~ruther/guix-local

6e612616f0fc8c7708ac7b4792cd1f28d6f1d25e — bdunahu 2 months ago 7d7b8b6 
gnu: radare2: Update to 6.0.7 [security fixes].

Includes fixes for CVE-2025-1744, CVE-2025-1864, CVE-2025-60358, CVE-2025-60359, CVE-2025-60360, CVE-2025-60361, CVE-2025-63744, CVE-2025-63745, CVE-2024-26475, CVE-2024-11858, CVE-2023-0302, CVE-2023-1605, CVE-2023-4322, CVE-2023-5686, CVE-2023-46569, CVE-2023-46570, CVE-2023-47016, CVE-2022-0173, CVE-2022-0419, CVE-2022-0139, CVE-2022-0518, CVE-2022-0519, CVE-2022-0520, CVE-2022-0521, CVE-2022-0522, CVE-2022-0523, CVE-2022-0559, CVE-2022-0676, CVE-2022-0712, CVE-2022-0713, CVE-2022-0476, CVE-2022-0695, CVE-2022-0849, CVE-2022-1031, CVE-2022-1061, CVE-2022-1052, CVE-2022-1207, CVE-2022-1244, CVE-2022-1237, CVE-2022-1238, CVE-2022-1240, CVE-2022-1283, CVE-2022-1284, CVE-2022-1296, CVE-2022-1297, CVE-2022-1382, CVE-2022-1383, CVE-2022-1437, CVE-2022-1444, CVE-2022-1451, CVE-2022-1452, CVE-2022-1649, CVE-2022-1714, CVE-2022-1809, CVE-2022-1899, CVE-2022-4398, CVE-2022-4843.

* gnu/packages/engineering.scm (radare2): Update to 6.0.7.
[build-system]: Switch to meson-build-system.
[arguments]: <#:tests>: enable tests; <#:phases>: remove 'mklibdir, add 'fix-relative-include, add 'skip-tests.
[inputs]: Add gmp, libzip, lz4, quickjs-ng, sdb, zlib; remove zip.
[native-inputs]: Add node, perl, python-minimal-wrapper.
* gnu/packages/patches/radare2-fix-meson-build-to-use-sys-qjs.patch: New file.
* gnu/packages/patches/radare2-fix-meson-build-to-use-sys-sdb.patch: New file.
* gnu/local.mk: (dist_patch_DATA): Register new patch files.

Change-Id: I646f67279d238c3d447b3dca97d78b5768989a14
Signed-off-by: Cayetano Santos <csantosb@inventati.org>
patch browse .tar.gz 
4 files changed, 271 insertions(+), 18 deletions(-)

M gnu/local.mk
M gnu/packages/engineering.scm
A gnu/packages/patches/radare2-fix-meson-build-to-use-sys-qjs.patch
A gnu/packages/patches/radare2-fix-meson-build-to-use-sys-sdb.patch

M gnu/local.mk => gnu/local.mk +3 -0
@@ 73,6 73,7 @@
# Copyright © 2024 James Smith <jsubuntuxp@disroot.org>
# Copyright © 2025 Nigko Yerden <nigko.yerden@gmail.com>
# Copyright © 2025 Cayetano Santos <csantosb@inventati.org>
# Copyright © 2025 bdunahu <bdunahu@operationnull.com>
#
# This file is part of GNU Guix.
#


@@ 2224,6 2225,8 @@ dist_patch_DATA =						\
  %D%/packages/patches/qtwebengine-fix-dependencies.patch       \
  %D%/packages/patches/qtwebsockets-6.9-fix-tst_QWebSocket.patch\
  %D%/packages/patches/rabbitmq-defaults.patch		\
  %D%/packages/patches/radare2-fix-meson-build-to-use-sys-qjs.patch	\
  %D%/packages/patches/radare2-fix-meson-build-to-use-sys-sdb.patch	\
  %D%/packages/patches/ragel-char-signedness.patch		\
  %D%/packages/patches/randomjungle-disable-static-build.patch	\
  %D%/packages/patches/rapidcheck-fix-libs.patch		\


M gnu/packages/engineering.scm => gnu/packages/engineering.scm +50 -18
@@ 129,6 129,7 @@
  #:use-module (gnu packages image)
  #:use-module (gnu packages image-processing)
  #:use-module (gnu packages imagemagick)
  #:use-module (gnu packages javascript)
  #:use-module (gnu packages jupyter)
  #:use-module (gnu packages kde-frameworks)
  #:use-module (gnu packages libcanberra)


