diff options
| author | obache <obache@pkgsrc.org> | 2011-06-04 05:08:19 +0000 |
|---|---|---|
| committer | obache <obache@pkgsrc.org> | 2011-06-04 05:08:19 +0000 |
| commit | d79df0ad04ef989fa78b866b9f7afbfd5e4d95d4 (patch) | |
| tree | 94a037f1ed131bfa232b346bdc0dd05b84448ba6 /lang/python25 | |
| parent | 59d3b36c333524cadfb004150fcdf4df96b9b595 (diff) | |
| download | pkgsrc-d79df0ad04ef989fa78b866b9f7afbfd5e4d95d4.tar.gz | |
Update python25 to 2.5.6.
(contains already fixed issues, #11662 patch-b{a,b}, #8674,#7673 patch-bc)
What's New in Python 2.5.6?
===========================
*Release date: 26-May-2011*
What's New in Python 2.5.6c1?
=============================
*Release date: 17-Apr-2011*
Library
-------
- Issue #11442: Add a charset parameter to the Content-type in SimpleHTTPServer
to avoid XSS attacks.
- Issue #11662: Make urllib and urllib2 ignore redirections if the
scheme is not HTTP, HTTPS or FTP (CVE-2011-1521).
- Issue #8674: Fixed a number of incorrect or undefined-behaviour-inducing
overflow checks in the audioop module (CVE-2010-1634).
- Issue #7673: Fix security vulnerability (CVE-2010-2089) in the audioop
module, ensure that the input string length is a multiple of the frame size.
Diffstat (limited to 'lang/python25')
| -rw-r--r-- | lang/python25/Makefile | 3 | ||||
| -rw-r--r-- | lang/python25/dist.mk | 4 | ||||
| -rw-r--r-- | lang/python25/distinfo | 15 | ||||
| -rw-r--r-- | lang/python25/patches/patch-ad | 10 | ||||
| -rw-r--r-- | lang/python25/patches/patch-am | 71 | ||||
| -rw-r--r-- | lang/python25/patches/patch-ba | 29 | ||||
| -rw-r--r-- | lang/python25/patches/patch-bb | 21 | ||||
| -rw-r--r-- | lang/python25/patches/patch-bc | 348 |
8 files changed, 50 insertions, 451 deletions
diff --git a/lang/python25/Makefile b/lang/python25/Makefile index 73b9a39ec3d..ceecd4961b3 100644 --- a/lang/python25/Makefile +++ b/lang/python25/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.34 2011/05/15 10:07:20 hans Exp $ +# $NetBSD: Makefile,v 1.35 2011/06/04 05:08:19 obache Exp $ .include "dist.mk" PKGNAME= python25-${PY_DISTVERSION} -PKGREVISION= 5 CATEGORIES= lang python MAINTAINER= pkgsrc-users@NetBSD.org diff --git a/lang/python25/dist.mk b/lang/python25/dist.mk index b175c63e451..0f945ca27fa 100644 --- a/lang/python25/dist.mk +++ b/lang/python25/dist.mk @@ -1,6 +1,6 @@ -# $NetBSD: dist.mk,v 1.1 2010/09/17 07:11:41 obache Exp $ +# $NetBSD: dist.mk,v 1.2 2011/06/04 05:08:19 obache Exp $ -PY_DISTVERSION= 2.5.5 +PY_DISTVERSION= 2.5.6 DISTNAME= Python-${PY_DISTVERSION} EXTRACT_SUFX= .tar.bz2 DISTINFO_FILE= ${.CURDIR}/../../lang/python25/distinfo diff --git a/lang/python25/distinfo b/lang/python25/distinfo index 4b767e50469..4391fd399eb 100644 --- a/lang/python25/distinfo +++ b/lang/python25/distinfo @@ -1,13 +1,13 @@ -$NetBSD: distinfo,v 1.15 2011/03/28 15:58:15 drochner Exp $ +$NetBSD: distinfo,v 1.16 2011/06/04 05:08:19 obache Exp $ -SHA1 (Python-2.5.5.tar.bz2) = dcf1abd94a1ab4155dcd3668cca42c5bfc81159f -RMD160 (Python-2.5.5.tar.bz2) = 4754238d415142466778560d989582464385654c -Size (Python-2.5.5.tar.bz2) = 9822917 bytes +SHA1 (Python-2.5.6.tar.bz2) = 29f6dd41bf09c5e04311b367cbb7604fa016e699 +RMD160 (Python-2.5.6.tar.bz2) = 92f0a955971f187a7d50c6422168202ec551bf22 +Size (Python-2.5.6.tar.bz2) = 9821788 bytes