Skip to content

libiconv-darwin: fix crash and add support for static builds#315180

Merged
vcunat merged 2 commits intoNixOS:stagingfrom
reckenrode:libiconv-darwin-fixes
May 31, 2024
Merged

libiconv-darwin: fix crash and add support for static builds#315180
vcunat merged 2 commits intoNixOS:stagingfrom
reckenrode:libiconv-darwin-fixes

Conversation

@reckenrode
Copy link
Contributor

@reckenrode reckenrode commented May 27, 2024

Description of changes

Two fixes for Darwin’s libiconv:

  • Enables support for static builds; and
  • Fixes a crash when converting to ISO-2022 when an escape sequence would be required.

The crash seems similar to https://www.ambionics.io/blog/iconv-cve-2024-2961-p1. It appears to be fixed in macOS 14.5, but it’s not listed in https://support.apple.com/en-us/HT214106.

The patch can be dropped once the corresponding source release is available.

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@reckenrode reckenrode mentioned this pull request May 27, 2024
Closed
13 tasks
@ofborg ofborg bot added 6.topic: darwin Running or building packages on Darwin 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild on Darwin and must target a staging branch. 11.by: package-maintainer This PR was created by a maintainer of all the package it changes. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux. labels May 27, 2024
reckenrode added 2 commits May 29, 2024 16:58
@reckenrode
libiconv-darwin: add support for static builds
067ad05
@reckenrode
libiconv-darwin: fix ISO-2022 with escape sequences crash
edfc324 
This appears to be fixed in macOS 14.5, but the source release is not yet available.
@reckenrode reckenrode force-pushed the libiconv-darwin-fixes branch from f22983b to edfc324 Compare May 29, 2024 20:58
@reckenrode
Copy link
Contributor Author

reckenrode commented May 29, 2024

Force push fixed a missing file for static builds.

@vcunat vcunat merged commit 0579b18 into NixOS:staging May 31, 2024
@github-actions
Copy link
Contributor

github-actions bot commented May 31, 2024

Successfully created backport PR for staging-24.05:

@github-actions github-actions bot mentioned this pull request May 31, 2024
Merged
1 task
@vcunat
Copy link
Member

vcunat commented May 31, 2024

I'll trust that you know what you're doing here.

@reckenrode reckenrode deleted the libiconv-darwin-fixes branch May 31, 2024 13:15
@skulldogged skulldogged mentioned this pull request Jun 17, 2024
Closed
@reckenrode reckenrode mentioned this pull request Oct 5, 2024
Merged
52 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

6.topic: darwin Running or building packages on Darwin 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild on Darwin and must target a staging branch. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux. 11.by: package-maintainer This PR was created by a maintainer of all the package it changes.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@reckenrode @vcunat