Commit 047ebc79 authored Sep 01, 2025 by John Rinehart

acct: repair buffer overflow with dump-acct

The failure is encountered when doing like
```
$ sudo mkdir -p /var/log/account;
$ sudo touch /var/log/account/pacct;
$ nix build 'github:nixos/nixpkgs#acct' -o ./result-acct;
$ sudo ./result-acct/bin/accton on; # writing to /var/log/account/pacct
$ sudo ./result-acct/bin/dump-acct /var/log/account/pacct
*** buffer overflow detected ***: terminated
[1]    37428 abort      sudo dump-acct /var/log/account/pacct
```
and is apparently rooted in FORTIFY_SOURCE_3. I found out that Gentoo
users had already hit and reported this [1] but they found that Fedora
users had already hit, reported, and fixed this [2]. So, I'm bringing in
Fedora's patch.

[1] - https://bugs.gentoo.org/925419#c14
[2] - https://bugzilla.redhat.com/show_bug.cgi?id=2190057

parent c6e7aaf3

pkgs/by-name/ac/acct/package.nix

+8 −0

Original line number	Diff line number	Diff line
		@@ -2,6 +2,7 @@
		fetchurl,
		lib,
		stdenv,
		fetchpatch2,
		}:

		stdenv.mkDerivation rec {
		@@ -15,6 +16,13 @@ stdenv.mkDerivation rec {

		doCheck = true;

		patches = [
		(fetchpatch2 {
		url = "https://src.fedoraproject.org/rpms/psacct/raw/rawhide/f/psacct-6.6.4-sprintf-buffer-overflow.patch";
		hash = "sha256-l74tLIuhpXj+dIA7uAY9L0qMjQ2SbDdc+vjHMyVouFc=";
		})
		];

		meta = {
		description = "GNU Accounting Utilities, login and process accounting utilities";

Admin message