SHA1 (patch-SA43463) = df776e171f1794bae52b6e98bc71ae63734b7693 SHA1 (patch-aa) = d44e67645dc86ff14f5daf5705de02c6f330cc48 SHA1 (patch-ab) = d35025df83e70d129f9fbcd277652b0eea83b026 SHA1 (patch-ac) = 4de5b8dc20b41dc3bb4acd38011ef59570318d3f -SHA1 (patch-ad) = eb4948ee5aaae93f8a193defac7638a37f65caed +SHA1 (patch-ad) = 9b401fc293ffb06ca1dd03526f6c38a8f28201ac SHA1 (patch-ae) = 5425515c6bf130eee204ca2749386f6447eaa35b SHA1 (patch-ag) = 95be54a4c8fe291cd7edd14a9180bbcb07bba2ce SHA1 (patch-ah) = 98e9fa55c2af38d8032398cae693492c199dc5fa @@ -15,7 +15,7 @@ SHA1 (patch-ai) = a89bee00860910f53a23b1c670d9c091846a03c1 SHA1 (patch-aj) = a75d680a6b8b1ad3c9222dcb841f4fb10db6d16d SHA1 (patch-ak) = 948362c15ad59abeef46971f9b870b70655a62c7 SHA1 (patch-al) = 6247e3f85d555bae7850befbd7bfffbb233cecb3 -SHA1 (patch-am) = 49ee3f90df54c0ef85b5cf7a9b9f1edb293375f2 +SHA1 (patch-am) = d2e59cbc21542c436f1b1957e6089b4cda21ef8b SHA1 (patch-an) = 17b4e17b3b562c29a050e9bb20447084ce82b8ab SHA1 (patch-ao) = 9bbd5561c010e0a1ab8e0a70d27a5f77fd2089d2 SHA1 (patch-ap) = b864db92761c843a91374663bd2dbcfa57b317cf @@ -23,6 +23,3 @@ SHA1 (patch-ar) = 2a0c3f9a798afdfda7af4823e67579b2e000c072 SHA1 (patch-at) = 6fdd64ce70eb8c2de5336f3415f45bc467e46373 SHA1 (patch-au) = c1a759765095d246151ba027ed06f423e05c9218 SHA1 (patch-av) = a1d41cb3a93879d54f0964ff84a63a297c333156 -SHA1 (patch-ba) = aa0ad5a9dff1cd7c1c456aa6371733727ac1425b -SHA1 (patch-bb) = 56beb934d46edd77b42bc89766a9ab921a42f8f9 -SHA1 (patch-bc) = 7d73c761c581b55d2810719ddd606d1a2c874714 diff --git a/lang/python25/patches/patch-ad b/lang/python25/patches/patch-ad index 83285b6ecf8..9a091abb0f0 100644 --- a/lang/python25/patches/patch-ad +++ b/lang/python25/patches/patch-ad @@ -1,8 +1,8 @@ -$NetBSD: patch-ad,v 1.3 2008/06/27 20:08:20 wiz Exp $ +$NetBSD: patch-ad,v 1.4 2011/06/04 05:08:20 obache Exp $ ---- Modules/_ctypes/libffi/configure.orig 2007-09-05 02:47:16 +0300 -+++ Modules/_ctypes/libffi/configure 2008-05-08 23:56:47 +0300 -@@ -3486,6 +3486,7 @@ +--- Modules/_ctypes/libffi/configure.orig 2007-09-04 23:47:16.000000000 +0000 ++++ Modules/_ctypes/libffi/configure +@@ -3486,6 +3486,7 @@ i*86-*-beos*) TARGET=X86; TARGETDIR=x86; i*86-*-freebsd* | i*86-*-kfreebsd*-gnu) TARGET=X86; TARGETDIR=x86;; i*86-*-netbsdelf* | i*86-*-knetbsd*-gnu) TARGET=X86; TARGETDIR=x86;; i*86-*-openbsd*) TARGET=X86; TARGETDIR=x86;; @@ -10,7 +10,7 @@ $NetBSD: patch-ad,v 1.3 2008/06/27 20:08:20 wiz Exp $ i*86-*-rtems*) TARGET=X86; TARGETDIR=x86;; i*86-*-win32*) TARGET=X86_WIN32; TARGETDIR=x86;; i*86-*-cygwin*) TARGET=X86_WIN32; TARGETDIR=x86;; -@@ -3516,7 +3517,7 @@ +@@ -3516,7 +3517,7 @@ arm*-*-rtems*) TARGET=ARM; TARGETDIR=arm cris-*-*) TARGET=LIBFFI_CRIS; TARGETDIR=cris;; s390-*-linux-*) TARGET=S390; TARGETDIR=s390;; s390x-*-linux-*) TARGET=S390; TARGETDIR=s390;; diff --git a/lang/python25/patches/patch-am b/lang/python25/patches/patch-am index c25687146d3..77e72ea2b49 100644 --- a/lang/python25/patches/patch-am +++ b/lang/python25/patches/patch-am @@ -1,8 +1,8 @@ -$NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ +$NetBSD: patch-am,v 1.7 2011/06/04 05:08:20 obache Exp $ ---- setup.py.orig 2008-10-16 14:58:19.000000000 -0400 +--- setup.py.orig 2008-10-16 18:58:19.000000000 +0000 +++ setup.py -@@ -15,7 +15,7 @@ +@@ -15,7 +15,7 @@ from