pkgs/development/libraries/audiofile/default.nix

   1 { stdenv, lib, fetchurl, fetchpatch, alsaLib, AudioUnit, CoreServices }:
   2
   3 let
   4
   5   fetchDebianPatch = { name, debname, sha256 }:
   6     fetchpatch {
   7       inherit sha256 name;
   8       url = "https://salsa.debian.org/multimedia-team/audiofile/raw/debian/0.3.6-4/debian/patches/${debname}";
   9     };
  10
  11 in
  12
  13 stdenv.mkDerivation rec {
  14   name = "audiofile-0.3.6";
  15
  16   buildInputs =
  17     lib.optionals stdenv.isLinux [
  18       alsaLib
  19     ] ++ lib.optionals stdenv.isDarwin [
  20       CoreServices AudioUnit
  21     ];
  22
  23   src = fetchurl {
  24     url = "https://audiofile.68k.org/${name}.tar.gz";
  25     sha256 = "0rb927zknk9kmhprd8rdr4azql4gn2dp75a36iazx2xhkbqhvind";
  26   };
  27
  28   # fix build with gcc9
  29   NIX_CFLAGS_LINK = lib.optional (stdenv.system == "i686-linux") "-lgcc";
  30
  31   # Even when statically linking, libstdc++.la is put in dependency_libs here,
  32   # and hence libstdc++.so passed to the linker, just pass -lstdc++ and let the
  33   # compiler do what it does best.  (libaudiofile.la is a generated file, so we
  34   # have to run `make` that far first).
  35   #
  36   # Without this, the executables in this package (sfcommands and examples)
  37   # fail to build: https://github.com/NixOS/nixpkgs/issues/103215
  38   #
  39   # There might be a more sensible way to do this with autotools, but I am not
  40   # smart enough to discover it.
  41   preBuild = lib.optionalString stdenv.hostPlatform.isStatic ''
  42     make -C libaudiofile $makeFlags
  43     sed -i "s/dependency_libs=.*/dependency_libs=' -lstdc++'/" libaudiofile/libaudiofile.la
  44   '';
  45
  46   patches = [
  47     ./gcc-6.patch
  48     ./CVE-2015-7747.patch
  49
  50     (fetchDebianPatch {
  51       name = "CVE-2017-6829.patch";
  52       debname = "04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch";
  53       sha256 = "04qxl51i64c53v69q2kx61qdq474f4vapk8rq97cipj7yrar392m";
  54     })
  55     (fetchDebianPatch {
  56       name = "CVE-2017-6827+CVE-2017-6828+CVE-2017-6832+CVE-2017-6835+CVE-2017-6837.patch";
  57       debname = "05_Always-check-the-number-of-coefficients.patch";
  58       sha256 = "1ih03kfkabffi6ymp6832q470i28rsds78941vzqlshnqjb2nnxw";
  59     })
  60     (fetchDebianPatch {
  61       name = "CVE-2017-6839.patch";
  62       debname = "06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch";
  63       sha256 = "0a8s2z8rljlj03p7l1is9s4fml8vyzvyvfrh1m6xj5a8vbi635d0";
  64     })
  65     (fetchDebianPatch {
  66       name = "CVE-2017-6830+CVE-2017-6834+CVE-2017-6836+CVE-2017-6838.patch";
  67       debname = "07_Check-for-multiplication-overflow-in-sfconvert.patch";
  68       sha256 = "0rfba8rkasl5ycvc0kqlzinkl3rvyrrjvjhpc45h423wmjk2za2l";
  69     })
  70     (fetchDebianPatch {
  71       name = "audiofile-fix-multiplyCheckOverflow-signature.patch";
  72       debname = "08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch";
  73       sha256 = "032p5jqp7q7jgc5axdnazz00zm7hd26z6m5j55ifs0sykr5lwldb";
  74     })
  75     (fetchDebianPatch {
  76       name = "CVE-2017-6831.patch";
  77       debname = "09_Actually-fail-when-error-occurs-in-parseFormat.patch";
  78       sha256 = "0csikmj8cbiy6cigg0rmh67jrr0sgm56dfrnrxnac3m9635nxlac";
  79     })
  80     (fetchDebianPatch {
  81       name = "CVE-2017-6833.patch";
  82       debname = "10_Check-for-division-by-zero-in-BlockCodec-runPull.patch";
  83       sha256 = "1rlislkjawq98bbcf1dgl741zd508wwsg85r37ca7pfdf6wgl6z7";
  84     })
  85   ];
  86
  87   meta = with lib; {
  88     description = "Library for reading and writing audio files in various formats";
  89     homepage    = "http://www.68k.org/~michael/audiofile/";
  90     license     = licenses.lgpl21Plus;
  91     maintainers = with maintainers; [ lovek323 ];
  92     platforms   = platforms.unix;
  93   };
  94 }