diff options
| author | snj <snj@pkgsrc.org> | 2009-04-11 19:42:23 +0000 |
|---|---|---|
| committer | snj <snj@pkgsrc.org> | 2009-04-11 19:42:23 +0000 |
| commit | 927c2711ab0aaac9be386a8405fb6bec54e9fee7 (patch) | |
| tree | 4fdd137842929aae5075d5a61e4b7102872d7383 /lang/python25 | |
| parent | 00b26f28b71a58aec4d2ea621bf0865d32dca10c (diff) | |
| download | pkgsrc-927c2711ab0aaac9be386a8405fb6bec54e9fee7.tar.gz | |
Update python25 to 2.5.4. Spammy changes:
What's New in Python 2.5.4?
===========================
*Release date: 23-Dec-2008*
Core and builtins
-----------------
- Revert patch for #1706039, as it can crash the interpreter.
- Added test case to ensure attempts to read from a file opened for writing
fail.
What's New in Python 2.5.3?
===========================
*Release date: 19-Dec-2008*
Build
-----
- In the OSX installer, update SQLite to 3.6.7, and change bsddb URL.
Build against system Tcl framework.
What's New in Python 2.5.3c1?
=============================
*Release date: 13-Dec-2008*
Core and builtins
-----------------
- Issue #1706039: Support continued reading from a file even after
EOF was hit.
- Issue #1683: prevent forking from interfering in threading storage.
- Issue #4597: Fixed several opcodes that weren't always propagating
exceptions.
- Issue #4589: Propagated an exception thrown by a context manager's
__exit__ method's result while it's being converted to bool.
- Issue #4317: Fixed a crash in the imageop.rgb2rgb8() function.
- Issue #4230: If ``__getattr__`` is a descriptor, it now functions correctly.
- Issue #4048: The parser module now correctly validates relative imports.
- Issue #4176: Fixed a crash when pickling an object which ``__reduce__``
method does not return iterators for the 4th and 5th items.
- Issue #3967: Fixed a crash in the count() and find() methods of string-like
objects, when the "start" parameter is a huge value.
- Issue #3936: The parser warnings for using "as" and "with" as variable names
didn't fire after import statements.
- Issue #3751: str.rpartition would perform a left-partition when called with
a unicode argument.
- Issue #3537: Fix an assertion failure when an empty but presized dict
object was stored in the freelist.
- Apply security patches from Apple.
- Issue #2620: Overflow checking when allocating or reallocating memory
was not always being done properly in some python types and extension
modules. PyMem_MALLOC, PyMem_REALLOC, PyMem_NEW and PyMem_RESIZE have
all been updated to perform better checks and places in the code that
would previously leak memory on the error path when such an allocation
failed have been fixed.
- Issue #2242: Fix a crash when decoding invalid utf-7 input on certain
Windows / Visual Studio versions.
- Issue #3360: Fix incorrect parsing of '020000000000.0', which
produced a ValueError instead of giving the correct float.
- Issue #3242: Fix a crash inside the print statement, if sys.stdout is
set to a custom object whose write() method happens to install
another file in sys.stdout.
- Issue #3088: Corrected a race condition in classes derived from
threading.local: the first member set by a thread could be saved in
another thread's dictionary.
- Issue #3100: Corrected a crash on deallocation of a subclassed weakref which
holds the last (strong) reference to its referent.
- Issue #1686386: Tuple's tp_repr did not take into account the possibility of
having a self-referential tuple, which is possible from C code. Nor did
object's tp_str consider that a type's tp_str could do something that could
lead to an inifinite recursion. Py_ReprEnter() and Py_EnterRecursiveCall(),
respectively, fixed the issues. (Backport of r58288 from trunk.)
- Patch #1442: properly report exceptions when the PYTHONSTARTUP file
cannot be executed.
- The compilation of a class nested in another class used to leak one
reference on the outer class name.
- Issue #1477: With narrow Unicode builds, the unicode escape sequence
\Uxxxxxxxx did not accept values outside the Basic Multilingual Plane. This
affected raw unicode literals and the 'raw-unicode-escape' codec. Now
UTF-16 surrogates are generated in this case, like normal unicode literals
and the 'unicode-escape' codec.
- Issue #2321: use pymalloc for unicode object string data to reduce
memory usage in some circumstances.
- Issue #2238: Some syntax errors in *args and **kwargs expressions could give
bogus error messages.
- Issue #2587: In the C API, PyString_FromStringAndSize() takes a signed size
parameter but was not verifying that it was greater than zero. Values
less than zero will now raise a SystemError and return NULL to indicate a
bug in the calling C code.
- Issue #2588, #2589: Fix potential integer underflow and overflow
conditions in the PyOS_vsnprintf C API function.
- Issue #1204: The configure script now tests for additional libraries
that may be required when linking against readline. This fixes issues
with x86_64 builds on some platforms (a few Linux flavors and OpenBSD).
- Issue #3678: Correctly pass LDFLAGS and LDLAST to the linker on shared
library targets in the Makefile.
Library
-------
- Issue #3767: Convert Tk object to string in tkColorChooser.
- Issue #4342: Always convert Text.index result to string.
- Issue 3248: Allow placing ScrolledText in a PanedWindow.
- Issue #4084: Fix max, min, max_mag and min_mag Decimal methods to
give correct results in the case where one argument is a quiet NaN
and the other is a finite number that requires rounding.
- Issue #1776581 and #4302. Minor corrections to smtplib.
- Issue #3774: Fixed an error when create a Tkinter menu item without command
and then remove it.
- Assigning methods to ctypes.Structure and ctypes.Union subclasses
after creation of the class does now work correctly. See Issue #1700288.
- Issue #3895: _lsprof could be crashed with an external timer that did not
return a float when a Profiler object is garbage collected.
- Issues #3968 and #3969: two minor turtle problems.
- Issue #3547: Fixed ctypes structures bitfields of varying integer
sizes.
- Issue #3762: platform.architecture() fails if python is lanched via
its symbolic link.
- Issue #3554: ctypes.string_at and ctypes.wstring_at did call Python
api functions without holding the GIL, which could lead to a fatal
error when they failed.
- Issue #2234: distutils failed for some versions of the cygwin compiler. The
version reported by these tools does not necessarily follow the python
version numbering scheme, so the module is less strict when parsing it.
- Issue #2222: Fixed reference leak when occured os.rename()
fails unicode conversion on 2nd parameter. (windows only)
- Issue #3134: shutil referenced undefined WindowsError symbol.
- Issue #1342811: Fix leak in Tkinter.Menu.delete. Commands associated to
menu entries were not deleted.
- Issue #799428: Fix Tkinter.Misc._nametowidget to unwrap Tcl command objects.
- Issue #3339: dummy_thread.acquire() could return None which is not a valid
return value.
- Issue #3116 and #1792: Fix quadratic behavior in marshal.dumps().
- Issue #2682: ctypes callback functions no longer contain a cyclic
reference to themselves.
- Issue #2670: Fix a failure in urllib2.build_opener(), when passed two
handlers that derive the same default base class.
- Issue #2495: tokenize.untokenize now inserts a space between two consecutive
string literals; previously, ["" ""] was rendered as [""""], which is
incorrect python code.
- Issue #2482: Make sure that the coefficient of a Decimal is always
stored as a str instance, not as a unicode instance. This ensures
that str(Decimal) is always an instance of str. This fixes a
regression from Python 2.5.1 to Python 2.5.2.
- Issue #2478: fix failure of decimal.Decimal(0).sqrt()
- Issue #2432: give DictReader the dialect and line_num attributes
advertised in the docs.
- Issue #1747858: Fix chown to work with large uid's and gid's on 64-bit
platforms.
- Bug #2220: handle rlcompleter attribute match failure more gracefully.
- Bug #1725737: In distutil's sdist, exclude RCS, CVS etc. also in the
root directory, and also exclude .hg, .git, .bzr, and _darcs.
- Bug #1389051: imaplib causes excessive memory fragmentation when reading
large messages.
- Bug #1389051, 1092502: fix excessively large memory allocations when
calling .read() on a socket object wrapped with makefile().
- Bug #1433694: minidom's .normalize() failed to set .nextSibling for
last child element.
- Issue #2791: subprocess.Popen.communicate explicitly closes its
stdout and stderr fds rather than leaving them open until the
instance is destroyed.
- Issue #2632: Prevent socket.read(bignumber) from over allocating memory
in the common case when the data is returned from the underlying socket
in increments much smaller than bignumber.
- Issue #1857: subprocess.Popen.poll gained an additional _deadstate keyword
argument in python 2.5, this broke code that subclassed Popen to include its
own poll method. Fixed my moving _deadstate to an _internal_poll method.
- Issue #2113: Fix error in subprocess.Popen if the select system call is
interrupted by a signal.
- Issue #874900: after an os.fork() call the threading module state is cleaned
up in the child process to prevent deadlock and report proper thread counts
if the new process uses the threading module.
- Issue #3309: Fix bz2.BZFile iterator to release its internal lock
properly when raising an exception due to the bz2file being closed.
