From 48abd130217bd1645fefc4ca1817862672c6d782 Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Tue, 26 Aug 2014 12:00:26 -0400
Subject: gnu: file: Update to 5.19; add fix for CVE-2014-3587.

* gnu/packages/patches/file-CVE-2014-3587.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/file.scm (file): Update to 5.19.  Add patch.
---
 gnu-system.am                                 |  1 +
 gnu/packages/file.scm                         |  5 +++--
 gnu/packages/patches/file-CVE-2014-3587.patch | 16 ++++++++++++++++
 3 files changed, 20 insertions(+), 2 deletions(-)
 create mode 100644 gnu/packages/patches/file-CVE-2014-3587.patch

diff --git a/gnu-system.am b/gnu-system.am
index 86937749c7..f24da850c2 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -299,6 +299,7 @@ dist_patch_DATA =						\
   gnu/packages/patches/doxygen-test.patch			\
   gnu/packages/patches/doxygen-tmake.patch			\
   gnu/packages/patches/emacs-configure-sh.patch			\
+  gnu/packages/patches/file-CVE-2014-3587.patch			\
   gnu/packages/patches/findutils-absolute-paths.patch		\
   gnu/packages/patches/flashrom-use-libftdi1.patch		\
   gnu/packages/patches/flex-bison-tests.patch			\
diff --git a/gnu/packages/file.scm b/gnu/packages/file.scm
index 067f20e67c..601b158128 100644
--- a/gnu/packages/file.scm
+++ b/gnu/packages/file.scm
@@ -27,13 +27,14 @@
 (define-public file
   (package
    (name "file")
-   (version "5.18")
+   (version "5.19")
    (source (origin
             (method url-fetch)
             (uri (string-append "ftp://ftp.astron.com/pub/file/file-"
                    version ".tar.gz"))
             (sha256 (base32
-                     "01xz106biz6x4h5ilymg5v3367djvgnfp4lm87132cjqdmqgn6b5"))))
+                     "0z1sgrcfy6d285kj5izy1yypf371bjl3247plh9ppk0svaxv714l"))
+            (patches (list (search-patch "file-CVE-2014-3587.patch")))))
    (build-system gnu-build-system)
    (synopsis "file, a file type guesser")
    (description
diff --git a/gnu/packages/patches/file-CVE-2014-3587.patch b/gnu/packages/patches/file-CVE-2014-3587.patch
new file mode 100644
index 0000000000..cf88bf5f3e
--- /dev/null
+++ b/gnu/packages/patches/file-CVE-2014-3587.patch
@@ -0,0 +1,16 @@
+Fixes CVE-2014-3587.  Copied from upstream commit
+0641e56be1af003aa02c7c6b0184466540637233.
+
+--- file-5.19/src/cdf.c.orig	2014-06-09 09:04:37.000000000 -0400
++++ file-5.19/src/cdf.c	2014-08-26 11:55:23.887118898 -0400
+@@ -824,6 +824,10 @@
+ 		q = (const uint8_t *)(const void *)
+ 		    ((const char *)(const void *)p + ofs
+ 		    - 2 * sizeof(uint32_t));
++		if (q < p) {
++			DPRINTF(("Wrapped around %p < %p\n", q, p));
++			goto out;
++		}
+ 		if (q > e) {
+ 			DPRINTF(("Ran of the end %p > %p\n", q, e));
+ 			goto out;
-- 
cgit v1.2.3