distutils.command.install import in from distutils.command.install_lib import install_lib # This global variable is used to hold the list of modules to be disabled. @@ -11,7 +11,7 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ def add_dir_to_list(dirlist, dir): """Add the directory 'dir' to the list 'dirlist' (at the front) if -@@ -243,9 +243,15 @@ +@@ -243,9 +243,15 @@ class PyBuildExt(build_ext): return sys.platform def detect_modules(self): @@ -30,7 +30,7 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ # Add paths specified in the environment variables LDFLAGS and # CPPFLAGS for header and library files. -@@ -534,9 +540,7 @@ +@@ -534,9 +540,7 @@ class PyBuildExt(build_ext): if krb5_h: ssl_incs += krb5_h ssl_libs = find_library_file(self.compiler, 'ssl',lib_dirs, @@ -41,7 +41,7 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ if (ssl_incs is not None and ssl_libs is not None): -@@ -609,269 +613,51 @@ +@@ -609,269 +613,51 @@ class PyBuildExt(build_ext): # a release. Most open source OSes come with one or more # versions of BerkeleyDB already installed. @@ -263,7 +263,12 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ - sqlite_defines = [] - if sys.platform != "win32": - sqlite_defines.append(('MODULE_NAME', '"sqlite3"')) -- else: ++ # check if need to use the db_185.h compat header ++ bsddb185_define_macros=[] ++ if bdb_type == "db2" or bdb_type == "db3" or bdb_type == "db4": ++ bsddb185_define_macros=[('HAVE_DB_185_H',1)] ++ dblib_dir = [os.environ['PY_BDB_LIBDIRS']] + else: - sqlite_defines.append(('MODULE_NAME', '\\"sqlite3\\"')) - - @@ -274,12 +279,7 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ - # This way a staticly linked custom sqlite gets picked up - # before the dynamic library in /usr/lib. - sqlite_extra_link_args = ('-Wl,-search_paths_first',) -+ # check if need to use the db_185.h compat header -+ bsddb185_define_macros=[] -+ if bdb_type == "db2" or bdb_type == "db3" or bdb_type == "db4": -+ bsddb185_define_macros=[('HAVE_DB_185_H',1)] -+ dblib_dir = [os.environ['PY_BDB_LIBDIRS']] - else: +- else: - sqlite_extra_link_args = () - - exts.append(Extension('_sqlite3', sqlite_srcs, @@ -290,25 +290,7 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ - runtime_library_dirs=sqlite_libdir, - extra_link_args=sqlite_extra_link_args, - libraries=["sqlite3",])) -+ # check if db_incs/db.h really is db 1.85 -+ f = "%s/db.h" % db_incs[0] -+ if os.path.exists(f): -+ data = open(f).read() -+ m = re.search(r"#s*define\s+HASHVERSION\s+2\s*", data) -+ if m is None: -+ # check for 1.85 compat header -+ if os.path.exists("%s/db_185.h" % db_incs[0]): -+ bsddb185_define_macros=[('HAVE_DB_185_H',1)] -+ else: -+ raise NotFound -+ try: -+ bltransform = os.environ['PY_BDB_TRANSFORM'] -+ m = re.search(r"l:db:(db.)\s*", bltransform) -+ if m is not None and m.group(1) is not None: -+ dblibs = [m.group(1)] -+ except: -+ pass - +- - # Look for Berkeley db 1.85. Note that it is built as a different - # module name so it can be included even when later versions are - # available. A very restrictive search is performed to avoid @@ -335,6 +317,25 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ - libraries=libraries)) - else: - exts.append(Extension('bsddb185', ['bsddbmodule.c'])) ++ # check if db_incs/db.h really is db 1.85 ++ f = "%s/db.h" % db_incs[0] ++ if os.path.exists(f): ++ data = open(f).read() ++ m = re.search(r"#s*define\s+HASHVERSION\s+2\s*", data) ++ if m is None: ++ # check for 1.85 compat header ++ if os.path.exists("%s/db_185.h" % db_incs[0]): ++ bsddb185_define_macros=[('HAVE_DB_185_H',1)] ++ else: ++ raise NotFound ++ try: ++ bltransform = os.environ['PY_BDB_TRANSFORM'] ++ m = re.search(r"l:db:(db.)