summary refs log tree commit diff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2018-16509.patch193
-rw-r--r--gnu/packages/patches/ghostscript-bug-699708.patch160
-rw-r--r--gnu/packages/patches/mes-nyacc-0.86.0.patch197
-rw-r--r--gnu/packages/patches/nyacc-binary-literals.patch29
4 files changed, 579 insertions, 0 deletions
diff --git a/gnu/packages/patches/ghostscript-CVE-2018-16509.patch b/gnu/packages/patches/ghostscript-CVE-2018-16509.patch
new file mode 100644
index 0000000000..50ffa3cb98
--- /dev/null
+++ b/gnu/packages/patches/ghostscript-CVE-2018-16509.patch
@@ -0,0 +1,193 @@
+Ghostscript 9.24 was released with an incomplete fix for CVE-2018-16509:
+https://nvd.nist.gov/vuln/detail/CVE-2018-16509
+https://bugs.chromium.org/p/project-zero/issues/detail?id=1640#c19
+https://bugs.ghostscript.com/show_bug.cgi?id=699718
+
+The reproducers no longer work after applying these commits:
+
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5812b1b78fc4d36fdc293b7859de69241140d590
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e914f1da46e33decc534486598dc3eadf69e6efb
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=643b24dbd002fb9c131313253c307cf3951b3d47
+
+This patch is a "squashed" version of those.
+
+diff --git a/Resource/Init/gs_setpd.ps b/Resource/Init/gs_setpd.ps
+index bba3c8c0e..8fa7c51df 100644
+--- a/Resource/Init/gs_setpd.ps
++++ b/Resource/Init/gs_setpd.ps
+@@ -95,27 +95,41 @@ level2dict begin
+  {	% Since setpagedevice doesn't create new device objects,
+         % we must (carefully) reinstall the old parameters in
+         % the same device.
+-   .currentpagedevice pop //null currentdevice //null .trysetparams
++   .currentpagedevice pop //null currentdevice //null
++   { .trysetparams } .internalstopped
++   {
++     //null
++   } if
+    dup type /booleantype eq
+     { pop pop }
+-    {		% This should never happen!
++    {
+       SETPDDEBUG { (Error in .trysetparams!) = pstack flush } if
+-      cleartomark pop pop pop
++      {cleartomark pop pop pop} .internalstopped pop
++      % if resetting the entire device state failed, at least put back the
++      % security related key
++      currentdevice //null //false mark /.LockSafetyParams
++      currentpagedevice /.LockSafetyParams .knownget not
++      {systemdict /SAFER .knownget not {//false} } if
++      .putdeviceparamsonly
+       /.installpagedevice cvx /rangecheck signalerror
+     }
+    ifelse pop pop
+         % A careful reading of the Red Book reveals that an erasepage
+         % should occur, but *not* an initgraphics.
+    erasepage .beginpage
+- } bind def
++ } bind executeonly def
+ 
+ /.uninstallpagedevice
+- { 2 .endpage { .currentnumcopies //false .outputpage } if
++ {
++   {2 .endpage { .currentnumcopies //false .outputpage } if} .internalstopped pop
+    nulldevice
+  } bind def
+ 
+ (%grestorepagedevice) cvn
+- { .uninstallpagedevice grestore .installpagedevice
++ {
++ .uninstallpagedevice
++ grestore
++ .installpagedevice
+  } bind def
+ 
+ (%grestoreallpagedevice) cvn
+diff --git a/psi/zdevice2.c b/psi/zdevice2.c
+index 0c7080d57..159a0c0d9 100644
+--- a/psi/zdevice2.c
++++ b/psi/zdevice2.c
+@@ -251,8 +251,8 @@ z2currentgstate(i_ctx_t *i_ctx_p)
+ /* ------ Wrappers for operators that reset the graphics state. ------ */
+ 
+ /* Check whether we need to call out to restore the page device. */
+-static bool
+-restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new)
++static int
++restore_page_device(i_ctx_t *i_ctx_p, const gs_gstate * pgs_old, const gs_gstate * pgs_new)
+ {
+     gx_device *dev_old = gs_currentdevice(pgs_old);
+     gx_device *dev_new;
+@@ -260,9 +260,10 @@ restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new)
+     gx_device *dev_t2;
+     bool samepagedevice = obj_eq(dev_old->memory, &gs_int_gstate(pgs_old)->pagedevice,
+         &gs_int_gstate(pgs_new)->pagedevice);
++    bool LockSafetyParams = dev_old->LockSafetyParams;
+ 
+     if ((dev_t1 = (*dev_proc(dev_old, get_page_device)) (dev_old)) == 0)
+-        return false;
++        return 0;
+     /* If we are going to putdeviceparams in a callout, we need to */
+     /* unlock temporarily.  The device will be re-locked as needed */