Prevents a deadlock.
Extension Modules
-----------------
- Issue #1040026: Fix os.times result on systems where HZ is incorrect.
- Issue #4228: Pack negative values the same way as 2.4 in struct's L format.
- Security Issue #2: imageop did not validate arguments correctly and could
segfault as a result.
- Issue 3886: [CVE-2008-2316] Possible integer overflow in the _hashopenssl
module was closed.
- Issue 1179: [CVE-2007-4965] Integer overflow in imageop module.
Also fixes rgbimg module.
- Issue #3205: When iterating over a BZ2File fails allocating memory, raise
a MemoryError rather than silently stop the iteration.
- Patch #2111: Avoid mmap segfault when modifying a PROT_READ block.
- zlib.decompressobj().flush(value) no longer crashes the interpreter when
passed a value less than or equal to zero.
- issue2858: Fix potential memory corruption when bsddb.db.DBEnv.lock_get
and other bsddb.db object constructors raised an exception.
- Issue #3120: On 64-bit Windows the subprocess module was truncating handles.
- Issue #1471: Arguments to fcntl.ioctl are no longer broken on 64-bit OpenBSD
and similar platforms due to sign extension.
- Issue #3312: Fix two crashes in sqlite3.
Tests
-----
- Issue #3863: Disabled a unit test of fork being called from a thread
when running on platforms known to exhibit OS bugs when attempting that.
- Issue #3261: test_cookielib had an improper file encoding specified.
- Patch #2232: os.tmpfile might fail on Windows if the user has no
permission to create files in the root directory.
Documentation
-------------
Build
-----
- Issue #4368: Don't define _XOPEN_SOURCE on FreeBSD 4.*.
Diffstat (limited to 'lang/python25')
28 files changed, 43 insertions, 1076 deletions
diff --git a/lang/python25/MESSAGE.SunOS b/lang/python25/MESSAGE.SunOS index 19c996508c9..f845cf9ef79 100644 --- a/lang/python25/MESSAGE.SunOS +++ b/lang/python25/MESSAGE.SunOS @@ -1,8 +1,8 @@ =========================================================================== -$NetBSD: MESSAGE.SunOS,v 1.1 2008/09/13 09:59:35 adrianp Exp $ +$NetBSD: MESSAGE.SunOS,v 1.2 2009/04/11 19:42:23 snj Exp $ -In order for the Python installation to successfuly compile the -"sunaudiodev" module you must install the SUNWaudh package to have +In order for the Python installation to successfuly compile the +"sunaudiodev" module you must install the SUNWaudh package to have the necessary headers installed. =========================================================================== diff --git a/lang/python25/Makefile b/lang/python25/Makefile index 5d5fb31d8bf..d6f0b4dbcb2 100644 --- a/lang/python25/Makefile +++ b/lang/python25/Makefile @@ -1,11 +1,10 @@ -# $NetBSD: Makefile,v 1.13 2009/03/20 18:19:20 joerg Exp $ +# $NetBSD: Makefile,v 1.14 2009/04/11 19:42:23 snj Exp $ -DISTNAME= Python-2.5.2 -PKGNAME= python25-2.5.2 -PKGREVISION= 5 +DISTNAME= Python-2.5.4 +PKGNAME= python25-2.5.4 CATEGORIES= lang python -MASTER_SITES= ftp://ftp.python.org/pub/python/2.5.2/ \ - http://www.python.org/ftp/python/2.5.2/ +MASTER_SITES= ftp://ftp.python.org/pub/python/2.5.4/ \ + http://www.python.org/ftp/python/2.5.4/ EXTRACT_SUFX= .tar.bz2 MAINTAINER= recht@NetBSD.org diff --git a/lang/python25/PLIST.common b/lang/python25/PLIST.common index 8a24cae6fa5..febe57da4a9 100644 --- a/lang/python25/PLIST.common +++ b/lang/python25/PLIST.common @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST.common,v 1.3 2008/04/25 11:51:13 tnn Exp $ +@comment $NetBSD: PLIST.common,v 1.4 2009/04/11 19:42:23 snj Exp $ bin/pydoc${PY_VER_SUFFIX} bin/python${PY_VER_SUFFIX} bin/python${PY_VER_SUFFIX}-config @@ -2138,7 +2138,6 @@ lib/python${PY_VER_SUFFIX}/test/output/test_profile lib/python${PY_VER_SUFFIX}/test/output/test_pty lib/python${PY_VER_SUFFIX}/test/output/test_pyexpat lib/python${PY_VER_SUFFIX}/test/output/test_regex -lib/python${PY_VER_SUFFIX}/test/output/test_resource lib/python${PY_VER_SUFFIX}/test/output/test_rgbimg lib/python${PY_VER_SUFFIX}/test/output/test_scope lib/python${PY_VER_SUFFIX}/test/output/test_signal diff --git a/lang/python25/distinfo b/lang/python25/distinfo index 7094cc81531..0c52dc4b1fb 100644 --- a/lang/python25/distinfo +++ b/lang/python25/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.7 2008/12/17 12:49:51 tron Exp $ +$NetBSD: distinfo,v 1.8 2009/04/11 19:42:23 snj Exp $ -SHA1 (Python-2.5.2.tar.bz2) = 4755d212f50af704c20224a6966e23acc5aea60f -RMD160 (Python-2.5.2.tar.bz2) = b23b02739833e6730799c5866e2b77aae884b63f -Size (Python-2.5.2.tar.bz2) = 9807597 bytes +SHA1 (Python-2.5.4.tar.bz2) = 0f2e819d6381f72f26c734e00a6780b3933ea404 +RMD160 (Python-2.5.4.tar.bz2) = 3a76c83464c3b1c38a60351ab054e33ac7195663 +Size (Python-2.5.4.tar.bz2) = 9821313 bytes SHA1 (patch-aa) = d44e67645dc86ff14f5daf5705de02c6f330cc48 SHA1 (patch-ab) = d35025df83e70d129f9fbcd277652b0eea83b026 SHA1 (patch-ac) = 4de5b8dc20b41dc3bb4acd38011ef59570318d3f @@ -13,32 +13,12 @@ SHA1 (patch-ah) = 98e9fa55c2af38d8032398cae693492c199dc5fa SHA1 (patch-ai) = a89bee00860910f53a23b1c670d9c091846a03c1 SHA1 (patch-aj) = a75d680a6b8b1ad3c9222dcb841f4fb10db6d16d SHA1 (patch-ak) = 948362c15ad59abeef46971f9b870b70655a62c7 -SHA1 (patch-al) = 85063c81a98de221eb5357aa2a0b172feb3ed950 -SHA1 (patch-am) = 8968853066d2d1a4f76a7ee4ce328ba372d19666 +SHA1 (patch-al) = 6247e3f85d555bae7850befbd7bfffbb233cecb3 +SHA1 (patch-am) = 7985a6e2edd3eef86bd2833a36818e3e1e315a25 SHA1 (patch-an) = 17b4e17b3b562c29a050e9bb20447084ce82b8ab SHA1 (patch-ao) = 9bbd5561c010e0a1ab8e0a70d27a5f77fd2089d2 SHA1 (patch-ap) = b864db92761c843a91374663bd2dbcfa57b317cf -SHA1 (patch-aq) = e1fb02560e95ce4d37e2894b4299c3eb3a1167d8 SHA1 (patch-ar) = 2a0c3f9a798afdfda7af4823e67579b2e000c072 -SHA1 (patch-at) = bb2ef2e30ebb6feb6ec796bc4cf6f2d4147353c1 -SHA1 (patch-au) = e3babf3537ed8cbed1720f1afe964914f4ae289f +SHA1 (patch-at) = 6fdd64ce70eb8c2de5336f3415f45bc467e46373 +SHA1 (patch-au) = c1a759765095d246151ba027ed06f423e05c9218 SHA1 (patch-av) = a1d41cb3a93879d54f0964ff84a63a297c333156 -SHA1 (patch-ba) = 23378360d4fb0d22a2e5f98993832888a672a748 -SHA1 (patch-bb) = 26b1426df46b947417ed755f1e61d238071e49f7 -SHA1 (patch-bc) = bfa88d1198b06737297e97e57ee98692096e0df5 -SHA1 (patch-bd) = 491dcb6731db871af2eb8bf418cd369a4af3b2b7 -SHA1 (patch-be) = ba2f8d299b86560172e55af067763e9224c41e3b -SHA1 (patch-bf) = 58809f824473be7a16cc0e7c4d0b132e023aea4c -SHA1 (patch-bg) = bf9dc3b3d51ab963804263e170c4247d19ab0d91 -SHA1 (patch-bh) = 96a2675f266144a6027fdc7445b9f93d0fdbe4eb -SHA1 (patch-bi) = 1fb1c40669fc54fc6d181f706c614d67fe16d42b -SHA1 (patch-bj) = dc2e3971dd4fd623a68cc9940738619cad4629b1 -SHA1 (patch-bk) = 61300258bdc9ee19195c5c7f62135d20d487507e -SHA1 (patch-ca) = 37f59fc143e69cbf458d2930f846156553f9178b -SHA1 (patch-cb) = 570ffec0f57acec984a401306f48c24e2128d9fe -SHA1 (patch-cc) = 04289f010fb0c0aef37dbfb1a5be77aaa8725b95 -SHA1 (patch-cd) = 24a2a9975c4393400935b885f1ec9fc8996632a0 -SHA1 (patch-ce) = 2a8cae6c30be57bb9e389c1957609f7b42317f69 -SHA1 (patch-da) = 2030f74fb0d6134e6bb4203536dc56d8c0d38c3a -SHA1 (patch-db) = 6ff4a9d4e33c2e08362d4417330eba47c170a84b -SHA1 (patch-ea) = 7c4b01d002b8e081967216c2e79f2cec9df24005 diff --git a/lang/python25/patches/patch-al b/lang/python25/patches/patch-al index 3798a0e1ad9..f69a242a6f7 100644 --- a/lang/python25/patches/patch-al +++ b/lang/python25/patches/patch-al @@ -1,17 +1,8 @@ -$NetBSD: patch-al,v 1.4 2008/12/17 12:49:51 tron Exp $ +$NetBSD: patch-al,v 1.5 2009/04/11 19:42:23 snj Exp $ ---- configure.orig 2008-02-13 13:17:17.000000000 -0600 -+++ configure -@@ -2019,6 +2019,8 @@ _ACEOF - # Marc Recht - NetBSD/1.5 | NetBSD/1.5.