\s*", bltransform) ++ if m is not None and m.group(1) is not None: ++ dblibs = [m.group(1)] ++ except: ++ pass ++ + # build the bsddb185 extension module + exts.append(Extension('bsddb185', ['bsddbmodule.c'], + library_dirs=dblib_dir, @@ -349,7 +350,7 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ # The standard Unix dbm module: if platform not in ['cygwin']: -@@ -884,11 +670,6 @@ +@@ -884,11 +670,6 @@ class PyBuildExt(build_ext): exts.append( Extension('dbm', ['dbmmodule.c'], define_macros=[('HAVE_NDBM_H',None)], libraries = ndbm_libs ) ) @@ -361,7 +362,7 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ elif db_incs is not None: exts.append( Extension('dbm', ['dbmmodule.c'], library_dirs=dblib_dir, -@@ -899,9 +680,9 @@ +@@ -899,9 +680,9 @@ class PyBuildExt(build_ext): libraries=dblibs)) # Anthony Baxter's gdbm module. GNU dbm(3) will require -lgdbm: @@ -374,7 +375,7 @@ $NetBSD: patch-am,v 1.6 2010/01/27 08:43:04 wiz Exp $ # Unix-only modules if platform not in ['mac', 'win32']: -@@ -1536,8 +1317,8 @@ +@@ -1536,8 +1317,8 @@ def main(): ext_modules=[Extension('_struct', ['_struct.c'])], # Scripts to install diff --git a/lang/python25/patches/patch-ba b/lang/python25/patches/patch-ba deleted file mode 100644 index 018ac9983c1..00000000000 --- a/lang/python25/patches/patch-ba +++ /dev/null @@ -1,29 +0,0 @@ -$NetBSD: patch-ba,v 1.3 2011/03/28 15:58:15 drochner Exp $ - -Issue #11662 (CVE-2011-1521) - ---- Lib/urllib.py.orig 2007-03-14 08:27:57.000000000 +0000 -+++ Lib/urllib.py -@@ -638,10 +638,20 @@ class FancyURLopener(URLopener): - newurl = headers['uri'] - else: - return -- void = fp.read() -- fp.close() -+ - # In case the server sent a relative URL, join with original: - newurl = basejoin(self.type + ":" + url, newurl) -+ -+ # For security reasons we do not allow redirects to protocols -+ # other than HTTP, HTTPS or FTP. -+ newurl_lower = newurl.lower() -+ if not (newurl_lower.startswith('http://') or -+ newurl_lower.startswith('https://') or -+ newurl_lower.startswith('ftp://')): -+ return -+ -+ void = fp.read() -+ fp.close() - return self.open(newurl) - - def http_error_301(self, url, fp, errcode, errmsg, headers, data=None): diff --git a/lang/python25/patches/patch-bb b/lang/python25/patches/patch-bb deleted file mode 100644 index 061659d0a5e..00000000000 --- a/lang/python25/patches/patch-bb +++ /dev/null @@ -1,21 +0,0 @@ -$NetBSD: patch-bb,v 1.3 2011/03/28 15:58:15 drochner Exp $ - -Issue #11662 (CVE-2011-1521) - ---- Lib/urllib2.py.orig 2008-04-22 21:17:18.000000000 +0000 -+++ Lib/urllib2.py -@@ -555,6 +555,14 @@ class HTTPRedirectHandler(BaseHandler): - return - newurl = urlparse.urljoin(req.get_full_url(), newurl) - -+ # For security reasons we do not allow redirects to protocols -+ # other than HTTP, HTTPS or FTP. -+ newurl_lower = newurl.lower() -+ if not (newurl_lower.startswith('http://') or -+ newurl_lower.startswith('https://') or -+ newurl_lower.startswith('ftp://')): -+ return -+ - # XXX Probably want to forget about the state of the current - # request, although that might interact poorly with other - # handlers that also use handler-specific request attributes diff --git a/lang/python25/patches/patch-bc b/lang/python25/patches/patch-bc deleted file mode 100644 index 5eb5e15d3b3..00000000000 --- a/lang/python25/patches/patch-bc +++ /dev/null @@ -1,348 +0,0 @@ -$NetBSD: patch-bc,v 1.3 2011/03/28 15:58:15 drochner Exp $ - -Issue #8674/#7673 - ---- Modules/audioop.c.orig 2008-02-14 11:26:18.000000000 +0000 -+++ Modules/audioop.c -@@ -295,6 +295,29 @@ static int stepsizeTable[89] = { - - static PyObject *AudioopError; - -+static int -+audioop_check_size(int size) -+{ -+ if (size != 1 && size != 2 && size != 4) { -+ PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -+ return 0; -+ } -+ else -+ return 1; -+} -+ -+static int -+audioop_check_parameters(int len, int size) -+{ -+ if (!audioop_check_size(size)) -+ return 0; -+ if (len % size != 0) { -+ PyErr_SetString(AudioopError, "not a whole number of frames"); -+ return 0; -+ } -+ return 1; -+} -+ - static PyObject * - audioop_getsample(PyObject *self, PyObject *args) - { -@@ -304,10 +327,8 @@ audioop_getsample(PyObject *self, PyObje - - if ( !PyArg_ParseTuple(args, "s#ii:getsample", &cp, &len, &size, &i) ) - return 0; -- if ( size != 1 && size != 2 && size != 4 ) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - if ( i < 0 || i >= len/size ) { - PyErr_SetString(AudioopError, "Index out of range"); - return 0; -@@ -328,10 +349,8 @@ audioop_max(PyObject *self, PyObject *ar - - if ( !PyArg_ParseTuple(args, "s#i:max", &cp, &len, &size) ) - return 0; -- if ( size != 1 && size != 2 && size != 4 ) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - for ( i=0; i<len; i+= size) { - if ( size == 1 ) val = (int)*CHARP(cp, i); - else if ( size == 2 ) val = (int)*SHORTP(cp, i); -@@ -352,10 +371,8 @@ audioop_minmax(PyObject *self, PyObject - - if (!PyArg_ParseTuple(args, "s#i:minmax", &cp, &len, &size)) - return NULL; -- if (size != 1 && size != 2 && size != 4) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -+ if (!audioop_check_parameters(len, size)) - return NULL; -- } - for (i = 0; i < len; i += size) { - if (size == 1) val = (int) *CHARP(cp, i); - else if (size == 2) val = (int) *SHORTP(cp, i); -@@ -376,10 +393,8 @@ audioop_avg(PyObject *self, PyObject *ar - - if ( !PyArg_ParseTuple(args, "s#i:avg", &cp, &len, &size) ) - return 0; -- if ( size != 1 && size != 2 && size != 4 ) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - for ( i=0; i<len; i+= size) { - if ( size == 1 ) val = (int)*CHARP(cp, i); - else if ( size == 2 ) val = (int)*SHORTP(cp, i); -@@ -403,10 +418,8 @@ audioop_rms(PyObject *self, PyObject *ar - - if ( !PyArg_ParseTuple(args, "s#i:rms", &cp, &len, &size) ) - return 0; -- if ( size != 1 && size != 2 && size != 4 ) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - for ( i=0; i<len; i+= size) { - if ( size == 1 ) val = (int)*CHARP(cp, i); - else if ( size == 2 ) val = (int)*SHORTP(cp, i); -@@ -609,10 +622,8 @@ audioop_avgpp(PyObject *self, PyObject * - - if ( !PyArg_ParseTuple(args, "s#i:avgpp", &cp, &len, &size) ) - return 0; -- if ( size != 1 && size != 2 && size != 4 ) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - /* Compute first delta value ahead. Also automatically makes us - ** skip the first extreme value - */ -@@ -666,10 +677,8 @@ audioop_maxpp(PyObject *self, PyObject * - - if ( !PyArg_ParseTuple(args, "s#i:maxpp", &cp, &len, &size) ) - return 0; -- if ( size != 1 && size != 2 && size != 4 ) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - /* Compute first delta value ahead. Also automatically makes us - ** skip the first extreme value - */ -@@ -717,10 +726,8 @@ audioop_cross(PyObject *self, PyObject * - - if ( !PyArg_ParseTuple(args, "s#i:cross", &cp, &len, &size) ) - return 0; -- if ( size != 1 && size != 2 && size != 4 ) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - ncross = -1; - prevval = 17; /* Anything <> 0,1 */ - for ( i=0; i<len; i+= size) { -@@ -745,6 +752,8 @@ audioop_mul(PyObject *self, PyObject *ar - - if ( !PyArg_ParseTuple(args, "s#id:mul", &cp, &len, &size, &factor ) ) - return 0; -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - - if ( size == 1 ) maxval = (double) 0x7f; - else if ( size == 2 ) maxval = (double) 0x7fff; -@@ -787,6 +796,12 @@ audioop_tomono(PyObject *self, PyObject - if ( !PyArg_ParseTuple(args, "s#idd:tomono", - &cp, &len, &size, &fac1, &fac2 ) ) - return 0; -+ if (!audioop_check_parameters(len, size)) -+ return NULL; -+ if (((len / size) & 1) != 0) { -+ PyErr_SetString(AudioopError, "not a whole number of frames"); -+ return NULL; -+ } - - if ( size == 1 ) maxval = (double) 0x7f; - else if ( size == 2 ) maxval = (double) 0x7fff; -@@ -832,6 +847,8 @@ audioop_tostereo(PyObject *self, PyObjec - if ( !PyArg_ParseTuple(args, "s#idd:tostereo", - &cp, &len, &size, &fac1, &fac2 ) ) - return 0; -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - - if ( size == 1 ) maxval = (double) 0x7f; - else if ( size == 2 ) maxval = (double) 0x7fff; -@@ -891,7 +908,8 @@ audioop_add(PyObject *self, PyObject *ar - if ( !PyArg_ParseTuple(args, "s#s#i:add", - &cp1, &len1, &cp2, &len2, &size ) ) - return 0; -- -+ if (!audioop_check_parameters(len1, size)) -+ return NULL; - if ( len1 != len2 ) { - PyErr_SetString(AudioopError, "Lengths should be the same"); - return 0; -@@ -946,10 +964,8 @@ audioop_bias(PyObject *self, PyObject *a - &cp, &len, &size , &bias) ) - return 0; - -- if ( size != 1 && size != 2 && size != 4) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - - rv = PyString_FromStringAndSize(NULL, len); - if ( rv == 0 ) -@@ -982,10 +998,8 @@ audioop_reverse(PyObject *self, PyObject - &cp, &len, &size) ) - return 0; - -- if ( size != 1 && size != 2 && size != 4 ) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - - rv = PyString_FromStringAndSize(NULL, len); - if ( rv == 0 ) -@@ -1019,11 +1033,10 @@ audioop_lin2lin(PyObject *self, PyObject - &cp, &len, &size, &size2) ) - return 0; - -- if ( (size != 1 && size != 2 && size != 4) || -- (size2 != 1 && size2 != 2 && size2 != 4)) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; -+ if (!audioop_check_size(size2)) -+ return NULL; - - new_len = (len/size)*size2; - if (new_len < 0) { -@@ -1075,10 +1088,8 @@ audioop_ratecv(PyObject *self, PyObject - &nchannels, &inrate, &outrate, &state, - &weightA, &weightB)) - return NULL; -- if (size != 1 && size != 2 && size != 4) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -+ if (!audioop_check_size(size)) - return NULL; -- } - if (nchannels < 1) { - PyErr_SetString(AudioopError, "# of channels should be >= 1"); - return NULL; -@@ -1154,25 +1165,16 @@ audioop_ratecv(PyObject *self, PyObject - ceiling(len*outrate/inrate) output frames, and each frame - requires bytes_per_frame bytes. Computing this - without spurious overflow is the challenge; we can -- settle for a reasonable upper bound, though. */ -- int ceiling; /* the number of output frames */ -- int nbytes; /* the number of output bytes needed */ -- int q = len / inrate; -- /* Now len = q * inrate + r exactly (with r = len % inrate), -- and this is less than q * inrate + inrate = (q+1)*inrate. -- So a reasonable upper bound on len*outrate/inrate is -- ((q+1)*inrate)*outrate/inrate = -- (q+1)*outrate. -- */ -- ceiling = (q+1) * outrate; -- nbytes = ceiling * bytes_per_frame; -- /* See whether anything overflowed; if not, get the space. */ -- if (q+1 < 0 || -- ceiling / outrate != q+1 || -- nbytes / bytes_per_frame != ceiling) -+ settle for a reasonable upper bound, though, in this -+ case ceiling(len/inrate) * outrate. */ -+ -+ /* compute ceiling(len/inrate) without overflow */ -+ int q = len > 0 ? 1 + (len - 1) / inrate : 0; -+ if (outrate > INT_MAX / q / bytes_per_frame) - str = NULL; - else -- str = PyString_FromStringAndSize(NULL, nbytes); -+ str = PyString_FromStringAndSize(NULL, -+ q * outrate * bytes_per_frame); - - if (str == NULL) { - PyErr_SetString(PyExc_MemoryError, -@@ -1265,10 +1267,8 @@ audioop_lin2ulaw(PyObject *self, PyObjec - &cp, &len, &size) ) - return 0 ; - -- if ( size != 1 && size != 2 && size != 4) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - - rv = PyString_FromStringAndSize(NULL, len/size); - if ( rv == 0 ) -@@ -1299,10 +1299,8 @@ audioop_ulaw2lin(PyObject *self, PyObjec - &cp, &len, &size) ) - return 0; - -- if ( size != 1 && size != 2 && size != 4) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - - new_len = len*size; - if (new_len < 0) { -@@ -1339,10 +1337,8 @@ audioop_lin2alaw(PyObject *self, PyObjec - &cp, &len, &size) ) - return 0; - -- if ( size != 1 && size != 2 && size != 4) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - - rv = PyString_FromStringAndSize(NULL, len/size); - if ( rv == 0 ) -@@ -1373,10 +1369,8 @@ audioop_alaw2lin(PyObject *self, PyObjec - &cp, &len, &size) ) - return 0; - -- if ( size != 1 && size != 2 && size != 4) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - - new_len = len*size; - if (new_len < 0) { -@@ -1414,12 +1408,9 @@ audioop_lin2adpcm(PyObject *self, PyObje - &cp, &len, &size, &state) ) - return 0; - -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - -- if ( size != 1 && size != 2 && size != 4) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -- - str = PyString_FromStringAndSize(NULL, len/(size*2)); - if ( str == 0 ) - return 0; -@@ -1522,10 +1513,8 @@ audioop_adpcm2lin(PyObject *self, PyObje - &cp, &len, &size, &state) ) - return 0; - -- if ( size != 1 && size != 2 && size != 4) { -- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); -- return 0; -- } -+ if (!audioop_check_parameters(len, size)) -+ return NULL; - - /* Decode state, should have (value, step) */ - if ( state == Py_None ) { |