diff options
-rw-r--r-- | lang/python24/Makefile | 5 | ||||
-rw-r--r-- | lang/python24/PLIST.common | 3 | ||||
-rw-r--r-- | lang/python24/dist.mk | 4 | ||||
-rw-r--r-- | lang/python24/distinfo | 24 | ||||
-rw-r--r-- | lang/python24/patches/patch-aq | 26 | ||||
-rw-r--r-- | lang/python24/patches/patch-au | 15 | ||||
-rw-r--r-- | lang/python24/patches/patch-ba | 25 | ||||
-rw-r--r-- | lang/python24/patches/patch-bb | 13 | ||||
-rw-r--r-- | lang/python24/patches/patch-bc | 33 | ||||
-rw-r--r-- | lang/python24/patches/patch-bd | 15 | ||||
-rw-r--r-- | lang/python24/patches/patch-be | 44 | ||||
-rw-r--r-- | lang/python24/patches/patch-bf | 19 | ||||
-rw-r--r-- | lang/python24/patches/patch-bg | 114 | ||||
-rw-r--r-- | lang/python24/patches/patch-bh | 60 | ||||
-rw-r--r-- | lang/python24/patches/patch-bi | 16 | ||||
-rw-r--r-- | lang/python24/patches/patch-bj | 35 | ||||
-rw-r--r-- | lang/python24/patches/patch-bk | 18 | ||||
-rw-r--r-- | lang/python24/patches/patch-bl | 36 | ||||
-rw-r--r-- | lang/python24/patches/patch-bm | 57 |
19 files changed, 25 insertions, 537 deletions
diff --git a/lang/python24/Makefile b/lang/python24/Makefile index abf5f8e011c..098edd2c69a 100644 --- a/lang/python24/Makefile +++ b/lang/python24/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.55 2011/04/22 13:42:00 obache Exp $ +# $NetBSD: Makefile,v 1.56 2011/04/23 08:53:53 obache Exp $ .include "dist.mk" PKGNAME= python24-${PY_DISTVERSION} -PKGREVISION= 7 CATEGORIES= lang python MAINTAINER= pkgsrc-users@NetBSD.org @@ -139,6 +138,8 @@ REPLACE.py24.new= ${PREFIX}/bin/python${PY_VER_SUFFIX} REPLACE_FILES.py24= Lib/cgi.py # explicitly demanded to be patched REPLACE_FILES.py24+= Lib/bsddb/dbshelve.py Lib/test/test_bz2.py REPLACE_FILES.py24+= Lib/test/test_largefile.py Lib/test/test_optparse.py +REPLACE_FILES.py24+= Lib/*.py +REPLACE_FILES.py24+= Lib/test/*.py post-extract: ${MV} ${WRKSRC}/Lib/smtpd.py ${WRKSRC}/Lib/smtpd${PY_VER_SUFFIX}.py diff --git a/lang/python24/PLIST.common b/lang/python24/PLIST.common index 482c1dab2d5..72e3742adda 100644 --- a/lang/python24/PLIST.common +++ b/lang/python24/PLIST.common @@ -1,8 +1,9 @@ -@comment $NetBSD: PLIST.common,v 1.11 2008/04/13 11:03:33 tnn Exp $ +@comment $NetBSD: PLIST.common,v 1.12 2011/04/23 08:53:53 obache Exp $ bin/pydoc${PY_VER_SUFFIX} bin/python${PY_VER_SUFFIX} bin/smtpd${PY_VER_SUFFIX}.py include/python${PY_VER_SUFFIX}/Python.h +include/python${PY_VER_SUFFIX}/Python-ast.h include/python${PY_VER_SUFFIX}/abstract.h include/python${PY_VER_SUFFIX}/bitset.h include/python${PY_VER_SUFFIX}/boolobject.h diff --git a/lang/python24/dist.mk b/lang/python24/dist.mk index 4296afb26e6..2f324668d90 100644 --- a/lang/python24/dist.mk +++ b/lang/python24/dist.mk @@ -1,6 +1,6 @@ -# $NetBSD: dist.mk,v 1.1 2010/09/17 07:11:41 obache Exp $ +# $NetBSD: dist.mk,v 1.2 2011/04/23 08:53:53 obache Exp $ -PY_DISTVERSION= 2.4.5 +PY_DISTVERSION= 2.4.6 DISTNAME= Python-${PY_DISTVERSION} EXTRACT_SUFX= .tar.bz2 DISTINFO_FILE= ${.CURDIR}/../../lang/python24/distinfo diff --git a/lang/python24/distinfo