+     /* by putdeviceparams from the pgs_old->pagedevice dict state. */
+@@ -271,23 +272,51 @@ restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new)
+     dev_new = gs_currentdevice(pgs_new);
+     if (dev_old != dev_new) {
+         if ((dev_t2 = (*dev_proc(dev_new, get_page_device)) (dev_new)) == 0)
+-            return false;
+-        if (dev_t1 != dev_t2)
+-            return true;
++            samepagedevice = true;
++        else if (dev_t1 != dev_t2)
++            samepagedevice = false;
++    }
++
++    if (LockSafetyParams && !samepagedevice) {
++        const int required_ops = 512;
++        const int required_es = 32;
++
++        /* The %grestorepagedevice must complete: the biggest danger
++           is operand stack overflow. As we use get/putdeviceparams
++           that means pushing all the device params onto the stack,
++           pdfwrite having by far the largest number of parameters
++           at (currently) 212 key/value pairs - thus needing (currently)
++           424 entries on the op stack. Allowing for working stack
++           space, and safety margin.....
++         */
++        if (required_ops + ref_stack_count(&o_stack) >= ref_stack_max_count(&o_stack)) {
++           gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams;
++           return_error(gs_error_stackoverflow);
++        }
++        /* We also want enough exec stack space - 32 is an overestimate of
++           what we need to complete the Postscript call out.
++         */
++        if (required_es + ref_stack_count(&e_stack) >= ref_stack_max_count(&e_stack)) {
++           gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams;
++           return_error(gs_error_execstackoverflow);
++        }
+     }
+     /*
+      * The current implementation of setpagedevice just sets new
+      * parameters in the same device object, so we have to check
+      * whether the page device dictionaries are the same.
+      */
+-    return !samepagedevice;
++    return samepagedevice ? 0 : 1;
+ }
+ 
+ /* - grestore - */
+ static int
+ z2grestore(i_ctx_t *i_ctx_p)
+ {
+-    if (!restore_page_device(igs, gs_gstate_saved(igs)))
++    int code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
++    if (code < 0) return code;
++
++    if (code == 0)
+         return gs_grestore(igs);
+     return push_callout(i_ctx_p, "%grestorepagedevice");
+ }
+@@ -297,7 +326,9 @@ static int
+ z2grestoreall(i_ctx_t *i_ctx_p)
+ {
+     for (;;) {
+-        if (!restore_page_device(igs, gs_gstate_saved(igs))) {
++        int code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
++        if (code < 0) return code;
++        if (code == 0) {
+             bool done = !gs_gstate_saved(gs_gstate_saved(igs));
+ 
+             gs_grestore(igs);
+@@ -328,11 +359,15 @@ z2restore(i_ctx_t *i_ctx_p)
+     if (code < 0) return code;
+ 
+     while (gs_gstate_saved(gs_gstate_saved(igs))) {
+-        if (restore_page_device(igs, gs_gstate_saved(igs)))
++        code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
++        if (code < 0) return code;
++        if (code > 0)
+             return push_callout(i_ctx_p, "%restore1pagedevice");
+         gs_grestore(igs);
+     }
+-    if (restore_page_device(igs, gs_gstate_saved(igs)))
++    code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
++    if (code < 0) return code;
++    if (code > 0)
+         return push_callout(i_ctx_p, "%restorepagedevice");
+ 
+     code = dorestore(i_ctx_p, asave);
+@@ -355,9 +390,12 @@ static int
+ z2setgstate(i_ctx_t *i_ctx_p)
+ {
+     os_ptr op = osp;
++    int code;
+ 
+     check_stype(*op, st_igstate_obj);
+-    if (!restore_page_device(igs, igstate_ptr(op)))
++    code = restore_page_device(i_ctx_p, igs, igstate_ptr(op));
++    if (code < 0) return code;
++    if (code == 0)
+         return zsetgstate(i_ctx_p);
+     return push_callout(i_ctx_p, "%setgstatepagedevice");
+ }
diff --git a/gnu/packages/patches/ghostscript-bug-699708.patch b/gnu/packages/patches/ghostscript-bug-699708.patch
new file mode 100644
index 0000000000..1567be1c6f
--- /dev/null
+++ b/gnu/packages/patches/ghostscript-bug-699708.patch
@@ -0,0 +1,160 @@
+Additional security fix that missed 9.24.
