security fix: don't use guessable temp file names in execvpe()

author: drochner <drochner@pkgsrc.org> 2003-01-22 17:05:33 +0000
committer: drochner <drochner@pkgsrc.org> 2003-01-22 17:05:33 +0000
commit: 7b0f22b5548007e5a0e87970705b6f3c165739b7 (patch)
tree: fdaa8e6a43722a22b99305e958558b2ed949b96e /lang
parent: f2069652288a7ee31e410e1bc125f7156969ab32 (diff)
download: pkgsrc-7b0f22b5548007e5a0e87970705b6f3c165739b7.tar.gz
10 files changed, 202 insertions, 8 deletions
diff --git a/lang/python21-pth/Makefile b/lang/python21-pth/Makefile
index 8d178983351..6ac36ab0de2 100644
--- a/lang/python21-pth/Makefile
+++ b/lang/python21-pth/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.2 2002/09/04 14:25:17 drochner Exp $
+# $NetBSD: Makefile,v 1.3 2003/01/22 17:05:33 drochner Exp $
 #
 
 DISTNAME=	Python-2.1.3
 PKGNAME=	python21-pth-2.1.3
+PKGREVISION=	1
 CATEGORIES=	lang
 MASTER_SITES=	ftp://ftp.python.org/pub/python/2.1.3/
 EXTRACT_SUFX=	.tgz
diff --git a/lang/python21-pth/PLIST b/lang/python21-pth/PLIST
index fa842f6cc62..d741af73204 100644
--- a/lang/python21-pth/PLIST
+++ b/lang/python21-pth/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2002/08/20 19:58:58 drochner Exp $
+@comment $NetBSD: PLIST,v 1.2 2003/01/22 17:05:34 drochner Exp $
 bin/pydoc2p1
 bin/python2p1
 include/python2p1/Python.h
@@ -628,7 +628,6 @@ lib/python2p1/lib-dynload/cStringIO.so
 lib/python2p1/lib-dynload/cmath.so
 lib/python2p1/lib-dynload/crypt.so
 lib/python2p1/lib-dynload/dbm.so
-lib/python2p1/lib-dynload/errno.so
 lib/python2p1/lib-dynload/fcntl.so
 lib/python2p1/lib-dynload/fpectl.so
 lib/python2p1/lib-dynload/grp.so
diff --git a/lang/python21-pth/distinfo b/lang/python21-pth/distinfo
index db567908ffa..5b8735ca3c8 100644
--- a/lang/python21-pth/distinfo
+++ b/lang/python21-pth/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.3 2002/09/06 17:01:09 drochner Exp $
+$NetBSD: distinfo,v 1.4 2003/01/22 17:05:34 drochner Exp $
 
 SHA1 (Python-2.1.3.tgz) = 7042a5c5fd60d334c0ac227885d68a4c305713b4
 Size (Python-2.1.3.tgz) = 6194432 bytes
@@ -9,4 +9,6 @@ SHA1 (patch-ad) = 769bcd7803723c8d538a74173792ffcc491fa414
 SHA1 (patch-ae) = 079cd208ba57755a7e0f3ac03b6ba59d622be5db
 SHA1 (patch-af) = 2caa6dd54088b1866679338df2c1311c4718cf0f
 SHA1 (patch-ag) = fa9a5f13072d9137182675394f04cd9b163d3a5c
+SHA1 (patch-ah) = 637dfe0cb4d031760f1085fb7921c0ae77158221
+SHA1 (patch-ai) = 6420f2994109b8cce55674ea14d7a974f9e039c6
 SHA1 (patch-ba) = 5e47b2e75ea40682216e42fbf8b971432836afdc
diff --git a/lang/python21-pth/patches/patch-ah b/lang/python21-pth/patches/patch-ah
new file mode 100644
index 00000000000..8b34ad969e4
--- /dev/null
+++ b/lang/python21-pth/patches/patch-ah
@@ -0,0 +1,75 @@
+$NetBSD: patch-ah,v 1.1 2003/01/22 17:05:34 drochner Exp $
+
+--- Lib/os.py.orig	Wed Jan 22 17:27:56 2003