b/lang/python24/distinfo index e5c81c1fcab..ee35ed61fdf 100644 --- a/lang/python24/distinfo +++ b/lang/python24/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.33 2009/09/19 09:30:41 obache Exp $ +$NetBSD: distinfo,v 1.34 2011/04/23 08:53:53 obache Exp $ -SHA1 (Python-2.4.5.tar.bz2) = 6e9e1ac2b70cc10c36063a25ab5a5ddb53177107 -RMD160 (Python-2.4.5.tar.bz2) = b43f2114697be751f03ec7cfb46f8c4946a73097 -Size (Python-2.4.5.tar.bz2) = 8159705 bytes +SHA1 (Python-2.4.6.tar.bz2) = cb1972a554a458f6a26d3e047b359251865d7c96 +RMD160 (Python-2.4.6.tar.bz2) = 0687989193dec2ac108142759281be7ddcf7f31e +Size (Python-2.4.6.tar.bz2) = 8154677 bytes SHA1 (patch-aa) = 310309e6778fd809b7758efa8db7333ed498e5e5 SHA1 (patch-ab) = 98b94620baf5d9d5e8681529297124c2d07a901b SHA1 (patch-ac) = 4a7a83c9a7bb26254d17907fe15f895276910364 @@ -19,20 +19,6 @@ SHA1 (patch-am) = 31158eee32363963e2f6d0bd528f0b291453de74 SHA1 (patch-an) = 0ae5b3d547c7dbe1366c5ae6c60c11516e4550b8 SHA1 (patch-ao) = 1ef48142acd8b591b11013b46048d9145f235843 SHA1 (patch-ap) = 8fbfecdb80ee851db569b64201ccd94bd3552a81 -SHA1 (patch-aq) = 10f1964892763e0d1b2345bd053d7929dd4b317e +SHA1 (patch-aq) = 3d13cd79d50b70302d1b6ee598759a51f0b98532 SHA1 (patch-ar) = f132998e3e81f3093f9bddf32fe6dcb40fcfa76f SHA1 (patch-at) = 9d66115cc561c99dcc3478678aa286c1c0c3df6b -SHA1 (patch-au) = d0a234efabe7d6a1f2b1dcbf26780fdc6b452214 -SHA1 (patch-ba) = c9b88da8efc334771eff578585e2e9e7e21a0634 -SHA1 (patch-bb) = 89829819c5a38f3bbd8be1737568f87b9ffbd598 -SHA1 (patch-bc) = e72dc346087f78760e623344e9eff147283c202c -SHA1 (patch-bd) = f760e4995888e22997d27598872fcf25cb89cbfe -SHA1 (patch-be) = ce192dc8ec7b53b691288f1fecc8abbd9b61e9ea -SHA1 (patch-bf) = c0ae4152a0991d1c814462a5a8e925c9a9a6c254 -SHA1 (patch-bg) = 30a6d65a10bc0e6df5229635ad89a27e1093a347 -SHA1 (patch-bh) = 4eee3ae6ff7ea9ca5c599dd782d78fb35a0562f4 -SHA1 (patch-bi) = 735906d3fb35bfe0d3b8d410b3a240e358215e05 -SHA1 (patch-bj) = ee23fac376746e48ee00e73b9ecc688086b7bc98 -SHA1 (patch-bk) = 4af3c66a3f6b773dc5fc14943a36b0906024e885 -SHA1 (patch-bl) = 9a192f5f4afd4296493599414a714bba6085d897 -SHA1 (patch-bm) = bd8a9f5b2cc3909bc69d9b585b42643057dae646 diff --git a/lang/python24/patches/patch-aq b/lang/python24/patches/patch-aq index a309814d7fb..ce4da0e2bc5 100644 --- a/lang/python24/patches/patch-aq +++ b/lang/python24/patches/patch-aq @@ -1,22 +1,22 @@ -$NetBSD: patch-aq,v 1.1 2006/10/11 18:20:37 rillig Exp $ +$NetBSD: patch-aq,v 1.2 2011/04/23 08:53:53 obache Exp $ ---- Tools/faqwiz/move-faqwiz.sh.orig 2006-10-11 20:11:32.000000000 +0200 -+++ Tools/faqwiz/move-faqwiz.sh 2006-10-11 20:12:11.000000000 +0200 +--- Tools/faqwiz/move-faqwiz.sh.orig 2008-11-30 13:33:28.000000000 +0000 ++++ Tools/faqwiz/move-faqwiz.sh @@ -9,7 +9,7 @@ # blackjesus:~> ./move-faqwiz.sh 2\.1 3\.2 # Moving FAQ question 02.001 to 03.002 --if [ x$2 == x ]; then +-if [ x$2 = x ]; then +if [ $# -ne 2 ]; then echo "Need 2 args: original_version final_version." exit 2 fi -@@ -28,7 +28,7 @@ cut_n_pad $1 1 prefix1 - cut_n_pad $1 2 suffix1 - cut_n_pad $2 1 prefix2 - cut_n_pad $2 2 suffix2 --tmpfile=tmp$RANDOM.tmp -+tmpfile=tmp-$$-$RANDOM.tmp - file1=faq$prefix1.