From 32f4104b6610d31a17cc06f71a88bc27a677f538 Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Tue, 20 Sep 2022 21:49:53 +0100
Subject: [PATCH] tinyproxy: add patch for CVE-2022-40468

---
 pkgs/tools/networking/tinyproxy/default.nix | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/pkgs/tools/networking/tinyproxy/default.nix b/pkgs/tools/networking/tinyproxy/default.nix
index 44bca62e8f0..12c8a0d0447 100644
--- a/pkgs/tools/networking/tinyproxy/default.nix
+++ b/pkgs/tools/networking/tinyproxy/default.nix
@@ -1,4 +1,11 @@
-{ lib, stdenv, fetchFromGitHub, autoreconfHook, perl, withDebug ? false }:
+{ lib
+, stdenv
+, fetchFromGitHub
+, fetchpatch
+, autoreconfHook
+, perl
+, withDebug ? false
+}:
 
 stdenv.mkDerivation rec {
   pname = "tinyproxy";
@@ -11,6 +18,14 @@ stdenv.mkDerivation rec {
     owner = "tinyproxy";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2022-40468.patch";
+      url = "https://github.com/tinyproxy/tinyproxy/commit/3764b8551463b900b5b4e3ec0cd9bb9182191cb7.patch";
+      sha256 = "sha256-P0c4mUK227ld3703ss5MQhi8Vo2QVTCVXhKmc9fcufk=";
+    })
+  ];
+
   # perl is needed for man page generation.
   nativeBuildInputs = [ autoreconfHook perl ];