* | NetBSD/1.6 | NetBSD/1.6.* | NetBSD/1.6A-S) - define_xopen_source=no;; -+ NetBSD/1.5 | NetBSD/1.5.* | NetBSD/1.6 | NetBSD/1.6.* | NetBSD/1.6[A-S]) -+ define_xopen_source=no;; - # On Solaris 2.6, sys/wait.h is inconsistent in the usage - # of union __?sigval. Reported by Stuart Bishop. - SunOS/5.6) -@@ -4018,17 +4020,18 @@ _ACEOF +--- configure.orig 2008-12-13 06:13:52.000000000 -0800 ++++ configure 2009-03-20 14:28:16.000000000 -0700 +@@ -4014,17 +4014,18 @@ _ACEOF RUNSHARED=LD_LIBRARY_PATH=`pwd`:${LD_LIBRARY_PATH} INSTSONAME="$LDLIBRARY".$SOVERSION ;; @@ -36,7 +27,7 @@ $NetBSD: patch-al,v 1.4 2008/12/17 12:49:51 tron Exp $ hp*|HP*) case `uname -m` in ia64) -@@ -4538,7 +4541,12 @@ echo "${ECHO_T}$ac_cv_no_strict_aliasing +@@ -4534,7 +4535,12 @@ echo "${ECHO_T}$ac_cv_no_strict_aliasing ;; # is there any other compiler on Darwin besides gcc? Darwin*) @@ -50,7 +41,7 @@ $NetBSD: patch-al,v 1.4 2008/12/17 12:49:51 tron Exp $ if test "${enable_universalsdk}"; then BASECFLAGS="-arch ppc -arch i386 -isysroot ${UNIVERSALSDK} ${BASECFLAGS}" fi -@@ -11540,12 +11548,12 @@ then +@@ -11536,12 +11542,12 @@ then LDSHARED="$LDSHARED "'$(PYTHONFRAMEWORKPREFIX)/$(PYTHONFRAMEWORKDIR)/Versions/$(VERSION)/$(PYTHONFRAMEWORK)' else # No framework, use the Python app as bundle-loader @@ -66,7 +57,7 @@ $NetBSD: patch-al,v 1.4 2008/12/17 12:49:51 tron Exp $ BSD/OS*/4*) LDSHARED="gcc -shared";; FreeBSD*) if [ "`$CC -dM -E - </dev/null | grep __ELF__`" != "" ] -@@ -11569,6 +11577,7 @@ then +@@ -11565,6 +11571,7 @@ then esac fi;; NetBSD*|DragonFly*) LDSHARED="cc -shared ${LDFLAGS}";; @@ -74,7 +65,7 @@ $NetBSD: patch-al,v 1.4 2008/12/17 12:49:51 tron Exp $ OpenUNIX*|UnixWare*) if test "$GCC" = "yes" then LDSHARED='$(CC) -shared' -@@ -11604,6 +11613,7 @@ then +@@ -11600,6 +11607,7 @@ then Linux*|GNU*) CCSHARED="-fPIC";; BSD/OS*/4*) CCSHARED="-fpic";; FreeBSD*|NetBSD*|OpenBSD*|DragonFly*) CCSHARED="-fPIC";; @@ -82,7 +73,7 @@ $NetBSD: patch-al,v 1.4 2008/12/17 12:49:51 tron Exp $ OpenUNIX*|UnixWare*) if test "$GCC" = "yes" then CCSHARED="-fPIC" -@@ -11661,6 +11671,7 @@ then +@@ -11657,6 +11665,7 @@ then then LINKFORSHARED="-Wl,--export-dynamic" fi;; diff --git a/lang/python25/patches/patch-am b/lang/python25/patches/patch-am index b445c0d99e8..1d91fe656d5 100644 --- a/lang/python25/patches/patch-am +++ b/lang/python25/patches/patch-am @@ -1,7 +1,7 @@ -$NetBSD: patch-am,v 1.1.1.1 2008/04/24 01:50:58 tnn Exp $ +$NetBSD: patch-am,v 1.2 2009/04/11 19:42:23 snj Exp $ ---- setup.py.orig 2008-02-05 00:41:02.000000000 +0100 -+++ setup.py +--- setup.py.orig 2008-10-16 11:58:19.000000000 -0700 ++++ setup.py 2009-03-20 15:01:44.000000000 -0700 @@ -15,7 +15,7 @@ from distutils.command.install import in from distutils.command.install_lib import install_lib @@ -30,7 +30,7 @@ $NetBSD: patch-am,v 1.1.1.1 2008/04/24 01:50:58 tnn Exp $ # Add paths specified in the environment variables LDFLAGS and # CPPFLAGS for header and library files. -@@ -533,9 +539,7 @@ class PyBuildExt(build_ext): +@@ -534,9 +540,7 @@ class PyBuildExt(build_ext): if krb5_h: ssl_incs += krb5_h ssl_libs = find_library_file(self.compiler, 'ssl',lib_dirs, @@ -41,7 +41,7 @@ $NetBSD: patch-am,v 1.1.1.1 2008/04/24 01:50:58 tnn Exp $ if (ssl_incs is not None and ssl_libs is not None): -@@ -608,269 +612,51 @@ class PyBuildExt(build_ext): +@@ -609,269 +613,51 @@ class PyBuildExt(build_ext): # a release. Most open source OSes come with one or more # versions of BerkeleyDB already installed. @@ -233,7 +233,7 @@ $NetBSD: patch-am,v 1.1.1.1 2008/04/24 01:50:58 tnn Exp $ - break - else: - if sqlite_setup_debug: -- print "%s: version %d is too old, need >= %s"%(d, +- print "%s: version %r is too old, need >= %r"%(d, - sqlite_version, MIN_SQLITE_VERSION) - elif sqlite_setup_debug: - print "sqlite: %s had no SQLITE_VERSION"%(f,) @@ -350,7 +350,7 @@ $NetBSD: patch-am,v 1.1.1.1 2008/04/24 01:50:58 tnn Exp $ # The standard Unix dbm module: if platform not in ['cygwin']: -@@ -883,6 +669,13 @@ class PyBuildExt(build_ext): +@@ -884,6 +670,13 @@ class PyBuildExt(build_ext): exts.append( Extension('dbm', ['dbmmodule.c'], define_macros=[('HAVE_NDBM_H',None)], libraries = ndbm_libs ) ) @@ -364,7 +364,7 @@ $NetBSD: patch-am,v 1.1.1.1 2008/04/24 01:50:58 tnn Exp $ elif (self.compiler.find_library_file(lib_dirs, 'gdbm') and find_file("gdbm/ndbm.h", inc_dirs, []) is not None): exts.append( Extension('dbm', ['dbmmodule.c'], -@@ -1535,8 +1328,8 @@ def main(): +@@ -1536,8 +1329,8 @@ def main(): ext_modules=[Extension('_struct', ['_struct.c'])], # Scripts to install diff --git a/lang/python25/patches/patch-aq b/lang/python25/patches/patch-aq deleted file mode 100644 index 12187749ba7..00000000000 --- a/lang/python25/patches/patch-aq +++ /dev/null @@ -1,26 +0,0 @@ -$NetBSD: patch-aq,v 1.1.1.1 2008/04/24 01:50:58 tnn Exp $ - -Fixed warnings from the portability checks: -- test(1) doesn't need to know the == operator. -- $RANDOM is not required by POSIX. - ---- Tools/faqwiz/move-faqwiz.sh.orig 2002-03-18 03:56:23.000000000 -0500 -+++ Tools/faqwiz/move-faqwiz.sh -@@ -9,7 +9,7 @@ - # blackjesus:~> ./move-faqwiz.sh 2\.1 3\.2 - # Moving FAQ question 02.001 to 03.002 - --if [ x$2 == x ]; then -+if [ $# -ne 2 ]; then - echo "Need 2 args: original_version final_version." - exit 2 - fi -@@ -28,7 +28,7 @@ cut_n_pad $1 1 prefix1 - cut_n_pad $1 2 suffix1 - cut_n_pad $2 1 prefix2 - cut_n_pad $2 2 suffix2 --tmpfile=tmp$RANDOM.tmp -+tmpfile=tmp-$$-$RANDOM.tmp - file1=faq$prefix1.$suffix1.htp - file2=faq$prefix2.