summaryrefslogtreecommitdiff
path: root/lang
diff options
context:
space:
mode:
authordrochner <drochner@pkgsrc.org>2003-01-22 17:05:33 +0000
committerdrochner <drochner@pkgsrc.org>2003-01-22 17:05:33 +0000
commit7b0f22b5548007e5a0e87970705b6f3c165739b7 (patch)
treefdaa8e6a43722a22b99305e958558b2ed949b96e /lang
parentf2069652288a7ee31e410e1bc125f7156969ab32 (diff)
downloadpkgsrc-7b0f22b5548007e5a0e87970705b6f3c165739b7.tar.gz
security fix: don't use guessable temp file names in execvpe()
Diffstat (limited to 'lang')
-rw-r--r--lang/python21-pth/Makefile3
-rw-r--r--lang/python21-pth/PLIST3
-rw-r--r--lang/python21-pth/distinfo4
-rw-r--r--lang/python21-pth/patches/patch-ah75
-rw-r--r--lang/python21-pth/patches/patch-ai20
-rw-r--r--lang/python21/Makefile3
-rw-r--r--lang/python21/PLIST3
-rw-r--r--lang/python21/distinfo4
-rw-r--r--lang/python21/patches/patch-ah75
-rw-r--r--lang/python21/patches/patch-ai20
10 files changed, 202 insertions, 8 deletions
diff --git a/lang/python21-pth/Makefile b/lang/python21-pth/Makefile
index 8d178983351..6ac36ab0de2 100644
--- a/lang/python21-pth/Makefile
+++ b/lang/python21-pth/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.2 2002/09/04 14:25:17 drochner Exp $
+# $NetBSD: Makefile,v 1.3 2003/01/22 17:05:33 drochner Exp $
#
DISTNAME= Python-2.1.3
PKGNAME= python21-pth-2.1.3
+PKGREVISION= 1
CATEGORIES= lang
MASTER_SITES= ftp://ftp.python.org/pub/python/2.1.3/
EXTRACT_SUFX= .tgz
diff --git a/lang/python21-pth/PLIST b/lang/python21-pth/PLIST
index fa842f6cc62..d741af73204 100644
--- a/lang/python21-pth/PLIST
+++ b/lang/python21-pth/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2002/08/20 19:58:58 drochner Exp $
+@comment $NetBSD: PLIST,v 1.2 2003/01/22 17:05:34 drochner Exp $
bin/pydoc2p1
bin/python2p1
include/python2p1/Python.h
@@ -628,7 +628,6 @@ lib/python2p1/lib-dynload/cStringIO.so
lib/python2p1/lib-dynload/cmath.so
lib/python2p1/lib-dynload/crypt.so
lib/python2p1/lib-dynload/dbm.so
-lib/python2p1/lib-dynload/errno.so
lib/python2p1/lib-dynload/fcntl.so
lib/python2p1/lib-dynload/fpectl.so
lib/python2p1/lib-dynload/grp.so
diff --git a/lang/python21-pth/distinfo b/lang/python21-pth/distinfo
index db567908ffa..5b8735ca3c8 100644
--- a/lang/python21-pth/distinfo
+++ b/lang/python21-pth/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.3 2002/09/06 17:01:09 drochner Exp $
+$NetBSD: distinfo,v 1.4 2003/01/22 17:05:34 drochner Exp $
SHA1 (Python-2.1.3.tgz) = 7042a5c5fd60d334c0ac227885d68a4c305713b4
Size (Python-2.1.3.tgz) = 6194432 bytes
@@ -9,4 +9,6 @@ SHA1 (patch-ad) = 769bcd7803723c8d538a74173792ffcc491fa414
SHA1 (patch-ae) = 079cd208ba57755a7e0f3ac03b6ba59d622be5db
SHA1 (patch-af) = 2caa6dd54088b1866679338df2c1311c4718cf0f
SHA1 (patch-ag) = fa9a5f13072d9137182675394f04cd9b163d3a5c
+SHA1 (patch-ah) = 637dfe0cb4d031760f1085fb7921c0ae77158221
+SHA1 (patch-ai) = 6420f2994109b8cce55674ea14d7a974f9e039c6
SHA1 (patch-ba) = 5e47b2e75ea40682216e42fbf8b971432836afdc
diff --git a/lang/python21-pth/patches/patch-ah b/lang/python21-pth/patches/patch-ah
new file mode 100644
index 00000000000..8b34ad969e4
--- /dev/null
+++ b/lang/python21-pth/patches/patch-ah
@@ -0,0 +1,75 @@
+$NetBSD: patch-ah,v 1.1 2003/01/22 17:05:34 drochner Exp $
+
+--- Lib/os.py.orig Wed Jan 22 17:27:56 2003
++++ Lib/os.py Wed Jan 22 17:30:02 2003
+@@ -291,7 +291,7 @@
+ _execvpe(file, args)
+
+ def execvpe(file, args, env):
+- """execv(file, args, env)
++ """execvpe(file, args, env)
+
+ Execute the executable file (which is searched for along $PATH)
+ with argument list args and environment env , replacing the
+@@ -301,8 +301,9 @@
+
+ __all__.extend(["execl","execle","execlp","execlpe","execvp","execvpe"])
+
+-_notfound = None
+ def _execvpe(file, args, env=None):
++ from errno import ENOENT, ENOTDIR
++
+ if env is not None:
+ func = execve
+ argrest = (args, env)
+@@ -310,7 +311,7 @@
+ func = execv
+ argrest = (args,)
+ env = environ
+- global _notfound
++
+ head, tail = path.split(file)
+ if head:
+ apply(func, (file,) + argrest)
+@@ -320,30 +321,21 @@
+ else:
+ envpath = defpath
+ PATH = envpath.split(pathsep)
+- if not _notfound:
+- if sys.platform[:4] == 'beos':
+- # Process handling (fork, wait) under BeOS (up to 5.0)
+- # doesn't interoperate reliably with the thread interlocking
+- # that happens during an import. The actual error we need
+- # is the same on BeOS for posix.open() et al., ENOENT.
