diff options
author | tron <tron> | 2010-06-29 08:15:42 +0000 |
---|---|---|
committer | tron <tron> | 2010-06-29 08:15:42 +0000 |
commit | 7aaf3d6c30b3183f5cd20c0a15d8f90e3ba6a791 (patch) | |
tree | beda5c77527140f6c3e0ebf4a86af948a7149a3b /lang/python26 | |
parent | efcb2e9e1692939d7671f4498e0303bf42690596 (diff) | |
download | pkgsrc-7aaf3d6c30b3183f5cd20c0a15d8f90e3ba6a791.tar.gz |
Add fix for CVE-2010-2089 taken from Red Hat's Bugzilla database.
Diffstat (limited to 'lang/python26')
-rw-r--r-- | lang/python26/Makefile | 3 | ||||
-rw-r--r-- | lang/python26/distinfo | 3 | ||||
-rw-r--r-- | lang/python26/patches/patch-af | 326 |
3 files changed, 330 insertions, 2 deletions
diff --git a/lang/python26/Makefile b/lang/python26/Makefile index d8c4960d925..e9ff485a490 100644 --- a/lang/python26/Makefile +++ b/lang/python26/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.23 2010/05/02 14:09:11 wiz Exp $ +# $NetBSD: Makefile,v 1.24 2010/06/29 08:15:42 tron Exp $ DISTNAME= Python-2.6.5 PKGNAME= ${DISTNAME:S/Python/python26/} +PKGREVISION= 1 CATEGORIES= lang python MASTER_SITES= http://www.python.org/ftp/python/2.6.5/ EXTRACT_SUFX= .tar.bz2 diff --git a/lang/python26/distinfo b/lang/python26/distinfo index 9eacb078297..fcfd4ef87fa 100644 --- a/lang/python26/distinfo +++ b/lang/python26/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.21 2010/05/02 14:09:11 wiz Exp $ +$NetBSD: distinfo,v 1.22 2010/06/29 08:15:42 tron Exp $ SHA1 (Python-2.6.5.tar.bz2) = 24c94f5428a8c94c9d0b316e3019fee721fdb5d1 RMD160 (Python-2.6.5.tar.bz2) = 909c6a13749396f2b19fed51821d3e2577b2833b @@ -8,6 +8,7 @@ SHA1 (patch-ab) = d35025df83e70d129f9fbcd277652b0eea83b026 SHA1 (patch-ac) = 858580a4e5c7474127eafb27bdfa96dc96cafad5 SHA1 (patch-ad) = a997e39d16a8f0023125362b180d19ee97ab519b SHA1 (patch-ae) = 5425515c6bf130eee204ca2749386f6447eaa35b +SHA1 (patch-af) = 42a93a321f6f480133513082c54bcab30e91445f SHA1 (patch-ah) = f973ac5a82ba5c665d2ec4b0f6130e903b5a5d7c SHA1 (patch-al) = d753e00ab65564a08988f7934870716aca9b02a9 SHA1 (patch-am) = 77f8ca811777d53d7a1972c177e59568dc49651b diff --git a/lang/python26/patches/patch-af b/lang/python26/patches/patch-af new file mode 100644 index 00000000000..e5076ae5888 --- /dev/null +++ b/lang/python26/patches/patch-af @@ -0,0 +1,326 @@ +$NetBSD: patch-af,v 1.1 2010/06/29 08:15:42 tron Exp $ + +Fix for the memory corruption caused by the "audioop" module reported +in CVE-2010-2089. Patch taken from here: + +https://bugzilla.redhat.com/attachment.cgi?id=418359&action=diff + +--- Modules/audioop.c.orig 2010-06-29 09:09:00.000000000 +0100 ++++ Modules/audioop.c 2010-06-29 09:09:00.000000000 +0100 +@@ -295,6 +295,29 @@ + + static PyObject *AudioopError; + ++static int ++audioop_check_size(int size) ++{ ++ if ( size != 1 && size != 2 && size != 4 ) { ++ PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); ++ return 0; ++ } else { ++ return 1; ++ } ++} ++ ++static int ++audioop_check_parameters(int len, int size) ++{ ++ if (!audioop_check_size(size)) ++ return 0; ++ if ( len % size != 0 ) { ++ PyErr_SetString(AudioopError, "not a whole number of frames"); ++ return 0; ++ } ++ return 1; ++} ++ + static PyObject * + audioop_getsample(PyObject *self, PyObject *args) + { +@@ -304,10 +327,8 @@ + + if ( !PyArg_ParseTuple(args, "s#ii:getsample", &cp, &len, &size, &i) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + if ( i < 0 || i >= len/size ) { + PyErr_SetString(AudioopError, "Index out of range"); + return 0; +@@ -328,10 +349,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:max", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + for ( i=0; i<len; i+= size) { + if ( size == 1 ) val = (int)*CHARP(cp, i); + else if ( size == 2 ) val = (int)*SHORTP(cp, i); +@@ -352,10 +371,8 @@ + + if (!PyArg_ParseTuple(args, "s#i:minmax", &cp, &len, &size)) + return NULL; +- if (size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); ++ if (!audioop_check_parameters(len, size)) + return NULL; +- } + for (i = 0; i < len; i += size) { + if (size == 1) val = (int) *CHARP(cp, i); + else if (size == 2) val = (int) *SHORTP(cp, i); +@@ -376,10 +393,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:avg", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + for ( i=0; i<len; i+= size) { + if ( size == 1 ) val = (int)*CHARP(cp, i); + else if ( size == 2 ) val = (int)*SHORTP(cp, i); +@@ -403,10 +418,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:rms", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + for ( i=0; i<len; i+= size) { + if ( size == 1 ) val = (int)*CHARP(cp, i); + else if ( size == 2 ) val = (int)*SHORTP(cp, i); +@@ -614,10 +627,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:avgpp", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + /* Compute first delta value ahead. Also automatically makes us + ** skip the first extreme value + */ +@@ -671,10 +682,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:maxpp", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + /* Compute first delta value ahead. Also automatically makes us + ** skip the first extreme value + */ +@@ -722,10 +731,8 @@ + + if ( !PyArg_ParseTuple(args, "s#i:cross", &cp, &len, &size) ) + return 0; +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + ncross = -1; + prevval = 17; /* Anything <> 0,1 */ + for ( i=0; i<len; i+= size) { +@@ -750,6 +757,8 @@ + + if ( !PyArg_ParseTuple(args, "s#id:mul", &cp, &len, &size, &factor ) ) + return 0; ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + if ( size == 1 ) maxval = (double) 0x7f; + else if ( size == 2 ) maxval = (double) 0x7fff; +@@ -792,6 +801,12 @@ + if ( !PyArg_ParseTuple(args, "s#idd:tomono", + &cp, &len, &size, &fac1, &fac2 ) ) + return 0; ++ if (!audioop_check_parameters(len, size)) ++ return NULL; ++ if ( ((len / size) & 1) != 0 ) { ++ PyErr_SetString(AudioopError, "not a whole number of frames"); ++ return NULL; ++ } + + if ( size == 1 ) maxval = (double) 0x7f; + else if ( size == 2 ) maxval = (double) 0x7fff; +@@ -837,6 +852,8 @@ + if ( !PyArg_ParseTuple(args, "s#idd:tostereo", + &cp, &len, &size, &fac1, &fac2 ) ) + return 0; ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + if ( size == 1 ) maxval = (double) 0x7f; + else if ( size == 2 ) maxval = (double) 0x7fff; +@@ -896,7 +913,8 @@ + if ( !PyArg_ParseTuple(args, "s#s#i:add", + &cp1, &len1, &cp2, &len2, &size ) ) + return 0; +- ++ if (!audioop_check_parameters(len1, size)) ++ return NULL; + if ( len1 != len2 ) { + PyErr_SetString(AudioopError, "Lengths should be the same"); + return 0; +@@ -950,11 +968,8 @@ + if ( !PyArg_ParseTuple(args, "s#ii:bias", + &cp, &len, &size , &bias) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + rv = PyString_FromStringAndSize(NULL, len); + if ( rv == 0 ) +@@ -986,12 +1001,9 @@ + if ( !PyArg_ParseTuple(args, "s#i:reverse", + &cp, &len, &size) ) + return 0; ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + +- if ( size != 1 && size != 2 && size != 4 ) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } +- + rv = PyString_FromStringAndSize(NULL, len); + if ( rv == 0 ) + return 0; +@@ -1023,12 +1035,10 @@ + if ( !PyArg_ParseTuple(args, "s#ii:lin2lin", + &cp, &len, &size, &size2) ) + return 0; +- +- if ( (size != 1 && size != 2 && size != 4) || +- (size2 != 1 && size2 != 2 && size2 != 4)) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; ++ if (!audioop_check_size(size2)) ++ return NULL; + + new_len = (len/size)*size2; + if (new_len < 0) { +@@ -1080,10 +1090,8 @@ + &nchannels, &inrate, &outrate, &state, + &weightA, &weightB)) + return NULL; +- if (size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); ++ if (!audioop_check_size(size)) + return NULL; +- } + if (nchannels < 1) { + PyErr_SetString(AudioopError, "# of channels should be >= 1"); + return NULL; +@@ -1269,11 +1277,8 @@ + if ( !PyArg_ParseTuple(args, "s#i:lin2ulaw", + &cp, &len, &size) ) + return 0 ; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + rv = PyString_FromStringAndSize(NULL, len/size); + if ( rv == 0 ) +@@ -1303,11 +1308,8 @@ + if ( !PyArg_ParseTuple(args, "s#i:ulaw2lin", + &cp, &len, &size) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_size(size)) ++ return NULL; + + new_len = len*size; + if (new_len < 0) { +@@ -1343,11 +1345,8 @@ + if ( !PyArg_ParseTuple(args, "s#i:lin2alaw", + &cp, &len, &size) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + rv = PyString_FromStringAndSize(NULL, len/size); + if ( rv == 0 ) +@@ -1377,11 +1376,8 @@ + if ( !PyArg_ParseTuple(args, "s#i:alaw2lin", + &cp, &len, &size) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_size(size)) ++ return NULL; + + new_len = len*size; + if (new_len < 0) { +@@ -1418,12 +1414,8 @@ + if ( !PyArg_ParseTuple(args, "s#iO:lin2adpcm", + &cp, &len, &size, &state) ) + return 0; +- +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_parameters(len, size)) ++ return NULL; + + str = PyString_FromStringAndSize(NULL, len/(size*2)); + if ( str == 0 ) +@@ -1526,11 +1518,8 @@ + if ( !PyArg_ParseTuple(args, "s#iO:adpcm2lin", + &cp, &len, &size, &state) ) + return 0; +- +- if ( size != 1 && size != 2 && size != 4) { +- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4"); +- return 0; +- } ++ if (!audioop_check_size(size)) ++ return NULL; + + /* Decode state, should have (value, step) */ + if ( state == Py_None ) { |