add a patch from Redhat bugzilla #323571 to fix CVE-2007-5116:

A flaw was found in Perl's regular expression engine. Specially crafted input to a regular expression can cause Perl to improperly allocate memory, possibly resulting in arbitrary code running with the permissions of the user running Perl.
author: drochner <drochner> 2007-11-06 19:54:52 +0000
committer: drochner <drochner> 2007-11-06 19:54:52 +0000
commit: e909349891fb72284955e386a304fea9063da854 (patch)
tree: 604370dfb04d4bbc370fed7a90d8a0bacb8d9a9e /lang
parent: cda49853f655d02194314cb0e19a897159d0951f (diff)
download: pkgsrc-e909349891fb72284955e386a304fea9063da854.tar.gz
3 files changed, 65 insertions, 3 deletions
diff --git a/lang/perl5/Makefile b/lang/perl5/Makefile
index 0f23be5552b..d56e85c3520 100644
--- a/lang/perl5/Makefile
+++ b/lang/perl5/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.128 2007/09/06 16:31:38 rillig Exp $
+# $NetBSD: Makefile,v 1.129 2007/11/06 19:54:52 drochner Exp $
 
 DISTNAME=	perl-5.8.8
-PKGREVISION=	4
+PKGREVISION=	5
 CATEGORIES=	lang devel perl5
 MASTER_SITES=	${MASTER_SITE_PERL_CPAN:S,/modules/by-module/$,/src/,}
 EXTRACT_SUFX=	.tar.bz2
diff --git a/lang/perl5/distinfo b/lang/perl5/distinfo
index 19848912a48..08adf5d2d5c 100644
--- a/lang/perl5/distinfo
+++ b/lang/perl5/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.42 2007/08/04 10:27:58 tnn Exp $
+$NetBSD: distinfo,v 1.43 2007/11/06 19:54:53 drochner Exp $
 
 SHA1 (perl-5.8.8.tar.bz2) = 4aab490040727ca4419098720eca2ba4367df539
 RMD160 (perl-5.8.8.tar.bz2) = e78f26d9b96e6db35f946ad4ff55e3a69385c71b
@@ -22,5 +22,6 @@ SHA1 (patch-ci) = fe943f07044efa457d163eb86974ea10bb356226
 SHA1 (patch-cj) = 3f40f1b166a054d55224c3e79d74516ca608b696
 SHA1 (patch-ck) = 28207b8186c9ad194a1edc696159915bc16d1097
 SHA1 (patch-cn) = b5e56787fb9ca10025e9061d7bfd2da549ee3fa3
+SHA1 (patch-da) = b25f30544dd679d95997cafb7e427a41f98884b1
 SHA1 (patch-ta) = ca0d1e4bc2dbbc4b86a087fed27cd1e7bbb2873f
 SHA1 (patch-zc) = 0c61b6028813e0f80bfe0760a1e74e3037d37cdd
diff --git a/lang/perl5/patches/patch-da b/lang/perl5/patches/patch-da
new file mode 100644
index 00000000000..dd3765cb09f
--- /dev/null
+++ b/lang/perl5/patches/patch-da
@@ -0,0 +1,61 @@
+$NetBSD: patch-da,v 1.1 2007/11/06 19:54:53 drochner Exp $
+
+--- regcomp.c.orig	2006-01-08 21:59:27.000000000 +0100
++++ regcomp.c
+@@ -135,7 +135,8 @@ typedef struct RExC_state_t {
+     I32		extralen;
+     I32		seen_zerolen;
+     I32		seen_evals;
+-    I32		utf8;
++    I32		utf8;			/* pattern is utf8 or not */
++    I32		orig_utf8;		/* pattern was originally utf8 */
+ #if ADD_TO_REGEXEC
+     char 	*starttry;		/* -Dr: where regtry was called. */
+ #define RExC_starttry	(pRExC_state->starttry)
+@@ -161,6 +162,7 @@ typedef struct RExC_state_t {
+ #define RExC_seen_zerolen	(pRExC_state->seen_zerolen)
+ #define RExC_seen_evals	(pRExC_state->seen_evals)
+ #define RExC_utf8	(pRExC_state->utf8)
++#define RExC_orig_utf8	(pRExC_state->orig_utf8)
+ 
+ #define	ISMULT1(c)	((c) == '*' || (c) == '+' || (c) == '?')
+ #define	ISMULT2(s)	((*s) == '*' || (*s) == '+' || (*s) == '?' || \
+@@ -1749,15 +1751,17 @@ Perl_pregcomp(pTHX_ char *exp, char *xen
+     if (exp == NULL)
+ 	FAIL("NULL regexp argument");
+ 
+-    RExC_utf8 = pm->op_pmdynflags & PMdf_CMP_UTF8;
++    RExC_orig_utf8 = RExC_utf8 = pm->op_pmdynflags & PMdf_CMP_UTF8;
+ 
+-    RExC_precomp = exp;
+     DEBUG_r({
+ 	 if (!PL_colorset) reginitcolors();
+ 	 PerlIO_printf(Perl_debug_log, "%sCompiling REx%s `%s%*s%s'\n",
+ 		       PL_colors[4],PL_colors[5],PL_colors[0],
+-		       (int)(xend - exp), RExC_precomp, PL_colors[1]);
++		       (int)(xend - exp), exp, PL_colors[1]);
+     });
++
++redo_first_pass:
++    RExC_precomp = exp;
+     RExC_flags = pm->op_pmflags;
+     RExC_sawback = 0;
+ 
+@@ -1783,6 +1787,17 @@ Perl_pregcomp(pTHX_ char *exp, char *xen
+ 	RExC_precomp = Nullch;
+ 	return(NULL);
+     }
++    if (RExC_utf8 && !RExC_orig_utf8) {
++        STRLEN len = xend-exp;
++        DEBUG_r(PerlIO_printf(Perl_debug_log,
++                    "UTF8 mismatch! Converting to utf8 for resizing and compile\n"));
++        exp = (char*)Perl_bytes_to_utf8(aTHX_ (U8*)exp, &len);
++        xend = exp + len;
++        RExC_orig_utf8 = RExC_utf8;
++        SAVEFREEPV(exp);
++        goto redo_first_pass;
++    }
++
+     DEBUG_r(PerlIO_printf(Perl_debug_log, "size %"IVdf" ", (IV)RExC_size));
+ 
+     /* Small enough for pointer-storage convention?
author	drochner <drochner>	2007-11-06 19:54:52 +0000
committer	drochner <drochner>	2007-11-06 19:54:52 +0000
commit	e909349891fb72284955e386a304fea9063da854 (patch)
tree	604370dfb04d4bbc370fed7a90d8a0bacb8d9a9e /lang
parent	cda49853f655d02194314cb0e19a897159d0951f (diff)
download	pkgsrc-e909349891fb72284955e386a304fea9063da854.tar.gz