From 459bad4be414f25c60d57f286409958cf08002e4 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@darmstadt.ccc.de>
Date: Tue, 5 May 2020 23:54:05 +0200
Subject: [PATCH] =?UTF-8?q?graphicsmagick:=201.3.32=20=E2=86=92=201.3.35?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes: CVE-2020-10938
---
 .../1.3.32-darwin-png-strlcat-fix.patch       | 42 -------------------
 .../graphics/graphicsmagick/default.nix       |  5 +--
 2 files changed, 2 insertions(+), 45 deletions(-)
 delete mode 100644 pkgs/applications/graphics/graphicsmagick/1.3.32-darwin-png-strlcat-fix.patch

diff --git a/pkgs/applications/graphics/graphicsmagick/1.3.32-darwin-png-strlcat-fix.patch b/pkgs/applications/graphics/graphicsmagick/1.3.32-darwin-png-strlcat-fix.patch
deleted file mode 100644
index 91eacecbf8c..00000000000
--- a/pkgs/applications/graphics/graphicsmagick/1.3.32-darwin-png-strlcat-fix.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-# reduced version of commit f30492f40f78d867b43422215057dd21de4ba447
-# from upstream hg repository:
-RegisterPNGImage(): Pass correct size value to strlcat().
-
-diff -r 95c4711e8bee -r f30492f40f78 coders/png.c
---- a/coders/png.c	Mon Jun 17 07:24:30 2019 -0500
-+++ b/coders/png.c	Mon Jun 17 18:54:43 2019 -0500
-@@ -6427,26 +6427,26 @@
- 
-       *version='\0';
- #if defined(PNG_LIBPNG_VER_STRING)
--      (void) strlcat(version,"libpng ",MaxTextExtent);
--      (void) strlcat(version,PNG_LIBPNG_VER_STRING,MaxTextExtent);
-+      (void) strlcat(version,"libpng ",sizeof(version));
-+      (void) strlcat(version,PNG_LIBPNG_VER_STRING,sizeof(version));
- #if (PNG_LIBPNG_VER > 10005)
-       if (LocaleCompare(PNG_LIBPNG_VER_STRING,png_get_header_ver(NULL)) != 0)
-         {
--          (void) strlcat(version,",",MaxTextExtent);
--          (void) strlcat(version,png_get_libpng_ver(NULL),MaxTextExtent);
-+          (void) strlcat(version,",",sizeof(version));
-+          (void) strlcat(version,png_get_libpng_ver(NULL),sizeof(version));
-         }
- #endif
- #endif
- 
- #if defined(ZLIB_VERSION)
-       if (*version != '\0')
--        (void) strlcat(version,", ",MaxTextExtent);
--      (void) strlcat(version,"zlib ",MaxTextExtent);
--      (void) strlcat(version,ZLIB_VERSION,MaxTextExtent);
-+        (void) strlcat(version,", ",sizeof(version));
-+      (void) strlcat(version,"zlib ",sizeof(version));
-+      (void) strlcat(version,ZLIB_VERSION,sizeof(version));
-       if (LocaleCompare(ZLIB_VERSION,zlib_version) != 0)
-         {
--          (void) strlcat(version,",",MaxTextExtent);
--          (void) strlcat(version,zlib_version,MaxTextExtent);
-+          (void) strlcat(version,",",sizeof(version));
-+          (void) strlcat(version,zlib_version,sizeof(version));
-         }
- #endif
diff --git a/pkgs/applications/graphics/graphicsmagick/default.nix b/pkgs/applications/graphics/graphicsmagick/default.nix
index be5114565ff..b7a1a8c4a6f 100644
--- a/pkgs/applications/graphics/graphicsmagick/default.nix
+++ b/pkgs/applications/graphics/graphicsmagick/default.nix
@@ -4,16 +4,15 @@
 
 stdenv.mkDerivation rec {
   pname = "graphicsmagick";
-  version = "1.3.32";
+  version = "1.3.35";
 
   src = fetchurl {
     url = "mirror://sourceforge/graphicsmagick/GraphicsMagick-${version}.tar.xz";
-    sha256 = "1qclp9i31idpcbbqswmnq2q11lmv0a7cvdb1y72xcky8sshaahmq";
+    sha256 = "0l024l4hawm9s3jqrgi2j0lxgm61dqh8sgkj1017ma7y11hqv2hq";
   };
 
   patches = [
     ./disable-popen.patch
-    ./1.3.32-darwin-png-strlcat-fix.patch
   ];
 
   configureFlags = [