@@ 145,6 146,7 @@
  #:use-module (gnu packages ncurses)
  #:use-module (gnu packages nettle)
  #:use-module (gnu packages networking)
  #:use-module (gnu packages node)
  #:use-module (gnu packages openkinect)
  #:use-module (gnu packages parallel)
  #:use-module (gnu packages pcre)


@@ 2095,7 2097,7 @@ bootloader in Espressif ESP8266 & ESP32 series chips.")
(define-public radare2
  (package
    (name "radare2")
    (version "5.1.1")
    (version "6.0.7")
    (source (origin
              (method git-fetch)
              (uri (git-reference


@@ 2103,29 2105,59 @@ bootloader in Espressif ESP8266 & ESP32 series chips.")
                    (commit version)))
              (sha256
               (base32
                "0hv9x31iabasj12g8f04incr1rbcdkxi3xnqn3ggp8gl4h6pf2f3"))
              (file-name (git-file-name name version))))
    (build-system gnu-build-system)
                "1nkqa8mkmvmbc3812gf5ayfmzyf0krjgc1695rpkphw3fsl76rgx"))
              (file-name (git-file-name name version))
              (patches
               (search-patches "radare2-fix-meson-build-to-use-sys-sdb.patch"
                               "radare2-fix-meson-build-to-use-sys-qjs.patch"))))
    (build-system meson-build-system)
    (arguments
     (list
      #:tests? #f                      ; tests require git and network access
      #:configure-flags
      #~(list "-Duse_libuv=true"
              "-Duse_ssl=true"
              "-Duse_sys_capstone=true"
              "-Duse_sys_lz4=true"
              "-Duse_sys_magic=true"
              "-Duse_sys_openssl=true"
              "-Duse_sys_xxhash=true"
              "-Duse_sys_zip=true"
              "-Duse_sys_zlib=true")
      #:phases
      #~(modify-phases %standard-phases
          (add-before 'configure 'mklibdir
            (lambda _ (mkdir-p (string-append #$output "/lib")))))
      #:configure-flags
      #~(list "--with-openssl"
              "--with-rpath"
              "--with-syscapstone"
              "--with-sysmagic"
              "--with-syszip"
              "--with-sysxxhash")
      #:make-flags #~(list (string-append "CC=" #$(cc-for-target)))))
    ;; TODO: Add gmp and libzip and make the build system actually find them.
          ;; CHECK LATER: This patches an incorrect relative include.
          (add-before 'build 'fix-relative-include
            (lambda _
              (substitute* "../source/libr/arch/p/java/plugin.c"
                (("include \".." all)
                 (string-append all "/..")))))
          ;; These tests require sample binaries from an external repository.
          (add-before 'check 'skip-tests
            (lambda _
              (substitute* '("../source/test/unit/test_bin.c"
                             "../source/test/unit/test_dwarf.c"
                             "../source/test/unit/test_dwarf_info.c"
                             "../source/test/unit/test_dwarf_integration.c"
                             "../source/test/unit/test_pdb.c"
                             ;; TODO: add r2pipe and enable this test.
                             "../source/test/unit/test_r2pipe.c")
                (("(^| )main *\\(.*" all)
                 (string-append all " exit (77);\n"))))))))
    (inputs
     (list capstone libuv openssl zip))
     (list capstone
           gmp
           libuv
           libzip
           lz4
           openssl
           quickjs-ng
           sdb
           zlib))
    (native-inputs
     (list pkg-config))
     (list node
           perl
           pkg-config
           python-minimal-wrapper))
    (propagated-inputs
     ;; In the Libs: section of r_hash.pc.
     (list xxhash))


A gnu/packages/patches/radare2-fix-meson-build-to-use-sys-qjs.patch => gnu/packages/patches/radare2-fix-meson-build-to-use-sys-qjs.patch +70 -0
@@ 0,0 1,70 @@
Use guix-provided qjs instead of a meson subproject.