$suffix2.htp - diff --git a/lang/python25/patches/patch-at b/lang/python25/patches/patch-at index 0a09ce43a34..a4c44c1068a 100644 --- a/lang/python25/patches/patch-at +++ b/lang/python25/patches/patch-at @@ -1,25 +1,13 @@ -$NetBSD: patch-at,v 1.2 2008/08/30 10:02:33 tron Exp $ +$NetBSD: patch-at,v 1.3 2009/04/11 19:42:23 snj Exp $ -The first change is part of the fix for CVE-2008-2315 taken from Gentto. - ---- Modules/mmapmodule.c.orig 2006-08-22 14:57:07.000000000 +0100 -+++ Modules/mmapmodule.c 2008-08-30 10:16:13.000000000 +0100 -@@ -223,7 +223,7 @@ - return(NULL); - - /* silently 'adjust' out-of-range requests */ -- if ((self->pos + num_bytes) > self->size) { -+ if (num_bytes > self->size - self->pos) { - num_bytes -= (self->pos+num_bytes) - self->size; - } - result = Py_BuildValue("s#", self->data+self->pos, num_bytes); -@@ -449,6 +449,9 @@ +--- Modules/mmapmodule.c.orig 2009-03-20 15:07:16.000000000 -0700 ++++ Modules/mmapmodule.c 2009-03-20 15:07:34.000000000 -0700 +@@ -449,6 +449,8 @@ mmap_resize_method(mmap_object *self, #ifdef MREMAP_MAYMOVE newmap = mremap(self->data, self->size, new_size, MREMAP_MAYMOVE); +#elif defined(__NetBSD__) -+ newmap = mremap(self->data, self->size, self->data, new_size, 0); -+ ++ newmap = mremap(self->data, self->size, self->data, new_size, 0); #else newmap = mremap(self->data, self->size, new_size, 0); #endif diff --git a/lang/python25/patches/patch-au b/lang/python25/patches/patch-au index 895dbe2552f..64453682356 100644 --- a/lang/python25/patches/patch-au +++ b/lang/python25/patches/patch-au @@ -1,10 +1,10 @@ -$NetBSD: patch-au,v 1.2 2008/06/27 19:57:49 tron Exp $ +$NetBSD: patch-au,v 1.3 2009/04/11 19:42:23 snj Exp $ ---- Makefile.pre.in.orig 2007-12-05 14:43:57.000000000 -0600 -+++ Makefile.pre.in +--- Makefile.pre.in.orig 2008-09-21 17:22:44.000000000 -0700 ++++ Makefile.pre.in 2009-03-20 15:09:36.000000000 -0700 @@ -376,6 +376,12 @@ libpython$(VERSION).so: $(LIBRARY_OBJS) libpython$(VERSION).sl: $(LIBRARY_OBJS) - $(LDSHARED) -o $@ $(LIBRARY_OBJS) $(SHLIBS) $(LIBC) $(LIBM) + $(LDSHARED) $(LDFLAGS) -o $@ $(LIBRARY_OBJS) $(SHLIBS) $(LIBC) $(LIBM) $(LDLAST) +libpython$(VERSION).dylib: $(LIBRARY_OBJS) + $(LINKCC) -dynamiclib -install_name $(LIBDIR)/$@ \ diff --git a/lang/python25/patches/patch-ba b/lang/python25/patches/patch-ba deleted file mode 100644 index 3188215190a..00000000000 --- a/lang/python25/patches/patch-ba +++ /dev/null @@ -1,119 +0,0 @@ -$NetBSD: patch-ba,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Objects/unicodeobject.c.orig 2007-11-02 22:46:38.000000000 +0000 -+++ Objects/unicodeobject.c 2008-08-30 10:16:13.000000000 +0100 -@@ -239,6 +239,11 @@ - return unicode_empty; - } - -+ /* Ensure we won't overflow the size. */ -+ if (length > ((PY_SSIZE_T_MAX / sizeof(Py_UNICODE)) - 1)) { -+ return (PyUnicodeObject *)PyErr_NoMemory(); -+ } -+ - /* Unicode freelist & memory allocation */ - if (unicode_freelist) { - unicode = unicode_freelist; -@@ -1091,6 +1096,9 @@ - char * out; - char * start; - -+ if (cbAllocated / 5 != size) -+ return PyErr_NoMemory(); -+ - if (size == 0) - return PyString_FromStringAndSize(NULL, 0); - -@@ -1689,8 +1697,9 @@ - { - PyObject *v; - unsigned char *p; -+ Py_ssize_t nsize, bytesize; - #ifdef Py_UNICODE_WIDE -- int i, pairs; -+ Py_ssize_t i, pairs; - #else - const int pairs = 0; - #endif -@@ -1713,8 +1722,15 @@ - if (s[i] >= 0x10000) - pairs++; - #endif -- v = PyString_FromStringAndSize(NULL, -- 2 * (size + pairs + (byteorder == 0))); -+ /* 2 * (size + pairs + (byteorder == 0)) */ -+ if (size > PY_SSIZE_T_MAX || -+ size > PY_SSIZE_T_MAX - pairs - (byteorder == 0)) -+ return PyErr_NoMemory(); -+ nsize = (size + pairs + (byteorder == 0)); -+ bytesize = nsize * 2; -+ if (bytesize / 2 != nsize) -+ return PyErr_NoMemory(); -+ v = PyString_FromStringAndSize(NULL, bytesize); - if (v == NULL) - return NULL; - -@@ -2042,6 +2058,11 @@ - char *p; - - static const char *hexdigit = "0123456789abcdef"; -+#ifdef Py_UNICODE_WIDE -+ const Py_ssize_t expandsize = 10; -+#else -+ const Py_ssize_t expandsize = 6; -+#endif - - /* Initial allocation is based on the longest-possible unichr - escape. -@@ -2057,13 +2078,12 @@ - escape. - */ - -+ if (size > (PY_SSIZE_T_MAX - 2 - 1) / expandsize) -+ return PyErr_NoMemory(); -+ - repr = PyString_FromStringAndSize(NULL, - 2 --#ifdef Py_UNICODE_WIDE -- + 10*size --#else -- + 6*size --#endif -+ + expandsize*size - + 1); - if (repr == NULL) - return NULL; -@@ -2304,12 +2324,16 @@ - char *q; - - static const char *hexdigit = "0123456789abcdef"; -- - #ifdef Py_UNICODE_WIDE -- repr = PyString_FromStringAndSize(NULL, 10 * size); -+ const Py_ssize_t expandsize = 10; - #else -- repr = PyString_FromStringAndSize(NULL, 6 * size); -+ const Py_ssize_t expandsize = 6; - #endif -+ -+ if (size > PY_SSIZE_T_MAX / expandsize) -+ return PyErr_NoMemory(); -+ -+ repr = PyString_FromStringAndSize(NULL, expandsize * size); - if (repr == NULL) - return NULL; - if (size == 0) -@@ -4719,6 +4743,11 @@ - return self; - } - -+ if (left > PY_SSIZE_T_MAX - self->length || -+ right > PY_SSIZE_T_MAX - (left + self->length)) { -+ PyErr_SetString(PyExc_OverflowError, "padded string is too long"); -+ return NULL; -+ } - u = _PyUnicode_New(left + self->length + right); - if (u) { - if (left) diff --git a/lang/python25/patches/patch-bb b/lang/python25/patches/patch-bb deleted file mode 100644 index 5b50f048265..00000000000 --- a/lang/python25/patches/patch-bb +++ /dev/null @@ -1,21 +0,0 @@ -$NetBSD: patch-bb,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Objects/tupleobject.c.orig 2006-08-12 18:03:09.000000000 +0100 -+++ Objects/tupleobject.c 2008-08-30 10:16:13.000000000 +0100 -@@ -60,11 +60,12 @@ - Py_ssize_t nbytes = size * sizeof(PyObject *); - /* Check for overflow */ - if (nbytes / sizeof(PyObject *) != (size_t)size || -- (nbytes += sizeof(PyTupleObject) - sizeof(PyObject *)) -- <= 0) -+ (nbytes > PY_SSIZE_T_MAX - sizeof(PyTupleObject) - sizeof(PyObject *))) - { - return PyErr_NoMemory(); - } -+ nbytes += sizeof(PyTupleObject) - sizeof(PyObject *); -+ - op = PyObject_GC_NewVar(PyTupleObject, &PyTuple_Type, size); - if (op == NULL) - return NULL; diff --git a/lang/python25/patches/patch-bc b/lang/python25/patches/patch-bc deleted file mode 100644 index 975bfb0b0a1..00000000000 --- a/lang/python25/patches/patch-bc +++ /dev/null @@ -1,17 +0,0 @@ -$NetBSD: patch-bc,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Objects/bufferobject.c.orig 2008-02-14 11:26:18.000000000 +0000 -+++ Objects/bufferobject.c 2008-08-30 10:16:13.000000000 +0100 -@@ -427,6 +427,10 @@ - count = 0; - if (!get_buf(self, &ptr, &size, ANY_BUFFER)) - return NULL; -+ if (count > PY_SSIZE_T_MAX / size) { -+ PyErr_SetString(PyExc_MemoryError, "result too large"); -+ return NULL; -+ } - ob = PyString_FromStringAndSize(NULL, size * count); - if ( ob == NULL ) - return NULL; diff --git a/lang/python25/patches/patch-bd b/lang/python25/patches/patch-bd deleted file mode 100644 index 06ae261508e..00000000000 --- a/lang/python25/patches/patch-bd +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-bd,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Objects/longobject.c.orig 2007-05-07 19:30:48.000000000 +0100 -+++ Objects/longobject.c 2008-08-30 10:16:13.000000000 +0100 -@@ -70,6 +70,8 @@ - PyErr_NoMemory(); - return NULL; - } -+ /* XXX(nnorwitz): This can overflow -- -+ PyObject_NEW_VAR / _PyObject_VAR_SIZE need to detect overflow */ - return PyObject_NEW_VAR(PyLongObject, &PyLong_Type, size); - } - diff --git a/lang/python25/patches/patch-be b/lang/python25/patches/patch-be deleted file mode 100644 index 81798e3a973..00000000000 --- a/lang/python25/patches/patch-be +++ /dev/null @@ -1,53 +0,0 @@ -$NetBSD: patch-be,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Objects/stringobject.c.orig 2007-11-07 01:19:49.000000000 +0000 -+++ Objects/stringobject.c 2008-08-30 10:16:13.000000000 +0100 -@@ -71,6 +71,11 @@ - return (PyObject *)op; - } - -+ if (size > PY_SSIZE_T_MAX - sizeof(PyStringObject)) { -+ PyErr_SetString(PyExc_OverflowError, "string is too large"); -+ return NULL; -+ } -+ - /* Inline PyObject_NewVar */ - op = (PyStringObject *)PyObject_MALLOC(sizeof(PyStringObject) + size); - if (op == NULL) -@@ -106,7 +111,7 @@ - - assert(str != NULL); - size = strlen(str); -- if (size > PY_SSIZE_T_MAX) { -+ if (size > PY_SSIZE_T_MAX - sizeof(PyStringObject)) { - PyErr_SetString(PyExc_OverflowError, - "string is too long for a Python string"); - return NULL; -@@ -967,14 +972,24 @@ - Py_INCREF(a); - return (PyObject *)a; - } -+ /* Check that string sizes are not negative, to prevent an -+ overflow in cases where we are passed incorrectly-created -+ strings with negative lengths (due to a bug in other code). -+ */ - size = a->ob_size + b->ob_size; -- if (size < 0) { -+ if (a->ob_size < 0 || b->ob_size < 0 || -+ a->ob_size > PY_SSIZE_T_MAX - b->ob_size) { - PyErr_SetString(PyExc_OverflowError, - "strings are too large to concat"); - return NULL; - } - - /* Inline PyObject_NewVar */ -+ if (size > PY_SSIZE_T_MAX - sizeof(PyStringObject)) { -+ PyErr_SetString(PyExc_OverflowError, -+ "strings are too large to concat"); -+ return NULL; -+ } - op = (PyStringObject *)PyObject_MALLOC(sizeof(PyStringObject) + size); - if (op == NULL) - return PyErr_NoMemory(); diff --git a/lang/python25/patches/patch-bf b/lang/python25/patches/patch-bf deleted file mode 100644 index ff7211e0a2c..00000000000 --- a/lang/python25/patches/patch-bf +++ /dev/null @@ -1,25 +0,0 @@ -$NetBSD: patch-bf,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Lib/test/seq_tests.py.orig 2007-11-12 20:04:41.000000000 +0000 -+++ Lib/test/seq_tests.py 2008-08-30 10:16:13.000000000 +0100 -@@ -307,11 +307,13 @@ - self.assertEqual(id(s), id(s*1)) - - def test_bigrepeat(self): -- x = self.type2test([0]) -- x *= 2**16 -- self.assertRaises(MemoryError, x.__mul__, 2**16) -- if hasattr(x, '__imul__'): -- self.assertRaises(MemoryError, x.__imul__, 2**16) -+ import sys -+ if sys.maxint <= 2147483647: -+ x = self.type2test([0]) -+ x *= 2**16 -+ self.assertRaises(MemoryError, x.__mul__, 2**16) -+ if hasattr(x, '__imul__'): -+ self.assertRaises(MemoryError, x.__imul__, 2**16) - - def test_subscript(self): - a = self.type2test([10, 11]) diff --git a/lang/python25/patches/patch-bg b/lang/python25/patches/patch-bg deleted file mode 100644 index 82b6d143a38..00000000000 --- a/lang/python25/patches/patch-bg +++ /dev/null @@ -1,32 +0,0 @@ -$NetBSD: patch-bg,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Lib/test/test_strop.py.orig 2002-07-31 00:27:12.000000000 +0100 -+++ Lib/test/test_strop.py 2008-08-30 10:16:13.000000000 +0100 -@@ -115,6 +115,25 @@ - strop.uppercase - strop.whitespace - -+ @test_support.precisionbigmemtest(size=test_support._2G - 1, memuse=5) -+ def test_stropjoin_huge_list(self, size): -+ a = "A" * size -+ try: -+ r = strop.join([a, a], a) -+ except OverflowError: -+ pass -+ else: -+ self.assertEquals(len(r), len(a) * 3) -+ -+ @test_support.precisionbigmemtest(size=test_support._2G - 1, memuse=1) -+ def test_stropjoin_huge_tup(self, size): -+ a = "A" * size -+ try: -+ r = strop.join((a, a), a) -+ except OverflowError: -+ pass # acceptable on 32-bit -+ else: -+ self.assertEquals(len(r), len(a) * 3) - - transtable = '\000\001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037 !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`xyzdefghijklmnopqrstuvwxyz{|}~\177\200\201\202\203\204\205\206\207\210\211\212\213\214\215\216\217\220\221\222\223\224\225\226\227\230\231\232\233\234\235\236\237\240\241\242\243\244\245\246\247\250\251\252\253\254\255\256\257\260\261\262\263\264\265\266\267\270\271\272\273\274\275\276\277\300\301\302\303\304\305\306\307\310\311\312\313\314\315\316\317\320\321\322\323\324\325\326\327\330\331\332\333\334\335\336\337\340\341\342\343\344\345\346\347\350\351\352\353\354\355\356\357\360\361\362\363\364\365\366\367\370\371\372\373\374\375\376\377' - diff --git a/lang/python25/patches/patch-bh b/lang/python25/patches/patch-bh deleted file mode 100644 index 2f1ecfb0384..00000000000 --- a/lang/python25/patches/patch-bh +++ /dev/null @@ -1,167 +0,0 @@ -$NetBSD: patch-bh,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Lib/test/test_bigmem.py.orig 2007-11-30 21:53:17.000000000 +0000 -+++ Lib/test/test_bigmem.py 2008-08-30 10:16:13.000000000 +0100 -@@ -1,5 +1,5 @@ - from test import test_support --from test.test_support import bigmemtest, _1G, _2G -+from test.test_support import bigmemtest, _1G, _2G, _4G, precisionbigmemtest - - import unittest - import operator -@@ -54,6 +54,22 @@ - self.assertEquals(s[lpadsize:-rpadsize], SUBSTR) - self.assertEquals(s.strip(), SUBSTR.strip()) - -+ @precisionbigmemtest(size=_2G - 1, memuse=1) -+ def test_center_unicode(self, size): -+ SUBSTR = u' abc def ghi' -+ try: -+ s = SUBSTR.center(size) -+ except OverflowError: -+ pass # acceptable on 32-bit -+ else: -+ self.assertEquals(len(s), size) -+ lpadsize = rpadsize = (len(s) - len(SUBSTR)) // 2 -+ if len(s) % 2: -+ lpadsize += 1 -+ self.assertEquals(s[lpadsize:-rpadsize], SUBSTR) -+ self.assertEquals(s.strip(), SUBSTR.strip()) -+ del s -+ - @bigmemtest(minsize=_2G, memuse=2) - def test_count(self, size): - SUBSTR = ' abc def ghi' -@@ -70,10 +86,44 @@ - s = '.' * size - self.assertEquals(len(s.decode('utf-8')), size) - -+ def basic_encode_test(self, size, enc, c=u'.', expectedsize=None): -+ if expectedsize is None: -+ expectedsize = size -+ -+ s = c * size -+ self.assertEquals(len(s.encode(enc)), expectedsize) -+ - @bigmemtest(minsize=_2G + 2, memuse=3) - def test_encode(self, size): -- s = u'.' * size -- self.assertEquals(len(s.encode('utf-8')), size) -+ return self.basic_encode_test(size, 'utf-8') -+ -+ @precisionbigmemtest(size=_4G / 6 + 2, memuse=2) -+ def test_encode_raw_unicode_escape(self, size): -+ try: -+ return self.basic_encode_test(size, 'raw_unicode_escape') -+ except MemoryError: -+ pass # acceptable on 32-bit -+ -+ @precisionbigmemtest(size=_4G / 5 + 70, memuse=3) -+ def test_encode_utf7(self, size): -+ try: -+ return self.basic_encode_test(size, 'utf7') -+ except MemoryError: -+ pass # acceptable on 32-bit -+ -+ @precisionbigmemtest(size=_2G-1, memuse=2) -+ def test_decodeascii(self, size): -+ return self.basic_encode_test(size, 'ascii', c='A') -+ -+ @precisionbigmemtest(size=_4G / 5, memuse=6+2) -+ def test_unicode_repr_oflw(self, size): -+ try: -+ s = u"\uAAAA"*size -+ r = repr(s) -+ except MemoryError: -+ pass # acceptable on 32-bit -+ else: -+ self.failUnless(s == eval(r)) - - @bigmemtest(minsize=_2G, memuse=2) - def test_endswith(self, size): -@@ -459,6 +509,11 @@ - self.assertEquals(s.count('\\'), size) - self.assertEquals(s.count('0'), size * 2) - -+ @bigmemtest(minsize=2**32 / 5, memuse=6+2) -+ def test_unicode_repr(self, size): -+ s = u"\uAAAA" * size -+ self.failUnless(len(repr(s)) > size) -+ - # This test is meaningful even with size < 2G, as long as the - # doubled string is > 2G (but it tests more if both are > 2G :) - @bigmemtest(minsize=_1G + 2, memuse=3) -@@ -642,6 +697,35 @@ - def test_repeat_large(self, size): - return self.basic_test_repeat(size) - -+ @bigmemtest(minsize=_1G - 1, memuse=12) -+ def test_repeat_large_2(self, size): -+ return self.basic_test_repeat(size) -+ -+ @precisionbigmemtest(size=_1G - 1, memuse=9) -+ def test_from_2G_generator(self, size): -+ try: -+ t = tuple(xrange(size)) -+ except MemoryError: -+ pass # acceptable on 32-bit -+ else: -+ count = 0 -+ for item in t: -+ self.assertEquals(item, count) -+ count += 1 -+ self.assertEquals(count, size) -+ -+ @precisionbigmemtest(size=_1G - 25, memuse=9) -+ def test_from_almost_2G_generator(self, size): -+ try: -+ t = tuple(xrange(size)) -+ count = 0 -+ for item in t: -+ self.assertEquals(item, count) -+ count += 1 -+ self.assertEquals(count, size) -+ except MemoryError: -+ pass # acceptable, expected on 32-bit -+ - # Like test_concat, split in two. - def basic_test_repr(self, size): - t = (0,) * size -@@ -957,8 +1041,34 @@ - self.assertEquals(l[:10], [1] * 10) - self.assertEquals(l[-10:], [5] * 10) - -+class BufferTest(unittest.TestCase): -+ -+ @precisionbigmemtest(size=_1G, memuse=4) -+ def test_repeat(self, size): -+ try: -+ b = buffer("AAAA")*size -+ except MemoryError: -+ pass # acceptable on 32-bit -+ else: -+ count = 0 -+ for c in b: -+ self.assertEquals(c, 'A') -+ count += 1 -+ self.assertEquals(count, size*4) -+ - def test_main(): -- test_support.run_unittest(StrTest, TupleTest, ListTest) -+ test_support.run_unittest(StrTest, TupleTest, ListTest, BufferTest) -+ -+# Expected failures (crashers) -+# del StrTest.test_center_unicode -+del StrTest.test_decodeascii -+# del StrTest.test_encode_utf32 -+# del StrTest.test_encode_utf7 -+# del StrTest.test_encode_raw_unicode_escape -+# -+# del TupleTest.test_from_2G_generator -+# -+# del BufferTest.test_repeat - - if __name__ == '__main__': - if len(sys.argv) > 1: diff --git a/lang/python25/patches/patch-bi b/lang/python25/patches/patch-bi deleted file mode 100644 index ba8dd943ed5..00000000000 --- a/lang/python25/patches/patch-bi +++ /dev/null @@ -1,66 +0,0 @@ -$NetBSD: patch-bi,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Lib/test/test_support.py.orig 2008-01-27 01:24:44.000000000 +0000 -+++ Lib/test/test_support.py 2008-08-30 10:16:13.000000000 +0100 -@@ -33,6 +33,7 @@ - use_resources = None # Flag set to [] by regrtest.py - max_memuse = 0 # Disable bigmem tests (they will still be run with - # small sizes, to make sure they work.) -+real_max_memuse = 0 - - # _original_stdout is meant to hold stdout at the time regrtest began. - # This may be "the real" stdout, or IDLE's emulation of stdout, or whatever. -@@ -323,6 +324,7 @@ - _1M = 1024*1024 - _1G = 1024 * _1M - _2G = 2 * _1G -+_4G = 4 * _1G - - # Hack to get at the maximum value an internal index can take. - class _Dummy: -@@ -333,6 +335,7 @@ - def set_memlimit(limit): - import re - global max_memuse -+ global real_max_memuse - sizes = { - 'k': 1024, - 'm': _1M, -@@ -344,6 +347,7 @@ - if m is None: - raise ValueError('Invalid memory limit %r' % (limit,)) - memlimit = int(float(m.group(1)) * sizes[m.group(3).lower()]) -+ real_max_memuse = memlimit - if memlimit > MAX_Py_ssize_t: - memlimit = MAX_Py_ssize_t - if memlimit < _2G - 1: -@@ -389,6 +393,27 @@ - return wrapper - return decorator - -+def precisionbigmemtest(size, memuse, overhead=5*_1M): -+ def decorator(f): -+ def wrapper(self): -+ if not real_max_memuse: -+ maxsize = 5147 -+ else: -+ maxsize = size -+ -+ if real_max_memuse and real_max_memuse < maxsize * memuse: -+ if verbose: -+ sys.stderr.write("Skipping %s because of memory " -+ "constraint\n" % (f.__name__,)) -+ return -+ -+ return f(self, maxsize) -+ wrapper.size = size -+ wrapper.memuse = memuse -+ wrapper.overhead = overhead -+ return wrapper -+ return decorator -+ - def bigaddrspacetest(f): - """Decorator for tests that fill the address space.""" - def wrapper(self): diff --git a/lang/python25/patches/patch-bj b/lang/python25/patches/patch-bj deleted file mode 100644 index b5358ed12ef..00000000000 --- a/lang/python25/patches/patch-bj +++ /dev/null @@ -1,35 +0,0 @@ -$NetBSD: patch-bj,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Modules/stropmodule.c.orig 2008-02-14 11:26:18.000000000 +0000 -+++ Modules/stropmodule.c 2008-08-30 10:16:13.000000000 +0100 -@@ -216,6 +216,13 @@ - return NULL; - } - slen = PyString_GET_SIZE(item); -+ if (slen > PY_SSIZE_T_MAX - reslen || -+ seplen > PY_SSIZE_T_MAX - reslen - seplen) { -+ PyErr_SetString(PyExc_OverflowError, -+ "input too long"); -+ Py_DECREF(res); -+ return NULL; -+ } - while (reslen + slen + seplen >= sz) { - if (_PyString_Resize(&res, sz * 2) < 0) - return NULL; -@@ -253,6 +260,14 @@ - return NULL; - } - slen = PyString_GET_SIZE(item); -+ if (slen > PY_SSIZE_T_MAX - reslen || -+ seplen > PY_SSIZE_T_MAX - reslen - seplen) { -+ PyErr_SetString(PyExc_OverflowError, -+ "input too long"); -+ Py_DECREF(res); -+ Py_XDECREF(item); -+ return NULL; -+ } - while (reslen + slen + seplen >= sz) { - if (_PyString_Resize(&res, sz * 2) < 0) { - Py_DECREF(item); diff --git a/lang/python25/patches/patch-bk b/lang/python25/patches/patch-bk deleted file mode 100644 index 4bf068cc01a..00000000000 --- a/lang/python25/patches/patch-bk +++ /dev/null @@ -1,27 +0,0 @@ -$NetBSD: patch-bk,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2315 taken from Gentoo. - ---- Modules/gcmodule.c.orig 2006-10-09 20:42:33.000000000 +0100 -+++ Modules/gcmodule.c 2008-08-30 10:16:13.000000000 +0100 -@@ -1318,7 +1318,10 @@ - _PyObject_GC_Malloc(size_t basicsize) - { - PyObject *op; -- PyGC_Head *g = (PyGC_Head *)PyObject_MALLOC( -+ PyGC_Head *g; -+ if (basicsize > PY_SSIZE_T_MAX - sizeof(PyGC_Head)) -+ return PyErr_NoMemory(); -+ g = (PyGC_Head *)PyObject_MALLOC( - sizeof(PyGC_Head) + basicsize); - if (g == NULL) - return PyErr_NoMemory(); -@@ -1361,6 +1364,8 @@ - { - const size_t basicsize = _PyObject_VAR_SIZE(op->ob_type, nitems); - PyGC_Head *g = AS_GC(op); -+ if (basicsize > PY_SSIZE_T_MAX - sizeof(PyGC_Head)) -+ return (PyVarObject *)PyErr_NoMemory(); - g = (PyGC_Head *)PyObject_REALLOC(g, sizeof(PyGC_Head) + basicsize); - if (g == NULL) - return (PyVarObject *)PyErr_NoMemory(); diff --git a/lang/python25/patches/patch-ca b/lang/python25/patches/patch-ca deleted file mode 100644 index 1db3615f669..00000000000 --- a/lang/python25/patches/patch-ca +++ /dev/null @@ -1,62 +0,0 @@ -$NetBSD: patch-ca,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-3142 taken from Gentoo. - ---- Include/pymem.h.orig 2008-02-14 11:26:18.000000000 +0000 -+++ Include/pymem.h 2008-08-30 10:39:43.000000000 +0100 -@@ -67,8 +67,12 @@ - for malloc(0), which would be treated as an error. Some platforms - would return a pointer with no memory behind it, which would break - pymalloc. To solve these problems, allocate an extra byte. */ --#define PyMem_MALLOC(n) malloc((n) ? (n) : 1) --#define PyMem_REALLOC(p, n) realloc((p), (n) ? (n) : 1) -+/* Returns NULL to indicate error if a negative size or size larger than -+ Py_ssize_t can represent is supplied. Helps prevents security holes. */ -+#define PyMem_MALLOC(n) (((n) < 0 || (n) > PY_SSIZE_T_MAX) ? NULL \ -+ : malloc((n) ? (n) : 1)) -+#define PyMem_REALLOC(p, n) (((n) < 0 || (n) > PY_SSIZE_T_MAX) ? NULL \ -+ : realloc((p), (n) ? (n) : 1)) - #define PyMem_FREE free - - #endif /* PYMALLOC_DEBUG */ -@@ -77,24 +81,31 @@ - * Type-oriented memory interface - * ============================== - * -- * These are carried along for historical reasons. There's rarely a good -- * reason to use them anymore (you can just as easily do the multiply and -- * cast yourself). -+ * Allocate memory for n objects of the given type. Returns a new pointer -+ * or NULL if the request was too large or memory allocation failed. Use -+ * these macros rather than doing the multiplication yourself so that proper -+ * overflow checking is always done. - */ - - #define PyMem_New(type, n) \ -- ( assert((n) <= PY_SIZE_MAX / sizeof(type)) , \ -+ ( ((n) > PY_SSIZE_T_MAX / sizeof(type)) ? NULL : \ - ( (type *) PyMem_Malloc((n) * sizeof(type)) ) ) - #define PyMem_NEW(type, n) \ -- ( assert((n) <= PY_SIZE_MAX / sizeof(type)) , \ -+ ( ((n) > PY_SSIZE_T_MAX / sizeof(type)) ? NULL : \ - ( (type *) PyMem_MALLOC((n) * sizeof(type)) ) ) - -+/* -+ * The value of (p) is always clobbered by this macro regardless of success. -+ * The caller MUST check if (p) is NULL afterwards and deal with the memory -+ * error if so. This means the original value of (p) MUST be saved for the -+ * caller's memory error handler to not lose track of it. -+ */ - #define PyMem_Resize(p, type, n) \ -- ( assert((n) <= PY_SIZE_MAX / sizeof(type)) , \ -- ( (p) = (type *) PyMem_Realloc((p), (n) * sizeof(type)) ) ) -+ ( (p) = ((n) > PY_SSIZE_T_MAX / sizeof(type)) ? NULL : \ -+ (type *) PyMem_Realloc((p), (n) * sizeof(type)) ) - #define PyMem_RESIZE(p, type, n) \ -- ( assert((n) <= PY_SIZE_MAX / sizeof(type)) , \ -- ( (p) = (type *) PyMem_REALLOC((p), (n) * sizeof(type)) ) ) -+ ( (p) = ((n) > PY_SSIZE_T_MAX / sizeof(type)) ? NULL : \ -+ (type *) PyMem_REALLOC((p), (n) * sizeof(type)) ) - - /* PyMem{Del,DEL} are left over from ancient days, and shouldn't be used - * anymore. They're just confusing aliases for PyMem_{Free,FREE} now. diff --git a/lang/python25/patches/patch-cb b/lang/python25/patches/patch-cb deleted file mode 100644 index 6710f26e275..00000000000 --- a/lang/python25/patches/patch-cb +++ /dev/null @@ -1,38 +0,0 @@ -$NetBSD: patch-cb,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-3142 taken from Gentoo. - ---- Objects/obmalloc.c.orig 2008-02-14 11:26:18.000000000 +0000 -+++ Objects/obmalloc.c 2008-08-30 10:39:43.000000000 +0100 -@@ -727,6 +727,15 @@ - uint size; - - /* -+ * Limit ourselves to PY_SSIZE_T_MAX bytes to prevent security holes. -+ * Most python internals blindly use a signed Py_ssize_t to track -+ * things without checking for overflows or negatives. -+ * As size_t is unsigned, checking for nbytes < 0 is not required. -+ */ -+ if (nbytes > PY_SSIZE_T_MAX) -+ return NULL; -+ -+ /* - * This implicitly redirects malloc(0). - */ - if ((nbytes - 1) < SMALL_REQUEST_THRESHOLD) { -@@ -1130,6 +1139,15 @@ - if (p == NULL) - return PyObject_Malloc(nbytes); - -+ /* -+ * Limit ourselves to PY_SSIZE_T_MAX bytes to prevent security holes. -+ * Most python internals blindly use a signed Py_ssize_t to track -+ * things without checking for overflows or negatives. -+ * As size_t is unsigned, checking for nbytes < 0 is not required. -+ */ -+ if (nbytes > PY_SSIZE_T_MAX) -+ return NULL; -+ - pool = POOL_ADDR(p); - if (Py_ADDRESS_IN_RANGE(p, pool)) { - /* We're in charge of this block */ diff --git a/lang/python25/patches/patch-cc b/lang/python25/patches/patch-cc deleted file mode 100644 index e7d9558fa3f..00000000000 --- a/lang/python25/patches/patch-cc +++ /dev/null @@ -1,18 +0,0 @@ -$NetBSD: patch-cc,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-3142 taken from Gentoo. - ---- Modules/almodule.c.orig 2006-09-25 07:53:42.000000000 +0100 -+++ Modules/almodule.c 2008-08-30 10:39:43.000000000 +0100 -@@ -1633,9 +1633,11 @@ - if (nvals < 0) - goto cleanup; - if (nvals > setsize) { -+ ALvalue *old_return_set = return_set; - setsize = nvals; - PyMem_RESIZE(return_set, ALvalue, setsize); - if (return_set == NULL) { -+ return_set = old_return_set; - PyErr_NoMemory(); - goto cleanup; - } diff --git a/lang/python25/patches/patch-cd b/lang/python25/patches/patch-cd deleted file mode 100644 index 8abf9cfe79f..00000000000 --- a/lang/python25/patches/patch-cd +++ /dev/null @@ -1,37 +0,0 @@ -$NetBSD: patch-cd,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-3142 taken from Gentoo. - ---- Modules/arraymodule.c.orig 2008-02-15 19:11:46.000000000 +0000 -+++ Modules/arraymodule.c 2008-08-30 10:39:43.000000000 +0100 -@@ -816,6 +816,7 @@ - array_do_extend(arrayobject *self, PyObject *bb) - { - Py_ssize_t size; -+ char *old_item; - - if (!array_Check(bb)) - return array_iter_extend(self, bb); -@@ -831,10 +832,11 @@ - return -1; - } - size = self->ob_size + b->ob_size; -+ old_item = self->ob_item; - PyMem_RESIZE(self->ob_item, char, size*self->ob_descr->itemsize); - if (self->ob_item == NULL) { -- PyObject_Del(self); -- PyErr_NoMemory(); -+ self->ob_item = old_item; -+ PyErr_NoMemory(); - return -1; - } - memcpy(self->ob_item + self->ob_size*self->ob_descr->itemsize, -@@ -886,7 +888,7 @@ - if (size > PY_SSIZE_T_MAX / n) { - return PyErr_NoMemory(); - } -- PyMem_Resize(items, char, n * size); -+ PyMem_RESIZE(items, char, n * size); - if (items == NULL) - return PyErr_NoMemory(); - p = items; diff --git a/lang/python25/patches/patch-ce b/lang/python25/patches/patch-ce deleted file mode 100644 index 27f9fd6baf8..00000000000 --- a/lang/python25/patches/patch-ce +++ /dev/null @@ -1,20 +0,0 @@ -$NetBSD: patch-ce,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-3142 