From 7d8cf3e2703bdbbb3939604ba754fa63518a3e60 Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Wed, 21 Apr 2021 19:35:42 +0100
Subject: [PATCH] clamav: add patch for CVE-2021-1405

using upstream master patch, just as debian have done
---
 pkgs/tools/security/clamav/default.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/pkgs/tools/security/clamav/default.nix b/pkgs/tools/security/clamav/default.nix
index fb523c5299ce9c..98e9bb3fc1a68e 100644
--- a/pkgs/tools/security/clamav/default.nix
+++ b/pkgs/tools/security/clamav/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, pkgconfig
+{ stdenv, fetchurl, fetchpatch, pkgconfig
 , zlib, bzip2, libiconv, libxml2, openssl, ncurses, curl, libmilter, pcre2
 , libmspack, systemd, Foundation
 }:
@@ -12,6 +12,14 @@ stdenv.mkDerivation rec {
     sha256 = "06rrzyrhnr0rswryijpbbzywr6387rv8qjq8sb8cl3h2d1m45ggf";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2021-1405.patch";
+      url = "https://github.com/Cisco-Talos/clamav-devel/commit/0c1ec30f9a292b0a5eca4aaaa651150aa5712d6d.patch";
+      sha256 = "0ygqiv9ldwhhnlwxkz91bab4hnzfwczf96mqm1bsa4gz9wmshlks";
+    })
+  ];
+
   # don't install sample config files into the absolute sysconfdir folder
   postPatch = ''
     substituteInPlace Makefile.in --replace ' etc ' ' '