+
+Taken from upstream:
+http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624
+
+From fb713b3818b52d8a6cf62c951eba2e1795ff9624 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Thu, 6 Sep 2018 09:16:22 +0100
+Subject: [PATCH] Bug 699708 (part 1): 'Hide' non-replaceable error handlers
+ for SAFER
+
+We already had a 'private' dictionary for non-standard errors: gserrordict.
+
+This now includes all the default error handlers, the dictionary is made
+noaccess and all the prodedures are bound and executeonly.
+
+When running with -dSAFER, in the event of a Postscript error, instead of
+pulling the handler from errordict, we'll pull it from gserrordict - thus
+malicious input cannot trigger problems by the use of custom error handlers.
+
+errordict remains open and writeable, so files such as the Quality Logic tests
+that install their own handlers will still 'work', with the exception that the
+custom error handlers will not be called.
+
+This is a 'first pass', 'sledgehammer' approach: a nice addition would to allow
+an integrator to specify a list of errors that are not to be replaced (for
+example, embedded applications would probably want to ensure that VMerror is
+always handled as they intend).
+---
+ Resource/Init/gs_init.ps | 29 ++++++++++++++++++-----------
+ psi/interp.c             | 30 +++++++++++++++++++++---------
+ 2 files changed, 39 insertions(+), 20 deletions(-)
+
+diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
+index 071c39205..bc8b7951c 100644
+--- a/Resource/Init/gs_init.ps
++++ b/Resource/Init/gs_init.ps
+@@ -881,7 +881,7 @@ userdict /.currentresourcefile //null put
+        { not exch pop exit } { pop } ifelse
+     }
+    for exch pop .quit
+- } bind def
++ } bind executeonly def
+ /.errorhandler		% <command> <errorname> .errorhandler -
+   {		% Detect an internal 'stopped'.
+     1 .instopped { //null eq { pop pop stop } if } if
+@@ -926,7 +926,7 @@ userdict /.currentresourcefile //null put
+     $error /globalmode get $error /.nosetlocal get and .setglobal
+     $error /.inerror //false put
+     stop
+-  } bind def
++  } bind executeonly def
+ % Define the standard handleerror.  We break out the printing procedure
+ % (.printerror) so that it can be extended for binary output
+ % if the Level 2 facilities are present.
+@@ -976,7 +976,7 @@ userdict /.currentresourcefile //null put
+      ifelse	% newerror
+      end
+      flush
+-    } bind def
++    } bind executeonly def
+   /.printerror_long			% long error printout,
+                                         % $error is on the dict stack
+    {	% Push the (anonymous) stack printing procedure.
+@@ -1053,14 +1053,14 @@ userdict /.currentresourcefile //null put
+         { (Current file position is ) print position = }
+        if
+ 
+-   } bind def
++   } bind executeonly def
+ % Define a procedure for clearing the error indication.
+ /.clearerror
+  { $error /newerror //false put
+    $error /errorname //null put
+    $error /errorinfo //null put
+    0 .setoserrno
+- } bind def
++ } bind executeonly def
+ 
+ % Define $error.  This must be in local VM.
+ .currentglobal //false .setglobal
+@@ -1086,11 +1086,15 @@ end
+ /errordict ErrorNames length 3 add dict
+ .forcedef		% errordict is local, systemdict is global
+ .setglobal		% back to global VM
+-% For greater Adobe compatibility, we put all non-standard errors in a
+-%   separate dictionary, gserrordict.  It does not need to be in local VM,
+-%   because PostScript programs do not access it.
++%  gserrordict contains all the default error handling methods, but unlike
++%  errordict it is noaccess after creation (also it is in global VM).
++%  When running 'SAFER', we'll ignore the contents of errordict, which
++%  may have been tampered with by the running job, and always use gserrordict
++%  gserrordict also contains any non-standard errors, for better compatibility
++%  with Adobe.
++%
+ %   NOTE: the name gserrordict is known to the interpreter.
+-/gserrordict 5 dict def
++/gserrordict ErrorNames length 3 add dict def
+ % Register an error in errordict.  We make this a procedure because we only
+ % register the Level 1 errors here: the rest are registered by "feature"
+ % files.  However, ErrorNames contains all of the error names regardless of
+@@ -1119,8 +1123,11 @@ errordict begin
+  } bind def
+ end		% errordict
+ 
+-% Put non-standard errors in gserrordict.