taken from Gentoo. - ---- Modules/selectmodule.c.orig 2006-07-10 02:18:57.000000000 +0100 -+++ Modules/selectmodule.c 2008-08-30 10:39:43.000000000 +0100 -@@ -349,10 +349,12 @@ - { - Py_ssize_t i, pos; - PyObject *key, *value; -+ struct pollfd *old_ufds = self->ufds; - - self->ufd_len = PyDict_Size(self->dict); -- PyMem_Resize(self->ufds, struct pollfd, self->ufd_len); -+ PyMem_RESIZE(self->ufds, struct pollfd, self->ufd_len); - if (self->ufds == NULL) { -+ self->ufds = old_ufds; - PyErr_NoMemory(); - return 0; - } diff --git a/lang/python25/patches/patch-da b/lang/python25/patches/patch-da deleted file mode 100644 index 499a7c340e7..00000000000 --- a/lang/python25/patches/patch-da +++ /dev/null @@ -1,45 +0,0 @@ -$NetBSD: patch-da,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2316 taken from Gentoo. - ---- Lib/test/test_hashlib.py.orig 2005-08-21 19:45:59.000000000 +0100 -+++ Lib/test/test_hashlib.py 2008-08-30 10:43:27.000000000 +0100 -@@ -9,7 +9,7 @@ - import hashlib - import unittest - from test import test_support -- -+from test.test_support import _4G, precisionbigmemtest - - def hexstr(s): - import string -@@ -55,7 +55,6 @@ - m2.update(aas + bees + cees) - self.assertEqual(m1.digest(), m2.digest()) - -- - def check(self, name, data, digest): - # test the direct constructors - computed = getattr(hashlib, name)(data).hexdigest() -@@ -75,6 +74,21 @@ - self.check('md5', 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789', - 'd174ab98d277d9f5a5611c2c9f419d9f') - -+ @precisionbigmemtest(size=_4G + 5, memuse=1) -+ def test_case_md5_huge(self, size): -+ if size == _4G + 5: -+ try: -+ self.check('md5', 'A'*size, 'c9af2dff37468ce5dfee8f2cfc0a9c6d') -+ except OverflowError: -+ pass # 32-bit arch -+ -+ @precisionbigmemtest(size=_4G - 1, memuse=1) -+ def test_case_md5_uintmax(self, size): -+ if size == _4G - 1: -+ try: -+ self.check('md5', 'A'*size, '28138d306ff1b8281f1a9067e1a1a2b3') -+ except OverflowError: -+ pass # 32-bit arch - - # use the three examples from Federal Information Processing Standards - # Publication 180-1, Secure Hash Standard, 1995 April 17 diff --git a/lang/python25/patches/patch-db b/lang/python25/patches/patch-db deleted file mode 100644 index db449ee7388..00000000000 --- a/lang/python25/patches/patch-db +++ /dev/null @@ -1,108 +0,0 @@ -$NetBSD: patch-db,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-2316 taken from Gentoo. - ---- Modules/_hashopenssl.c.orig 2006-05-29 22:04:52.000000000 +0100 -+++ Modules/_hashopenssl.c 2008-08-30 10:43:27.000000000 +0100 -@@ -19,6 +19,8 @@ - /* EVP is the preferred interface to hashing in OpenSSL */ - #include <openssl/evp.h> - -+#define MUNCH_SIZE INT_MAX -+ - - #ifndef HASH_OBJ_CONSTRUCTOR - #define HASH_OBJ_CONSTRUCTOR 0 -@@ -164,9 +166,18 @@ - if (!PyArg_ParseTuple(args, "s#:update", &cp, &len)) - return NULL; - -+ if (len > 0 && len <= MUNCH_SIZE) { - EVP_DigestUpdate(&self->ctx, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t, - unsigned int)); -- -+ } else { -+ Py_ssize_t offset = 0; -+ while (len) { -+ unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len; -+ EVP_DigestUpdate(&self->ctx, cp + offset, process); -+ len -= process; -+ offset += process; -+ } -+ } - Py_INCREF(Py_None); - return Py_None; - } -@@ -255,9 +266,20 @@ - self->name = name_obj; - Py_INCREF(self->name); - -- if (cp && len) -+ if (cp && len) { -+ if (len > 0 && len <= MUNCH_SIZE) { - EVP_DigestUpdate(&self->ctx, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t, - unsigned int)); -+ } else { -+ Py_ssize_t offset = 0; -+ while (len) { -+ unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len; -+ EVP_DigestUpdate(&self->ctx, cp + offset, process); -+ len -= process; -+ offset += process; -+ } -+ } -+ } - - return 0; - } -@@ -328,7 +350,7 @@ - static PyObject * - EVPnew(PyObject *name_obj, - const EVP_MD *digest, const EVP_MD_CTX *initial_ctx, -- const unsigned char *cp, unsigned int len) -+ const unsigned char *cp, Py_ssize_t len) - { - EVPobject *self; - -@@ -346,8 +368,20 @@ - EVP_DigestInit(&self->ctx, digest); - } - -- if (cp && len) -- EVP_DigestUpdate(&self->ctx, cp, len); -+ if (cp && len) { -+ if (len > 0 && len <= MUNCH_SIZE) { -+ EVP_DigestUpdate(&self->ctx, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t, -+ unsigned int)); -+ } else { -+ Py_ssize_t offset = 0; -+ while (len) { -+ unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len; -+ EVP_DigestUpdate(&self->ctx, cp + offset, process); -+ len -= process; -+ offset += process; -+ } -+ } -+ } - - return (PyObject *)self; - } -@@ -384,8 +418,7 @@ - - digest = EVP_get_digestbyname(name); - -- return EVPnew(name_obj, digest, NULL, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t, -- unsigned int)); -+ return EVPnew(name_obj, digest, NULL, cp, len); - } - - /* -@@ -410,7 +443,7 @@ - CONST_ ## NAME ## _name_obj, \ - NULL, \ - CONST_new_ ## NAME ## _ctx_p, \ -- cp, Py_SAFE_DOWNCAST(len, Py_ssize_t, unsigned int)); \ -+ cp, len); \ - } - - /* a PyMethodDef structure for the constructor */ diff --git a/lang/python25/patches/patch-ea b/lang/python25/patches/patch-ea deleted file mode 100644 index c0b391fc066..00000000000 --- a/lang/python25/patches/patch-ea +++ /dev/null @@ -1,59 +0,0 @@ -$NetBSD: patch-ea,v 1.1 2008/08/30 10:02:33 tron Exp $ - -Patch for CVE-2008-3144 taken from Gentoo. - ---- Python/mysnprintf.c.orig 2001-12-21 16:32:15.000000000 +0000 -+++ Python/mysnprintf.c 2008-08-30 10:46:31.000000000 +0100 -@@ -54,18 +54,28 @@ - PyOS_vsnprintf(char *str, size_t size, const char *format, va_list va) - { - int len; /* # bytes written, excluding \0 */ --#ifndef HAVE_SNPRINTF -+#ifdef HAVE_SNPRINTF -+#define _PyOS_vsnprintf_EXTRA_SPACE 1 -+#else -+#define _PyOS_vsnprintf_EXTRA_SPACE 512 - char *buffer; - #endif - assert(str != NULL); - assert(size > 0); - assert(format != NULL); -+ /* We take a size_t as input but return an int. Sanity check -+ * our input so that it won't cause an overflow in the -+ * vsnprintf return value or the buffer malloc size. */ -+ if (size > INT_MAX - _PyOS_vsnprintf_EXTRA_SPACE) { -+ len = -666; -+ goto Done; -+ } - - #ifdef HAVE_SNPRINTF - len = vsnprintf(str, size, format, va); - #else - /* Emulate it. */ -- buffer = PyMem_MALLOC(size + 512); -+ buffer = PyMem_MALLOC(size + _PyOS_vsnprintf_EXTRA_SPACE); - if (buffer == NULL) { - len = -666; - goto Done; -@@ -75,7 +85,7 @@ - if (len < 0) - /* ignore the error */; - -- else if ((size_t)len >= size + 512) -+ else if ((size_t)len >= size + _PyOS_vsnprintf_EXTRA_SPACE) - Py_FatalError("Buffer overflow in PyOS_snprintf/PyOS_vsnprintf"); - - else { -@@ -86,8 +96,10 @@ - str[to_copy] = '\0'; - } - PyMem_FREE(buffer); --Done: - #endif -- str[size-1] = '\0'; -+Done: -+ if (size > 0) -+ str[size-1] = '\0'; - return len; -+#undef _PyOS_vsnprintf_EXTRA_SPACE - } |