++++ Lib/os.py	Wed Jan 22 17:30:02 2003
+@@ -291,7 +291,7 @@
+     _execvpe(file, args)
+ 
+ def execvpe(file, args, env):
+-    """execv(file, args, env)
++    """execvpe(file, args, env)
+ 
+     Execute the executable file (which is searched for along $PATH)
+     with argument list args and environment env , replacing the
+@@ -301,8 +301,9 @@
+ 
+ __all__.extend(["execl","execle","execlp","execlpe","execvp","execvpe"])
+ 
+-_notfound = None
+ def _execvpe(file, args, env=None):
++    from errno import ENOENT, ENOTDIR
++
+     if env is not None:
+         func = execve
+         argrest = (args, env)
+@@ -310,7 +311,7 @@
+         func = execv
+         argrest = (args,)
+         env = environ
+-    global _notfound
++
+     head, tail = path.split(file)
+     if head:
+         apply(func, (file,) + argrest)
+@@ -320,30 +321,21 @@
+     else:
+         envpath = defpath
+     PATH = envpath.split(pathsep)
+-    if not _notfound:
+-        if sys.platform[:4] == 'beos':
+-            #  Process handling (fork, wait) under BeOS (up to 5.0)
+-            #  doesn't interoperate reliably with the thread interlocking
+-            #  that happens during an import.  The actual error we need
+-            #  is the same on BeOS for posix.open() et al., ENOENT.
+-            try: unlink('/_#.# ## #.#')
+-            except error, _notfound: pass
+-        else:
+-            import tempfile
+-            t = tempfile.mktemp()
+-            # Exec a file that is guaranteed not to exist
+-            try: execv(t, ('blah',))
+-            except error, _notfound: pass
+-    exc, arg = error, _notfound
++    saved_exc = None
++    saved_tb = None
+     for dir in PATH:
+         fullname = path.join(dir, file)
+         try:
+             apply(func, (fullname,) + argrest)
+-        except error, (errno, msg):
+-            if errno != arg[0]:
+-                exc, arg = error, (errno, msg)
+-    raise exc, arg
+-
++        except error, e:
++            tb = sys.exc_info()[2]
++            if (e.errno != ENOENT and e.errno != ENOTDIR
++                and saved_exc is None):
++                saved_exc = e
++                saved_tb = tb
++    if saved_exc:
++        raise error, saved_exc, saved_tb
++    raise error, e, tb
+ 
+ # Change environ to automatically call putenv() if it exists
+ try:
diff --git a/lang/python21-pth/patches/patch-ai b/lang/python21-pth/patches/patch-ai
new file mode 100644
index 00000000000..1cd11d1786c
--- /dev/null
+++ b/lang/python21-pth/patches/patch-ai
@@ -0,0 +1,20 @@
+$NetBSD: patch-ai,v 1.1 2003/01/22 17:05:34 drochner Exp $
+
+--- Modules/Setup.dist.orig	Wed Jan 22 17:37:38 2003
++++ Modules/Setup.dist	Wed Jan 22 17:39:03 2003
+@@ -97,6 +97,7 @@
+ # setup.py script in the root of the Python source tree.
