diff options
author | spz <spz> | 2010-06-29 18:38:15 +0000 |
---|---|---|
committer | spz <spz> | 2010-06-29 18:38:15 +0000 |
commit | 6e2c3635d72423793c4bacc8db0707473d34aa62 (patch) | |
tree | 6abca8df490d1647740f3a74adebe9723f8b4992 | |
parent | 9f625513135745b0c372bd0026613f932e1e9cfa (diff) | |
download | pkgsrc-6e2c3635d72423793c4bacc8db0707473d34aa62.tar.gz |
Pullup ticket 3152 - requested by tron
security patch
Revisions pulled up:
- pkgsrc/lang/python26/Makefile via patch
- pkgsrc/lang/python26/distinfo via patch
- pkgsrc/lang/python26/patches/patch-af via patch
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jun 29 08:15:42 UTC 2010
Modified Files:
pkgsrc/lang/python26: Makefile distinfo
Added Files:
pkgsrc/lang/python26/patches: patch-af
Log Message:
Add fix for CVE-2010-2089 taken from Red Hat's Bugzilla database.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/lang/python26/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/lang/python26/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/python26/patches/patch-af
-rw-r--r-- | lang/python26/Makefile | 4 | ||||
-rw-r--r-- | lang/python26/distinfo | 3 | ||||
-rw-r--r-- | lang/python26/patches/patch-af | 326 |
3 files changed, 330 insertions, 3 deletions
diff --git a/lang/python26/Makefile b/lang/python26/Makefile index 9b3f7da62fe..5cfa556183a 100644 --- a/lang/python26/Makefile +++ b/lang/python26/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.21 2010/02/11 21:21:49 tnn Exp $ +# $NetBSD: Makefile,v 1.21.2.1 2010/06/29 18:38:15 spz Exp $ DISTNAME= Python-2.6.4 PKGNAME= ${DISTNAME:S/Python/python26/} -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= lang python MASTER_SITES= http://www.python.org/ftp/python/2.6.4/ EXTRACT_SUFX= .tar.bz2 diff --git a/lang/python26/distinfo b/lang/python26/distinfo index 1af6db76674..f2782ceb1ec 100644 --- a/lang/python26/distinfo +++ b/lang/python26/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.20 2010/02/11 21:09:50 tnn Exp $ +$NetBSD: distinfo,v 1.20.2.1 2010/06/29 18:38:15 spz Exp $ SHA1 (Python-2.6.4.tar.bz2) = bee572680d1966501247cb2b26e0e51f94d1cd13 RMD160 (Python-2.6.4.tar.bz2) = fd33853842110fa3636dd296f2f27646fd2b151a @@ -8,6 +8,7 @@ SHA1 (patch-ab) = d35025df83e70d129f9fbcd277652b0eea83b026 SHA1 (patch-ac) = 858580a4e5c7474127eafb27bdfa96dc96cafad5 SHA1 (patch-ad) = a997e39d16a8f0023125362b180d19ee97ab519b SHA1 (patch-ae) = 5425515c6bf130eee204ca2749386f6447eaa35b +SHA1 (patch-af) = 42a93a321f6f480133513082c54bcab30e91445f SHA1 (patch-ah) = 98e9fa55c2af38d8032398cae693492c199dc5fa SHA1 (patch-al) = c39144cfa4a540900fac879b5faa990628fcee3e SHA1 (patch-am) = 6ca7c1c2360e30807d06ecb62b794604d1ad951a diff --git a/lang/python26/patches/patch-af b/lang/python26/patches/patch-af new file mode 100644 index 00000000000..5ab3b81d3f8 --- /dev/null +++ b/lang/python26/patches/patch-af @@ -0,0 +1,326 @@ +$NetBSD: patch-af,v 1.1.2.2 2010/06/29 18:38:15 spz Exp $ + +Fix for the memory corruption caused by the "audioop" module reported +in CVE-2010-2089. Patch taken from here: + +https://bugzilla.redhat.com/attachment.cgi?id=418359&action=diff + +--- Modules/audioop.c.orig 2010-06-29 09:09:00.000000000 +0100 ++++ Modules/audioop.c 2010-06-29 09:09:00.000000000 +0100 +@@ -295,6 +295,29 @@ + + static PyObject *AudioopError; + ++static int ++audioop_check_size(int size) ++{ ++ if ( size != 1 && size != 2 && size != 4 ) { ++ PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); ++ return 0; ++ } else { ++ return 1; ++ } ++} ++ ++static int ++audioop_check_parameters(int len, int size) ++{ ++ if (!audioop_check_size(size)) ++ return 0; ++ if ( len % size != 0 ) { ++ PyErr_SetString(AudioopError, "not a whole number of frames"); ++ return 0; ++ } ++ return 1; ++} ++ + static PyObject * + audioop_getsample(PyObject *self, PyObject *args) + { +@@ -304,10 +327,8 @@ + + if ( !PyArg_ParseTuple(args, "s#ii:getsample", &cp, &len, &size, &i) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + if ( i < 0 || i >= len/size ) { + PyErr_SetString(AudioopError, "Index out of range"); + return 0; +@@ -328,10 +349,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:max", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + for ( i=0; i<len; i+= size) { + if ( size == 1 ) val = (int)*CHARP(cp, i); + else if ( size == 2 ) val = (int)*SHORTP(cp, i); +@@ -352,10 +371,8 @@ + + if (!PyArg_ParseTuple(args, "s#i:minmax", &cp, &len, &size)) + return NULL; +- if (size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); ++ if (!audioop_check_parameters(len, size)) + return NULL; +- } + for (i = 0; i < len; i += size) { + if (size == 1) val = (int) *CHARP(cp, i); + else if (size == 2) val = (int) *SHORTP(cp, i); +@@ -376,10 +393,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:avg", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + for ( i=0; i<len; i+= size) { + if ( size == 1 ) val = (int)*CHARP(cp, i); + else if ( size == 2 ) val = (int)*SHORTP(cp, i); +@@ -403,10 +418,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:rms", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + for ( i=0; i<len; i+= size) { + if ( size == 1 ) val = (int)*CHARP(cp, i); + else if ( size == 2 ) val = (int)*SHORTP(cp, i); +@@ -614,10 +627,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:avgpp", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + /* Compute first delta value ahead. Also automatically makes us + ** skip the first extreme value + */ +@@ -671,10 +682,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:maxpp", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + /* Compute first delta value ahead. Also automatically makes us + ** skip the first extreme value + */ +@@ -722,10 +731,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:cross", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + ncross = -1; + prevval = 17; /* Anything <> 0,1 */ + for ( i=0; i<len; i+= size) { +@@ -750,6 +757,8 @@ + + if ( !PyArg_ParseTuple(args, "s#id:mul", &cp, &len, &size, &factor ) ) + return 0; ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + if ( size == 1 ) maxval = (double) 0x7f; + else if ( size == 2 ) maxval = (double) 0x7fff; +@@ -792,6 +801,12 @@ + if ( !PyArg_ParseTuple(args, "s#idd:tomono", + &cp, &len, &size, &fac1, &fac2 ) ) + return 0; ++ if (!audioop_check_parameters(len, size)) ++ return NULL; ++ if ( ((len / size) & 1) != 0 ) { ++ PyErr_SetString(AudioopError, "not a whole number of frames"); ++ return NULL; ++ } + + if ( size == 1 ) maxval = (double) 0x7f; + else if ( size == 2 ) maxval = (double) 0x7fff; +@@ -837,6 +852,8 @@ + if ( !PyArg_ParseTuple(args, "s#idd:tostereo", + &cp, &len, &size, &fac1, &fac2 ) ) + return 0; ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + if ( size == 1 ) maxval = (double) 0x7f; + else if ( size == 2 ) maxval = (double) 0x7fff; +@@ -896,7 +913,8 @@ + if ( !PyArg_ParseTuple(args, "s#s#i:add", + &cp1, &len1, &cp2, &len2, &size ) ) + return 0; +- ++ if (!audioop_check_parameters(len1, size)) ++ return NULL; + if ( len1 != len2 ) { + PyErr_SetString(AudioopError, "Lengths should be the same"); + return 0; +@@ -950,11 +968,8 @@ + if ( !PyArg_ParseTuple(args, "s#ii:bias", + &cp, &len, &size , &bias) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + rv = PyString_FromStringAndSize(NULL, len); + if ( rv == 0 ) +@@ -986,12 +1001,9 @@ + if ( !PyArg_ParseTuple(args, "s#i:reverse", + &cp, &len, &size) ) + return 0; ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } +- + rv = PyString_FromStringAndSize(NULL, len); + if ( rv == 0 ) + return 0; +@@ -1023,12 +1035,10 @@ + if ( !PyArg_ParseTuple(args, "s#ii:lin2lin", + &cp, &len, &size, &size2) ) + return 0; +- +- if ( (size != 1 && size != 2 && size != 4) || +- (size2 != 1 && size2 != 2 && size2 != 4)) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; ++ if (!audioop_check_size(size2)) ++ return NULL; + + new_len = (len/size)*size2; + if (new_len < 0) { +@@ -1080,10 +1090,8 @@ + &nchannels, &inrate, &outrate, &state, + &weightA, &weightB)) + return NULL; +- if (size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); ++ if (!audioop_check_size(size)) + return NULL; +- } + if (nchannels < 1) { + PyErr_SetString(AudioopError, "# of channels should be >= 1"); + return NULL; +@@ -1269,11 +1277,8 @@ + if ( !PyArg_ParseTuple(args, "s#i:lin2ulaw", + &cp, &len, &size) ) + return 0 ; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + rv = PyString_FromStringAndSize(NULL, len/size); + if ( rv == 0 ) +@@ -1303,11 +1308,8 @@ + if ( !PyArg_ParseTuple(args, "s#i:ulaw2lin", + &cp, &len, &size) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_size(size)) ++ return NULL; + + new_len = len*size; + if (new_len < 0) { +@@ -1343,11 +1345,8 @@ + if ( !PyArg_ParseTuple(args, "s#i:lin2alaw", + &cp, &len, &size) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + rv = PyString_FromStringAndSize(NULL, len/size); + if ( rv == 0 ) +@@ -1377,11 +1376,8 @@ + if ( !PyArg_ParseTuple(args, "s#i:alaw2lin", + &cp, &len, &size) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_size(size)) ++ return NULL; + + new_len = len*size; + if (new_len < 0) { +@@ -1418,12 +1414,8 @@ + if ( !PyArg_ParseTuple(args, "s#iO:lin2adpcm", + &cp, &len, &size, &state) ) + return 0; +- +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + str = PyString_FromStringAndSize(NULL, len/(size*2)); + if ( str == 0 ) +@@ -1526,11 +1518,8 @@ + if ( !PyArg_ParseTuple(args, "s#iO:adpcm2lin", + &cp, &len, &size, &state) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_size(size)) ++ return NULL; + + /* Decode state, should have (value, step) */ + if ( state == Py_None ) { |