From 710dfd7955f210a4527475a854e23d15379248fe Mon Sep 17 00:00:00 2001
From: Sandro <sandro.jaeckel@gmail.com>
Date: Fri, 13 May 2022 12:57:42 +0200
Subject: [PATCH] libde265: fix CVE-2022-1253 (#172536)

Closes #172496
---
 pkgs/development/libraries/libde265/default.nix | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/libde265/default.nix b/pkgs/development/libraries/libde265/default.nix
index bbbcdc3f054..762fe1765fd 100644
--- a/pkgs/development/libraries/libde265/default.nix
+++ b/pkgs/development/libraries/libde265/default.nix
@@ -1,4 +1,4 @@
-{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config }:
+{ lib, stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pkg-config }:
 
 stdenv.mkDerivation rec {
   version = "1.0.8";
@@ -11,6 +11,14 @@ stdenv.mkDerivation rec {
     sha256 = "1dzflqbk248lz5ws0ni5acmf32b3rmnq5gsfaz7691qqjxkl1zml";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2022-1253.patch";
+      url = "https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8.patch";
+      sha256 = "sha256-F1BOWFx9oXR2trM22atyD3AJ5x6vVfURQ/PTlYP2Ibg=";
+    })
+  ];
+
   nativeBuildInputs = [ autoreconfHook pkg-config ];
 
   enableParallelBuilding = true;
@@ -22,5 +30,4 @@ stdenv.mkDerivation rec {
     platforms = lib.platforms.unix;
     maintainers = with lib.maintainers; [ gebner ];
   };
-
 }