, the executables in this package (sfcommands and examples) 40 # fail to build: https://github.com/NixOS/nixpkgs/issues/103215 41 # 42 # There might be a more sensible way to do this with autotools, but I am not 43 # smart enough to discover it. 44 preBuild = lib.optionalString stdenv.hostPlatform.isStatic '' 45 make -C libaudiofile $makeFlags 46 sed -i "s/dependency_libs=.*/dependency_libs=' -lstdc++'/" libaudiofile/libaudiofile.la 47 ''; 48 49 patches = [ 50 ./gcc-6.patch 51 ./CVE-2015-7747.patch 52 53 (fetchDebianPatch { 54 name = "CVE-2017-6829.patch"; 55 debname = "04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch"; 56 sha256 = "04qxl51i64c53v69q2kx61qdq474f4vapk8rq97cipj7yrar392m"; 57 }) 58 (fetchDebianPatch { 59 name = "CVE-2017-6827+CVE-2017-6828+CVE-2017-6832+CVE-2017-6835+CVE-2017-6837.patch"; 60 debname = "05_Always-check-the-number-of-coefficients.patch"; 61 sha256 = "1ih03kfkabffi6ymp6832q470i28rsds78941vzqlshnqjb2nnxw"; 62 }) 63 (fetchDebianPatch { 64 name = "CVE-2017-6839.patch"; 65 debname = "06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch"; 66 sha256 = "0a8s2z8rljlj03p7l1is9s4fml8vyzvyvfrh1m6xj5a8vbi635d0"; 67 }) 68 (fetchDebianPatch { 69 name = "CVE-2017-6830+CVE-2017-6834+CVE-2017-6836+CVE-2017-6838.patch"; 70 debname = "07_Check-for-multiplication-overflow-in-sfconvert.patch"; 71 sha256 = "0rfba8rkasl5ycvc0kqlzinkl3rvyrrjvjhpc45h423wmjk2za2l"; 72 }) 73 (fetchDebianPatch { 74 name = "audiofile-fix-multiplyCheckOverflow-signature.patch"; 75 debname = "08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch"; 76 sha256 = "032p5jqp7q7jgc5axdnazz00zm7hd26z6m5j55ifs0sykr5lwldb"; 77 }) 78 (fetchDebianPatch { 79 name = "CVE-2017-6831.patch"; 80 debname = "09_Actually-fail-when-error-occurs-in-parseFormat.patch"; 81 sha256 = "0csikmj8cbiy6cigg0rmh67jrr0sgm56dfrnrxnac3m9635nxlac"; 82 }) 83 (fetchDebianPatch { 84 name = "CVE-2017-6833.patch"; 85 debname = "10_Check-for-division-by-zero-in-BlockCodec-runPull.patch"; 86 sha256 = "1rlislkjawq98bbcf1dgl741zd508wwsg85r37ca7pfdf6wgl6z7"; 87 }) 88 ]; 89 90 meta = with lib; { 91 description = "Library for reading and writing audio files in various formats"; 92 homepage = "http://www.68k.org/~michael/audiofile/"; 93 license = licenses.lgpl21Plus; 94 maintainers = with maintainers; [ lovek323 ]; 95 platforms = platforms.unix; 96 }; 97}