Patch by bdunahu <bdunahu@operationnull.com>.

diff --git a/libr/lang/meson.build b/libr/lang/meson.build
index 0742e0e531..a6367cea39 100644
--- a/libr/lang/meson.build
+++ b/libr/lang/meson.build
@@ -4,13 +4,11 @@ r_lang_sources = [

 spp_inc = [platform_inc, include_directories('../../shlr/spp')]

-qjs = subproject('qjs')
-qjs_inc = qjs.get_variable('incs')
-qjs_static = qjs.get_variable('qjs_static')

+qjs_dep = cc.find_library('qjs', required: true)

 r_lang = library('r_lang', r_lang_sources,
-  include_directories: [platform_inc, spp_inc, qjs_inc],
+  include_directories: [platform_inc, spp_inc],
   c_args: library_cflags,
   dependencies: [
     r_util_dep,
@@ -21,19 +19,23 @@ r_lang = library('r_lang', r_lang_sources,
     r_esil_dep,
     r_muta_dep,
     r_cons_dep,
+    qjs_dep,
   ],
-  link_with: qjs_static,
   install: true,
   implicit_include_directories: false,
   install_rpath: rpath_lib,
   soversion: r2_libversion
 )

-r_lang_dep = declare_dependency(link_with: r_lang, include_directories: [platform_inc, qjs_inc])
+r_lang_dep = declare_dependency(
+  link_with: r_lang,
+  include_directories: [platform_inc],
+  dependencies: [qjs_dep],
+)

 if get_option('blob')
 r_lang_static = static_library('r_lang_static', r_lang_sources,
-  include_directories: [platform_inc, spp_inc, qjs_inc],
+  # include_directories: [platform_inc, spp_inc qjs_inc], # unused
   c_args: library_cflags,
   dependencies: [
     r_util_static_dep,
@@ -43,13 +45,15 @@ r_lang_static = static_library('r_lang_static', r_lang_sources,
     r_muta_static_dep,
     r_cons_static_dep,
   ],
-  link_with: qjs_static,
+  # link_with: qjs_static, # unused
   install: true,
   implicit_include_directories: false,
 )

-r_lang_static_dep = declare_dependency(link_with: r_lang_static,
-  include_directories: [platform_inc, qjs_inc])
+r_lang_static_dep = declare_dependency(
+  link_with: r_lang_static,
+  # include_directories: [platform_inc, qjs_inc] # unused
+  )
 endif

 pkgconfig_mod.generate(r_lang,


A gnu/packages/patches/radare2-fix-meson-build-to-use-sys-sdb.patch => gnu/packages/patches/radare2-fix-meson-build-to-use-sys-sdb.patch +148 -0
@@ 0,0 1,148 @@
Use guix-provided sdb instead of a meson subproject.

Patch by bdunahu <bdunahu@operationnull.com>.

