From f978ecc43e7748b22014ee4db63dce5c16dbb7d5 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Sun, 24 Mar 2024 01:38:18 +0100 Subject: [PATCH 1/2] procps: 3.3.17 -> 4.0.4 Changes: https://gitlab.com/procps-ng/procps/-/releases/v4.0.0 https://gitlab.com/procps-ng/procps/-/releases/v4.0.3 https://gitlab.com/procps-ng/procps/-/releases/v4.0.4 --- pkgs/os-specific/linux/procps-ng/default.nix | 21 ++----- .../linux/procps-ng/v3-CVE-2023-4016.patch | 63 ------------------- 2 files changed, 5 insertions(+), 79 deletions(-) delete mode 100644 pkgs/os-specific/linux/procps-ng/v3-CVE-2023-4016.patch diff --git a/pkgs/os-specific/linux/procps-ng/default.nix b/pkgs/os-specific/linux/procps-ng/default.nix index 32a7f7865b12..d54b7703e2df 100644 --- a/pkgs/os-specific/linux/procps-ng/default.nix +++ b/pkgs/os-specific/linux/procps-ng/default.nix @@ -3,7 +3,7 @@ , fetchurl , ncurses , pkg-config -, fetchpatch +, autoreconfHook # `ps` with systemd support is able to properly report different # attributes like unit name, so we want to have it on linux. @@ -22,29 +22,17 @@ stdenv.mkDerivation rec { pname = "procps"; - version = "3.3.17"; + version = "4.0.4"; # The project's releases are on SF, but git repo on gitlab. src = fetchurl { url = "mirror://sourceforge/procps-ng/procps-ng-${version}.tar.xz"; - sha256 = "sha256-RRiz56r9NOwH0AY9JQ/UdJmbILIAIYw65W9dIRPxQbQ="; + hash = "sha256-IocNb+skeK22F85PCaeHrdry0mDFqKp7F9iJqWLF5C4="; }; - patches = [ - ./v3-CVE-2023-4016.patch - ] ++ lib.optionals stdenv.hostPlatform.isMusl [ - # NOTE: Starting from 4.x we will not need a patch anymore, but need to add - # "--disable-w" to configureFlags instead to prevent the utmp errors - (fetchpatch { - name = "musl-fix-includes.patch"; - url = "https://git.alpinelinux.org/aports/plain/main/procps/musl-fixes.patch?id=37cb5b6ef194db66d9ed07c8ecab59bca3b91215"; - sha256 = "sha256-DphAvESmVg1U3bJABU95R++QD34odStCl82EF0vmht0="; - }) - ]; - buildInputs = [ ncurses ] ++ lib.optional withSystemd systemd; - nativeBuildInputs = [ pkg-config ]; + nativeBuildInputs = [ pkg-config autoreconfHook ]; makeFlags = [ "usrbin_execdir=$(out)/bin" ] ++ lib.optionals watchOnly [ "watch" "PKG_LDFLAGS=" ]; @@ -54,6 +42,7 @@ stdenv.mkDerivation rec { # Too red; 8bit support for fixing https://github.com/NixOS/nixpkgs/issues/275220 configureFlags = [ "--disable-modern-top" "--enable-watch8bit" ] ++ lib.optional withSystemd "--with-systemd" + ++ lib.optional stdenv.hostPlatform.isMusl "--disable-w" ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "ac_cv_func_malloc_0_nonnull=yes" "ac_cv_func_realloc_0_nonnull=yes" diff --git a/pkgs/os-specific/linux/procps-ng/v3-CVE-2023-4016.patch b/pkgs/os-specific/linux/procps-ng/v3-CVE-2023-4016.patch deleted file mode 100644 index 2e260eaf7382..000000000000 --- a/pkgs/os-specific/linux/procps-ng/v3-CVE-2023-4016.patch +++ /dev/null @@ -1,63 +0,0 @@ -This is https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413.diff -back-ported to procps 3.3.17. That commit changes xmalloc to xcalloc. This patch differs in two ways: - -* We modify it to change malloc (no x-) to xcalloc instead -* We pull in procps-4's definition of xcalloc - -Alternative considered: Also pull in commits that changed malloc to xmalloc and defined xcalloc. -This alternative is rejected because those commits contain many other unrelated changes. - -diff --git a/ps/parser.c b/ps/parser.c -index 4263a1fb..ee9a57d9 100644 ---- a/ps/parser.c -+++ b/ps/parser.c -@@ -36,6 +36,14 @@ - #include "common.h" - #include "c.h" - -+static void *xxcalloc(const size_t nelems, const size_t size) -+{ -+ void *ret = calloc(nelems, size); -+ if (!ret && size && nelems) -+ xerrx(EXIT_FAILURE, "cannot allocate %zu bytes", nelems*size); -+ return ret; -+} -+ - #define ARG_GNU 0 - #define ARG_END 1 - #define ARG_PGRP 2 -@@ -184,7 +192,6 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s - const char *err; /* error code that could or did happen */ - /*** prepare to operate ***/ - node = malloc(sizeof(selection_node)); -- node->u = malloc(strlen(arg)*sizeof(sel_union)); /* waste is insignificant */ - node->n = 0; - buf = strdup(arg); - /*** sanity check and count items ***/ -@@ -205,6 +212,7 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s - } while (*++walk); - if(need_item) goto parse_error; - node->n = items; -+ node->u = xxcalloc(items, sizeof(sel_union)); - /*** actually parse the list ***/ - walk = buf; - while(items--){ -@@ -1031,15 +1039,15 @@ static const char *parse_trailing_pids(void){ - thisarg = ps_argc - 1; /* we must be at the end now */ - - pidnode = malloc(sizeof(selection_node)); -- pidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */ -+ pidnode->u = xxcalloc(i, sizeof(sel_union)); /* waste is insignificant */ - pidnode->n = 0; - - grpnode = malloc(sizeof(selection_node)); -- grpnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */ -+ grpnode->u = xxcalloc(i, sizeof(sel_union)); /* waste is insignificant */ - grpnode->n = 0; - - sidnode = malloc(sizeof(selection_node)); -- sidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */ -+ sidnode->u = xxcalloc(i, sizeof(sel_union)); /* waste is insignificant */ - sidnode->n = 0; - - while(i--){ From 8878d5a6826c6458c2f85e3d62506dd36017d26f Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Sun, 30 Jun 2024 18:48:49 +0200 Subject: [PATCH 2/2] procps: remove typeteris from the maintainers https://github.com/NixOS/nixpkgs/pull/298505#issuecomment-2198112591 --- pkgs/os-specific/linux/procps-ng/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/procps-ng/default.nix b/pkgs/os-specific/linux/procps-ng/default.nix index d54b7703e2df..6d9bcf9a3a0b 100644 --- a/pkgs/os-specific/linux/procps-ng/default.nix +++ b/pkgs/os-specific/linux/procps-ng/default.nix @@ -65,6 +65,6 @@ stdenv.mkDerivation rec { priority = 11; # less than coreutils, which also provides "kill" and "uptime" license = licenses.gpl2Plus; platforms = platforms.unix; - maintainers = [ maintainers.typetetris ]; + maintainers = [ ]; }; }