+-gserrordict /unknownerror errordict /unknownerror get put
++% Put all the default handlers in gserrordict
++gserrordict
++errordict {2 index 3 1 roll put} forall
++noaccess pop
++% remove the non-standard errors from errordict
+ errordict /unknownerror .undef
+ % Define a stable private copy of handleerror that we will always use under
+ % JOBSERVER mode.
+diff --git a/psi/interp.c b/psi/interp.c
+index c27b70dca..d41a9d3f5 100644
+--- a/psi/interp.c
++++ b/psi/interp.c
+@@ -661,16 +661,28 @@ again:
+         return code;
+     if (gs_errorname(i_ctx_p, code, &error_name) < 0)
+         return code;            /* out-of-range error code! */
+-    /*
+-     * For greater Adobe compatibility, only the standard PostScript errors
+-     * are defined in errordict; the rest are in gserrordict.
++
++    /*  If LockFilePermissions is true, we only refer to gserrordict, which
++     *  is not accessible to Postcript jobs
+      */
+-    if (dict_find_string(systemdict, "errordict", &perrordict) <= 0 ||
+-        (dict_find(perrordict, &error_name, &epref) <= 0 &&
+-         (dict_find_string(systemdict, "gserrordict", &perrordict) <= 0 ||
+-          dict_find(perrordict, &error_name, &epref) <= 0))
+-        )
+-        return code;            /* error name not in errordict??? */
++    if (i_ctx_p->LockFilePermissions) {
++        if (((dict_find_string(systemdict, "gserrordict", &perrordict) <= 0 ||
++              dict_find(perrordict, &error_name, &epref) <= 0))
++            )
++            return code;            /* error name not in errordict??? */
++    }
++    else {
++        /*
++         * For greater Adobe compatibility, only the standard PostScript errors
++         * are defined in errordict; the rest are in gserrordict.
++         */
++        if (dict_find_string(systemdict, "errordict", &perrordict) <= 0 ||
++            (dict_find(perrordict, &error_name, &epref) <= 0 &&
++             (dict_find_string(systemdict, "gserrordict", &perrordict) <= 0 ||
++              dict_find(perrordict, &error_name, &epref) <= 0))
++            )
++            return code;            /* error name not in errordict??? */
++    }
+     doref = *epref;
+     epref = &doref;
+     /* Push the error object on the operand stack if appropriate. */
+-- 
+2.18.0
+
diff --git a/gnu/packages/patches/mes-nyacc-0.86.0.patch b/gnu/packages/patches/mes-nyacc-0.86.0.patch
new file mode 100644
index 0000000000..58dfc5a46b
--- /dev/null
+++ b/gnu/packages/patches/mes-nyacc-0.86.0.patch
@@ -0,0 +1,197 @@
+From 9e610736bf779f3295c1192e748cd19cbbe3be28 Mon Sep 17 00:00:00 2001
+From: Jan Nieuwenhuizen <janneke@gnu.org>
+Date: Wed, 5 Sep 2018 20:28:06 +0200
+Subject: [PATCH 1/2] mes: Support Nyacc 0.85.3: Add char-set-copy.
+
+* mes/module/srfi/srfi-14.mes (char-set-copy): New function>
+---
+ mes/module/srfi/srfi-14.mes | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/mes/module/srfi/srfi-14.mes b/mes/module/srfi/srfi-14.mes
+index 0be39b1e..a16d16ce 100644
+--- a/mes/module/srfi/srfi-14.mes
++++ b/mes/module/srfi/srfi-14.mes
+@@ -52,3 +52,6 @@
+ 
+ (define (char-whitespace? c)
+   (char-set-contains? char-set:whitespace c))
++
++(define (char-set-copy cs)
++  (map identity cs))
+-- 
+2.18.0
+
+From b952bdf44f11edbfc277600dc35236aae1769b54 Mon Sep 17 00:00:00 2001
+From: Jan Nieuwenhuizen <janneke@gnu.org>
+Date: Wed, 5 Sep 2018 22:14:34 +0200
+Subject: [PATCH 2/2] mes: Support Nyacc 0.85.3: Integrate progress.
+
+* mes/module/nyacc/lang/sx-util.mes: New file.
+* mes/module/nyacc/version.mes: New file.
+* mes/module/nyacc/lang/c99/cpp.mes (nyacc): Include them.