+ 
+ posix posixmodule.c		# posix (UNIX) system calls
++errno errnomodule.c		# posix (UNIX) errno values
+ _sre _sre.c			# Fredrik Lundh's new regular expressions
+ 
+ # The rest of the modules listed in this file are all commented out by
+@@ -162,7 +163,6 @@
+ #fcntl fcntlmodule.c	# fcntl(2) and ioctl(2)
+ #pwd pwdmodule.c		# pwd(3) 
+ #grp grpmodule.c		# grp(3)
+-#errno errnomodule.c	# posix (UNIX) errno values
+ #select selectmodule.c	# select(2); not on ancient System V
+ 
+ # Memory-mapped files (also works on Win32).
diff --git a/lang/python21/Makefile b/lang/python21/Makefile
index 1bdcd3b8331..0bf83de4984 100644
--- a/lang/python21/Makefile
+++ b/lang/python21/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.7 2002/10/10 09:57:51 wiz Exp $
+# $NetBSD: Makefile,v 1.8 2003/01/22 17:05:33 drochner Exp $
 #
 
 DISTNAME=	Python-2.1.3
 PKGNAME=	python21-2.1.3
+PKGREVISION=	1
 CATEGORIES=	lang
 MASTER_SITES=	ftp://ftp.python.org/pub/python/2.1.3/
 EXTRACT_SUFX=	.tgz
diff --git a/lang/python21/PLIST b/lang/python21/PLIST
index f954c43d0fa..7580da254d6 100644
--- a/lang/python21/PLIST
+++ b/lang/python21/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2002/04/15 12:10:49 drochner Exp $
+@comment $NetBSD: PLIST,v 1.5 2003/01/22 17:05:33 drochner Exp $
 bin/pydoc2.1
 bin/python2.1
 include/python2.1/Python.h
@@ -628,7 +628,6 @@ lib/python2.1/lib-dynload/cStringIO.so
 lib/python2.1/lib-dynload/cmath.so
 lib/python2.1/lib-dynload/crypt.so
 lib/python2.1/lib-dynload/dbm.so
-lib/python2.1/lib-dynload/errno.so
 lib/python2.1/lib-dynload/fcntl.so
 lib/python2.1/lib-dynload/fpectl.so
 lib/python2.1/lib-dynload/grp.so
diff --git a/lang/python21/distinfo b/lang/python21/distinfo
index 02df1d5b342..e56816ad51c 100644
--- a/lang/python21/distinfo
+++ b/lang/python21/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.7 2002/04/15 12:10:49 drochner Exp $
+$NetBSD: distinfo,v 1.8 2003/01/22 17:05:33 drochner Exp $
 
 SHA1 (Python-2.1.3.tgz) = 7042a5c5fd60d334c0ac227885d68a4c305713b4
 Size (Python-2.1.3.tgz) = 6194432 bytes
@@ -6,3 +6,5 @@ SHA1 (patch-aa) = 8273acc49a9eedad6e09685098178f3b7fb8f1c6
 SHA1 (patch-ab) = f87a4d5c76182ab27ba79b42f00e8a2ff63bcf2b
 SHA1 (patch-ac) = 397454551beaa8dd11e0a5c171cbdb4f4501a9a3
 SHA1 (patch-ad) = 769bcd7803723c8d538a74173792ffcc491fa414
+SHA1 (patch-ah) = 637dfe0cb4d031760f1085fb7921c0ae77158221
+SHA1 (patch-ai) = 6420f2994109b8cce55674ea14d7a974f9e039c6
diff --git a/lang/python21/patches/patch-ah b/lang/python21/patches/patch-ah
new file mode 100644
index 00000000000..31aa1b86d2e
--- /dev/null
+++ b/lang/python21/patches/patch-ah
@@ -0,0 +1,75 @@
+$NetBSD: patch-ah,v 1.1 2003/01/22 17:05:33 drochner Exp $
+
+--- Lib/os.py.orig	Wed Jan 22 17:27:56 2003
++++ Lib/os.py	Wed Jan 22 17:30:02 2003
+@@ -291,7 +291,7 @@
+     _execvpe(file, args)
+ 
+ def execvpe(file, args, env):
+-    """execv(file, args, env)
++    """execvpe(file, args, env)
+ 
+     Execute the executable file (which is searched for along $PATH)
+     with argument list args and environment env , replacing the
+@@ -301,8 +301,9 @@
+ 
+ __all__.extend(["execl","execle","execlp","execlpe","execvp","execvpe"])
+ 
+-_notfound = None
+ def _execvpe(file, args, env=None):
++    from errno import ENOENT, ENOTDIR
++
+     if env is not None:
+         func = execve
+         argrest = (args, env)
+@@ -310,7 +311,7 @@
+         func = execv
+         argrest = (args,)
+         env = environ
+-    global _notfound
++
+     head, tail = path.split(file)
+     if head:
+         apply(func, (file,) + argrest)
+@@ -320,30 +321,21 @@
+     else:
+         envpath = defpath
+     PATH = envpath.split(pathsep)
+-    if not _notfound:
+-        if sys.platform[:4] == 'beos':
+-            #  Process handling (fork, wait) under BeOS (up to 5.0)
+-            #  doesn't interoperate reliably with the thread interlocking
+-            #  that happens during an import.  The actual error we need
+-            #  is the same on BeOS for posix.open() et al., ENOENT.