diff --git a/libr/anal/d/meson.build b/libr/anal/d/meson.build
index bc4b7ccf22..cd1af6e84b 100644
--- a/libr/anal/d/meson.build
+++ b/libr/anal/d/meson.build
@@ -117,7 +117,7 @@ if host_machine.system() != 'uefi'
     output: fcnsign_sdb_files,
     command: [sdb_exe, '-r', meson.current_source_dir()],
     env: sdb_env,
-    depends: host_machine.system() == 'uefi' ? [windows_type_file] : [sdb_exe, windows_type_file],
+    depends: [windows_type_file],
     build_by_default: true,
     install: true,
     install_dir: join_paths(r2_sdb, 'fcnsign')
diff --git a/libr/asm/d/meson.build b/libr/asm/d/meson.build
index 44b5356372..ffd8dab323 100644
--- a/libr/asm/d/meson.build
+++ b/libr/asm/d/meson.build
@@ -62,7 +62,6 @@ if host_machine.system() != 'uefi'
     output: opcodes_sdb_files,
     command: [sdb_exe, '-r', meson.current_source_dir()],
     env: sdb_env,
-    depends: sdb_exe,
     build_by_default: true,
     install: true,
     install_dir: join_paths(r2_sdb, 'opcodes')
diff --git a/libr/bin/d/dll/meson.build b/libr/bin/d/dll/meson.build
index 136aa381ac..d6a3ba88f7 100644
--- a/libr/bin/d/dll/meson.build
+++ b/libr/bin/d/dll/meson.build
@@ -170,7 +170,6 @@ if host_machine.system() != 'uefi'
     output: dll_sdb_files,
     command: [sdb_exe, '-r', meson.current_source_dir()],
     env: sdb_env,
-    depends: sdb_exe,
     build_by_default: true,
     install: true,
     install_dir: join_paths(r2_sdb, join_paths('format', 'dll'))
diff --git a/libr/bin/d/meson.build b/libr/bin/d/meson.build
index 0f5e160f02..347654406d 100644
--- a/libr/bin/d/meson.build
+++ b/libr/bin/d/meson.build
@@ -27,7 +27,6 @@ if host_machine.system() != 'uefi'
     output: format_sdb_files,
     command: [sdb_exe, '-r', meson.current_source_dir()],
     env: format_sdb_env,
-    depends: sdb_exe,
     build_by_default: true,
     install: true,
     install_dir: join_paths(r2_sdb, join_paths('format'))
diff --git a/libr/fs/d/meson.build b/libr/fs/d/meson.build
index 808c03666d..d507f58efb 100644
--- a/libr/fs/d/meson.build
+++ b/libr/fs/d/meson.build
@@ -21,7 +21,6 @@ if host_machine.system() != 'uefi'
     output: fs_sdb_files,
     command: [sdb_exe, '-r', meson.current_source_dir()],
     env: sdb_env,
-    depends: sdb_exe,
     build_by_default: true,
     install: true,
     install_dir: join_paths(r2_sdb, 'fs')
diff --git a/libr/syscall/d/meson.build b/libr/syscall/d/meson.build
index 13d7a78db5..5371e0fe2a 100644
--- a/libr/syscall/d/meson.build
+++ b/libr/syscall/d/meson.build
@@ -41,7 +41,6 @@ if host_machine.system() != 'uefi'
     output: syscall_sdb_files,
     command: [sdb_exe, '-r', '-r', meson.current_source_dir()],
     env: sdb_env,
-    depends: sdb_exe,
     build_by_default: true,
     install: true,
     install_dir: join_paths(r2_sdb, 'syscall')
@@ -49,4 +48,3 @@ if host_machine.system() != 'uefi'
 else
   r_syscall_d_sources = []
 endif
-
diff --git a/libr/util/d/meson.build b/libr/util/d/meson.build
index 9f34b18642..14a08412be 100644
--- a/libr/util/d/meson.build
+++ b/libr/util/d/meson.build
@@ -40,7 +40,6 @@ if host_machine.system() != 'uefi'
     output: charsets_sdb_files,
     command: [sdb_exe, '-r', meson.current_source_dir()],
     env: sdb_env,
-    depends: sdb_exe,
     build_by_default: true,
     install: true,
     install_dir: join_paths(r2_sdb, 'charsets')
diff --git a/meson.build b/meson.build
index 52583b29cf..f26be0e41a 100644
--- a/meson.build
+++ b/meson.build
@@ -510,22 +510,11 @@ script_files = [
 ]
 install_data(script_files, install_dir: r2_scripts)

-libsdb_sp = subproject('sdb')
-libsdb_static = libsdb_sp.get_variable('libsdb_static')
-if host_machine.system() == 'uefi'
-  libsdb_dynamic = libsdb_static
-else
-  libsdb_dynamic = libsdb_sp.get_variable('libsdb').get_shared_lib()
-endif
-libsdb_includes = libsdb_sp.get_variable('sdb_inc')
-libsdb_version = libsdb_sp.get_variable('sdb_version')
-
-sdb_dep = declare_dependency(
-  link_whole: libsdb_static,
-  include_directories: libsdb_includes
-)
+libsdb_includes = []
+libsdb_version = 'never used'

-sdb_exe = libsdb_sp.get_variable('sdb_exe')
+sdb_dep = dependency('sdb', required: true)
+sdb_exe = find_program('sdb', required: true).full_path()

 if host_machine.system() == 'windows'
 copyinout = [
@@ -554,12 +543,7 @@ elif os_name == 'windows'
     lib_extension = '.dll'
 endif

-libsdb_install = custom_target('libr2sdb',
-  input : libsdb_dynamic,
-  output : 'libsdb' + lib_extension,
-  command : copyinout,
-  install : true,
-  install_dir : get_option('libdir'))
+# We used to install libsdb here, but Guix already provides this.

 sdb_gen_cmd_cgen = [ sdb_exe, '-t', '-C', '-o', '@OUTPUT@', '@INPUT@' ]
 sdb_gen_cmd = [ sdb_exe, '@OUTPUT@', '==', '@INPUT@' ]
@@ -575,7 +559,7 @@ spp_files = [
 spp_inc = [platform_inc, include_directories(join_paths('shlr','spp'))]

 libr2spp = static_library('r2spp', spp_files,
-  link_with: [ libsdb_static ], # libsdb_static,
+  dependencies: [ sdb_dep ],
   include_directories: [ libsdb_includes, spp_inc ],
   c_args: ['-DHAVE_R_UTIL', '-DUSE_R2=1'],
   implicit_include_directories: false