+* mes/module/nyacc/lang/c99/parser.mes (nyacc): Include them.
+* module/mescc/preprocess.scm (need-progress): New function.
+(progress): New function.
+(insert-progress-monitors): Use them to Integrate progress.
+---
+ mes/module/mescc/preprocess.mes      |  1 +
+ mes/module/nyacc/lang/c99/cpp.mes    |  1 +
+ mes/module/nyacc/lang/c99/parser.mes |  1 +
+ mes/module/nyacc/lang/sx-util.mes    | 27 +++++++++++++++++++++
+ mes/module/nyacc/version.mes         | 26 +++++++++++++++++++++
+ module/mescc/preprocess.scm          | 35 ++++++++++++++++++++++++++++
+ 6 files changed, 91 insertions(+)
+ create mode 100644 mes/module/nyacc/lang/sx-util.mes
+ create mode 100644 mes/module/nyacc/version.mes
+
+diff --git a/mes/module/mescc/preprocess.mes b/mes/module/mescc/preprocess.mes
+index c7c5fcaa..022a372c 100644
+--- a/mes/module/mescc/preprocess.mes
++++ b/mes/module/mescc/preprocess.mes
+@@ -24,4 +24,5 @@
+ (mes-use-module (srfi srfi-13))
+ (mes-use-module (srfi srfi-26))
+ (mes-use-module (nyacc lang c99 parser))
++(mes-use-module (nyacc version))
+ (include-from-path "mescc/preprocess.scm")
+diff --git a/mes/module/nyacc/lang/c99/cpp.mes b/mes/module/nyacc/lang/c99/cpp.mes
+index fad1dc55..b25c4a93 100644
+--- a/mes/module/nyacc/lang/c99/cpp.mes
++++ b/mes/module/nyacc/lang/c99/cpp.mes
+@@ -28,5 +28,6 @@
+ 
+ (mes-use-module (nyacc parse))
+ (mes-use-module (nyacc lex))
++(mes-use-module (nyacc lang sx-util))
+ (mes-use-module (nyacc lang util))
+ (include-from-path "nyacc/lang/c99/cpp.scm")
+diff --git a/mes/module/nyacc/lang/c99/parser.mes b/mes/module/nyacc/lang/c99/parser.mes
+index c51552d6..1a9aaf73 100644
+--- a/mes/module/nyacc/lang/c99/parser.mes
++++ b/mes/module/nyacc/lang/c99/parser.mes
+@@ -32,6 +32,7 @@
+ 
+ (mes-use-module (nyacc lex))
+ (mes-use-module (nyacc parse))
++(mes-use-module (nyacc lang sx-util))
+ (mes-use-module (nyacc lang util))
+ (mes-use-module (nyacc lang c99 cpp))
+ 
+diff --git a/mes/module/nyacc/lang/sx-util.mes b/mes/module/nyacc/lang/sx-util.mes
+new file mode 100644
+index 00000000..41ac5b4a
+--- /dev/null
++++ b/mes/module/nyacc/lang/sx-util.mes
+@@ -0,0 +1,27 @@
++;;; -*-scheme-*-
++
++;;; GNU Mes --- Maxwell Equations of Software
++;;; Copyright © 2018 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
++;;;
++;;; This file is part of GNU Mes.
++;;;
++;;; GNU Mes is free software; you can redistribute it and/or modify it
++;;; under the terms of the GNU General Public License as published by
++;;; the Free Software Foundation; either version 3 of the License, or (at
++;;; your option) any later version.
++;;;
++;;; GNU Mes is distributed in the hope that it will be useful, but
++;;; WITHOUT ANY WARRANTY; without even the implied warranty of
++;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++;;; GNU General Public License for more details.
++;;;
++;;; You should have received a copy of the GNU General Public License
++;;; along with GNU Mes.  If not, see <http://www.gnu.org/licenses/>.
++
++;;; Commentary:
++
++;;; Code:
++
++(mes-use-module (srfi srfi-1))
++(mes-use-module (srfi srfi-16))
++(include-from-path "nyacc/lang/sx-util.scm")
+diff --git a/mes/module/nyacc/version.mes b/mes/module/nyacc/version.mes
+new file mode 100644
+index 00000000..b9db628e
+--- /dev/null
++++ b/mes/module/nyacc/version.mes
+@@ -0,0 +1,26 @@
++;;; -*-scheme-*-
++
++;;; GNU Mes --- Maxwell Equations of Software
++;;; Copyright © 2018 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
++;;;
++;;; This file is part of GNU Mes.