+-            try: unlink('/_#.# ## #.#')
+-            except error, _notfound: pass
+-        else:
+-            import tempfile
+-            t = tempfile.mktemp()
+-            # Exec a file that is guaranteed not to exist
+-            try: execv(t, ('blah',))
+-            except error, _notfound: pass
+-    exc, arg = error, _notfound
++    saved_exc = None
++    saved_tb = None
+     for dir in PATH:
+         fullname = path.join(dir, file)
+         try:
+             apply(func, (fullname,) + argrest)
+-        except error, (errno, msg):
+-            if errno != arg[0]:
+-                exc, arg = error, (errno, msg)
+-    raise exc, arg
+-
++        except error, e:
++            tb = sys.exc_info()[2]
++            if (e.errno != ENOENT and e.errno != ENOTDIR
++                and saved_exc is None):
++                saved_exc = e
++                saved_tb = tb
++    if saved_exc:
++        raise error, saved_exc, saved_tb
++    raise error, e, tb
+ 
+ # Change environ to automatically call putenv() if it exists
+ try:
diff --git a/lang/python21/patches/patch-ai b/lang/python21/patches/patch-ai
new file mode 100644
index 00000000000..0b0ea0ca2b8
--- /dev/null
+++ b/lang/python21/patches/patch-ai
@@ -0,0 +1,20 @@
+$NetBSD: patch-ai,v 1.1 2003/01/22 17:05:33 drochner Exp $
+
+--- Modules/Setup.dist.orig	Wed Jan 22 17:37:38 2003
++++ Modules/Setup.dist	Wed Jan 22 17:39:03 2003
+@@ -97,6 +97,7 @@
+ # setup.py script in the root of the Python source tree.
+ 
+ posix posixmodule.c		# posix (UNIX) system calls
++errno errnomodule.c		# posix (UNIX) errno values
+ _sre _sre.c			# Fredrik Lundh's new regular expressions
+ 
+ # The rest of the modules listed in this file are all commented out by
+@@ -162,7 +163,6 @@
+ #fcntl fcntlmodule.c	# fcntl(2) and ioctl(2)
+ #pwd pwdmodule.c		# pwd(3) 
+ #grp grpmodule.c		# grp(3)
+-#errno errnomodule.c	# posix (UNIX) errno values
+ #select selectmodule.c	# select(2); not on ancient System V
+ 
+ # Memory-mapped files (also works on Win32).
author	drochner <drochner@pkgsrc.org>	2003-01-22 17:05:33 +0000
committer	drochner <drochner@pkgsrc.org>	2003-01-22 17:05:33 +0000
commit	7b0f22b5548007e5a0e87970705b6f3c165739b7 (patch)
tree	fdaa8e6a43722a22b99305e958558b2ed949b96e /lang
parent	f2069652288a7ee31e410e1bc125f7156969ab32 (diff)
download	pkgsrc-7b0f22b5548007e5a0e87970705b6f3c165739b7.tar.gz