+- try: unlink('/_#.# ## #.#')
+- except error, _notfound: pass
+- else:
+- import tempfile
+- t = tempfile.mktemp()
+- # Exec a file that is guaranteed not to exist
+- try: execv(t, ('blah',))
+- except error, _notfound: pass
+- exc, arg = error, _notfound
++ saved_exc = None
++ saved_tb = None
+ for dir in PATH:
+ fullname = path.join(dir, file)
+ try:
+ apply(func, (fullname,) + argrest)
+- except error, (errno, msg):
+- if errno != arg[0]:
+- exc, arg = error, (errno, msg)
+- raise exc, arg
+-
++ except error, e:
++ tb = sys.exc_info()[2]
++ if (e.errno != ENOENT and e.errno != ENOTDIR
++ and saved_exc is None):
++ saved_exc = e
++ saved_tb = tb
++ if saved_exc:
++ raise error, saved_exc, saved_tb
++ raise error, e, tb
+
+ # Change environ to automatically call putenv() if it exists
+ try:
diff --git a/lang/python21-pth/patches/patch-ai b/lang/python21-pth/patches/patch-ai
new file mode 100644
index 00000000000..1cd11d1786c
--- /dev/null
+++ b/lang/python21-pth/patches/patch-ai
@@ -0,0 +1,20 @@
+$NetBSD: patch-ai,v 1.1 2003/01/22 17:05:34 drochner Exp $
+
+--- Modules/Setup.dist.orig Wed Jan 22 17:37:38 2003
++++ Modules/Setup.dist Wed Jan 22 17:39:03 2003
+@@ -97,6 +97,7 @@
+ # setup.py script in the root of the Python source tree.
+
+ posix posixmodule.c # posix (UNIX) system calls
++errno errnomodule.c # posix (UNIX) errno values
+ _sre _sre.c # Fredrik Lundh's new regular expressions
+
+ # The rest of the modules listed in this file are all commented out by
+@@ -162,7 +163,6 @@
+ #fcntl fcntlmodule.c # fcntl(2) and ioctl(2)
+ #pwd pwdmodule.c # pwd(3)
+ #grp grpmodule.c # grp(3)
+-#errno errnomodule.c # posix (UNIX) errno values
+ #select selectmodule.c # select(2); not on ancient System V
+
+ # Memory-mapped files (also works on Win32).
diff --git a/lang/python21/Makefile b/lang/python21/Makefile
index 1bdcd3b8331..0bf83de4984 100644
--- a/lang/python21/Makefile
+++ b/lang/python21/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.7 2002/10/10 09:57:51 wiz Exp $
+# $NetBSD: Makefile,v 1.8 2003/01/22 17:05:33 drochner Exp $
#
DISTNAME= Python-2.1.3
PKGNAME= python21-2.1.3
+PKGREVISION= 1
CATEGORIES= lang
MASTER_SITES= ftp://ftp.python.org/pub/python/2.1.3/
EXTRACT_SUFX= .tgz
diff --git a/lang/python21/PLIST b/lang/python21/PLIST
index f954c43d0fa..7580da254d6 100644
--- a/lang/python21/PLIST
+++ b/lang/python21/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2002/04/15 12:10:49 drochner Exp $
+@comment $NetBSD: PLIST,v 1.5 2003/01/22 17:05:33 drochner Exp $
bin/pydoc2.1
bin/python2.1
include/python2.1/Python.h
@@ -628,7 +628,6 @@ lib/python2.1/lib-dynload/cStringIO.so
lib/python2.1/lib-dynload/cmath.so
lib/python2.1/lib-dynload/crypt.so
lib/python2.1/lib-dynload/dbm.so
-lib/python2.1/lib-dynload/errno.so
lib/python2.1/lib-dynload/fcntl.so
lib/python2.1/lib-dynload/fpectl.so
lib/python2.1/lib-dynload/grp.so
diff --git a/lang/python21/distinfo b/lang/python21/distinfo
index 02df1d5b342..e56816ad51c 100644
--- a/lang/python21/distinfo
+++ b/lang/python21/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.7 2002/04/15 12:10:49 drochner Exp $
+$NetBSD: distinfo,v 1.8 2003/01/22 17:05:33 drochner Exp $
SHA1 (Python-2.1.3.tgz) = 7042a5c5fd60d334c0ac227885d68a4c305713b4
Size (Python-2.1.3.tgz) = 6194432 bytes
@@ -6,3 +6,5 @@ SHA1 (patch-aa) = 8273acc49a9eedad6e09685098178f3b7fb8f1c6
SHA1 (patch-ab) = f87a4d5c76182ab27ba79b42f00e8a2ff63bcf2b