++;;;
++;;; GNU Mes is free software; you can redistribute it and/or modify it
++;;; under the terms of the GNU General Public License as published by
++;;; the Free Software Foundation; either version 3 of the License, or (at
++;;; your option) any later version.
++;;;
++;;; GNU Mes is distributed in the hope that it will be useful, but
++;;; WITHOUT ANY WARRANTY; without even the implied warranty of
++;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++;;; GNU General Public License for more details.
++;;;
++;;; You should have received a copy of the GNU General Public License
++;;; along with GNU Mes.  If not, see <http://www.gnu.org/licenses/>.
++
++;;; Commentary:
++
++;;; Code:
++
++(include-from-path "nyacc/version.scm")
++(display "nyacc version\n")
+diff --git a/module/mescc/preprocess.scm b/module/mescc/preprocess.scm
+index 9e341cba..c2efb32c 100644
+--- a/module/mescc/preprocess.scm
++++ b/module/mescc/preprocess.scm
+@@ -26,9 +26,44 @@
+   #:use-module (srfi srfi-1)
+   #:use-module (srfi srfi-26)
+   #:use-module (nyacc lang c99 parser)
++  #:use-module (nyacc lang c99 parser)
++  #:use-module (nyacc version)
+   #:use-module (mes guile)
+   #:export (c99-input->ast))
+ 
++(format (current-error-port) "*nyacc-version*=~a\n" *nyacc-version*)
++;; list of which rules you want progress reported
++(define need-progress
++  (assoc-ref
++   '(("0.85.3" (1 2 3))
++     ("0.86.0" (1 2 3)))
++   *nyacc-version*))
++
++(define (progress o)
++  (when (and o (getenv "NYACC_DEBUG"))
++    (display "    :" (current-error-port))
++    (display o (current-error-port))
++    (display "\n" (current-error-port))))
++
++(define (insert-progress-monitors act-v len-v)
++  (let ((n (vector-length act-v)))
++    (let loop ((ix 0))
++      (when (< ix n)
++	(if (memq ix need-progress)
++	    (vector-set
++	     act-v ix
++	     (lambda args
++	       (progress (list-ref args (1- (vector-ref len-v ix))))
++	       (apply (vector-ref act-v ix) args))))
++        (loop (1+ ix))))))
++
++(cond-expand
++ (guile
++  (insert-progress-monitors (@@ (nyacc lang c99 parser) c99-act-v)
++                            (@@ (nyacc lang c99 parser) c99-len-v)))
++ (mes
++  (insert-progress-monitors c99-act-v c99-len-v)))
++
+ (define (logf port string . rest)
+   (apply format (cons* port string rest))
+   (force-output port)
+-- 
+2.18.0
+
diff --git a/gnu/packages/patches/nyacc-binary-literals.patch b/gnu/packages/patches/nyacc-binary-literals.patch
new file mode 100644
index 0000000000..8159d74032
--- /dev/null
+++ b/gnu/packages/patches/nyacc-binary-literals.patch
@@ -0,0 +1,29 @@
+From 6a08014b77bf435f025ecdac08396580b85f159a Mon Sep 17 00:00:00 2001
+From: Jan Nieuwenhuizen <janneke@gnu.org>
+Date: Sat, 8 Sep 2018 20:22:45 +0200
+Subject: [PATCH] fix binary literals.
+
+---
+ module/nyacc/lex.scm | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/module/nyacc/lex.scm b/module/nyacc/lex.scm
+index 2ec9895..b205212 100644
+--- a/module/nyacc/lex.scm
++++ b/module/nyacc/lex.scm
+@@ -345,10 +345,11 @@
+ 	  ((char-numeric? ch) (iter chl '$fixed ba 1 ch))
+ 	  ((char=? #\. ch) (iter (cons ch chl) #f ba 15 (read-char))) 
+ 	  (else #f)))
+-	((10) ;; allow x after 0
++	((10) ;; allow x, b after 0
+ 	 (cond
+ 	  ((eof-object? ch) (iter chl ty ba 5 ch))
+ 	  ((char=? #\x ch) (iter (cons ch chl) ty 16 1 (read-char)))
++          ((char=? #\b ch) (iter (cons ch chl) ty 2 1 (read-char)))
+ 	  (else (iter chl ty ba 1 ch))))
+ 	((15) ;; got `.' only
+ 	 (cond
+-- 
+2.18.0
+