SHA1 (patch-ac) = 397454551beaa8dd11e0a5c171cbdb4f4501a9a3
SHA1 (patch-ad) = 769bcd7803723c8d538a74173792ffcc491fa414
+SHA1 (patch-ah) = 637dfe0cb4d031760f1085fb7921c0ae77158221
+SHA1 (patch-ai) = 6420f2994109b8cce55674ea14d7a974f9e039c6
diff --git a/lang/python21/patches/patch-ah b/lang/python21/patches/patch-ah
new file mode 100644
index 00000000000..31aa1b86d2e
--- /dev/null
+++ b/lang/python21/patches/patch-ah
@@ -0,0 +1,75 @@
+$NetBSD: patch-ah,v 1.1 2003/01/22 17:05:33 drochner Exp $
+
+--- Lib/os.py.orig Wed Jan 22 17:27:56 2003
++++ Lib/os.py Wed Jan 22 17:30:02 2003
+@@ -291,7 +291,7 @@
+ _execvpe(file, args)
+
+ def execvpe(file, args, env):
+- """execv(file, args, env)
++ """execvpe(file, args, env)
+
+ Execute the executable file (which is searched for along $PATH)
+ with argument list args and environment env , replacing the
+@@ -301,8 +301,9 @@
+
+ __all__.extend(["execl","execle","execlp","execlpe","execvp","execvpe"])
+
+-_notfound = None
+ def _execvpe(file, args, env=None):
++ from errno import ENOENT, ENOTDIR
++
+ if env is not None:
+ func = execve
+ argrest = (args, env)
+@@ -310,7 +311,7 @@
+ func = execv
+ argrest = (args,)
+ env = environ
+- global _notfound
++
+ head, tail = path.split(file)
+ if head:
+ apply(func, (file,) + argrest)
+@@ -320,30 +321,21 @@
+ else:
+ envpath = defpath
+ PATH = envpath.split(pathsep)
+- if not _notfound:
+- if sys.platform[:4] == 'beos':
+- # Process handling (fork, wait) under BeOS (up to 5.0)
+- # doesn't interoperate reliably with the thread interlocking
+- # that happens during an import. The actual error we need
+- # is the same on BeOS for posix.open() et al., ENOENT.
+- try: unlink('/_#.# ## #.#')
+- except error, _notfound: pass
+- else:
+- import tempfile
+- t = tempfile.mktemp()
+- # Exec a file that is guaranteed not to exist
+- try: execv(t, ('blah',))
+- except error, _notfound: pass
+- exc, arg = error, _notfound
++ saved_exc = None
++ saved_tb = None
+ for dir in PATH:
+ fullname = path.join(dir, file)
+ try:
+ apply(func, (fullname,) + argrest)
+- except error, (errno, msg):
+- if errno != arg[0]:
+- exc, arg = error, (errno, msg)
+- raise exc, arg
+-
++ except error, e:
++ tb = sys.exc_info()[2]
++ if (e.errno != ENOENT and e.errno != ENOTDIR
++ and saved_exc is None):
++ saved_exc = e
++ saved_tb = tb
++ if saved_exc:
++ raise error, saved_exc, saved_tb
++ raise error, e, tb
+
+ # Change environ to automatically call putenv() if it exists
+ try:
diff --git a/lang/python21/patches/patch-ai b/lang/python21/patches/patch-ai
new file mode 100644
index 00000000000..0b0ea0ca2b8
--- /dev/null
+++ b/lang/python21/patches/patch-ai
@@ -0,0 +1,20 @@
+$NetBSD: patch-ai,v 1.1 2003/01/22 17:05:33 drochner Exp $
+
+--- Modules/Setup.dist.orig Wed Jan 22 17:37:38 2003
++++ Modules/Setup.dist Wed Jan 22 17:39:03 2003
+@@ -97,6 +97,7 @@
+ # setup.py script in the root of the Python source tree.
+
+ posix posixmodule.c # posix (UNIX) system calls
++errno errnomodule.c # posix (UNIX) errno values
+ _sre _sre.c # Fredrik Lundh's new regular expressions
+
+ # The rest of the modules listed in this file are all commented out by
+@@ -162,7 +163,6 @@
+ #fcntl fcntlmodule.c # fcntl(2) and ioctl(2)
+ #pwd pwdmodule.c # pwd(3)
+ #grp grpmodule.c # grp(3)
+-#errno errnomodule.c # posix (UNIX) errno values
+ #select selectmodule.c # select(2); not on ancient System V
+
+ # Memory-mapped files (also works on Win32).