$suffix1.htp - file2=faq$prefix2.$suffix2.htp - +@@ -31,7 +31,7 @@ cut_n_pad $2 2 suffix2 + if which tempfile >/dev/null; then + tmpfile=$(tempfile -d .) + elif [ -n "$RANDOM" ]; then +- tmpfile=tmp$RANDOM.tmp ++ tmpfile=tmp-$$-$RANDOM.tmp + else + tmpfile=tmp$$.tmp + fi diff --git a/lang/python24/patches/patch-au b/lang/python24/patches/patch-au deleted file mode 100644 index 7c22037abeb..00000000000 --- a/lang/python24/patches/patch-au +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-au,v 1.1 2008/04/11 10:32:33 drochner Exp $ - ---- Modules/zlibmodule.c.orig 2008-04-11 12:21:45.000000000 +0200 -+++ Modules/zlibmodule.c -@@ -669,6 +669,10 @@ PyZlib_unflush(compobject *self, PyObjec - - if (!PyArg_ParseTuple(args, "|i:flush", &length)) - return NULL; -+ if (length <= 0) { -+ PyErr_SetString(PyExc_ValueError, "length must be greater than zero"); -+ return NULL; -+ } - if (!(retval = PyString_FromStringAndSize(NULL, length))) - return NULL; - diff --git a/lang/python24/patches/patch-ba b/lang/python24/patches/patch-ba deleted file mode 100644 index 3a4c47fe2d4..00000000000 --- a/lang/python24/patches/patch-ba +++ /dev/null @@ -1,25 +0,0 @@ -$NetBSD: patch-ba,v 1.1 2008/08/05 10:13:34 drochner Exp $ - ---- Modules/gcmodule.c.orig 2006-09-28 19:08:01.000000000 +0200 -+++ Modules/gcmodule.c -@@ -1249,7 +1249,10 @@ PyObject * - _PyObject_GC_Malloc(size_t basicsize) - { - PyObject *op; -- PyGC_Head *g = PyObject_MALLOC(sizeof(PyGC_Head) + basicsize); -+ PyGC_Head *g; -+ if (basicsize > INT_MAX - sizeof(PyGC_Head)) -+ return PyErr_NoMemory(); -+ g = PyObject_MALLOC(sizeof(PyGC_Head) + basicsize); - if (g == NULL) - return PyErr_NoMemory(); - g->gc.gc_refs = GC_UNTRACKED; -@@ -1291,6 +1294,8 @@ _PyObject_GC_Resize(PyVarObject *op, int - { - const size_t basicsize = _PyObject_VAR_SIZE(op->ob_type, nitems); - PyGC_Head *g = AS_GC(op); -+ if (basicsize > INT_MAX - sizeof(PyGC_Head)) -+ return (PyVarObject *)PyErr_NoMemory(); - g = PyObject_REALLOC(g, sizeof(PyGC_Head) + basicsize); - if (g == NULL) - return (PyVarObject *)PyErr_NoMemory(); diff --git a/lang/python24/patches/patch-bb b/lang/python24/patches/patch-bb deleted file mode 100644 index 7e6baf459ea..00000000000 --- a/lang/python24/patches/patch-bb +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-bb,v 1.1 2008/08/05 10:13:34 drochner Exp $ - ---- Modules/mmapmodule.c.orig 2008-08-05 12:00:52.000000000 +0200 -+++ Modules/mmapmodule.c -@@ -223,7 +223,7 @@ mmap_read_method(mmap_object *self, - return(NULL); - - /* silently 'adjust' out-of-range requests */ -- if ((self->pos + num_bytes) > self->size) { -+ if (num_bytes > self->size - self->pos) { - num_bytes -= (self->pos+num_bytes) - self->size; - } - result = Py_BuildValue("s#", self->data+self->pos, num_bytes); diff --git a/lang/python24/patches/patch-bc b/lang/python24/patches/patch-bc deleted file mode 100644 index f23f91f370c..00000000000 --- a/lang/python24/patches/patch-bc +++ /dev/null @@ -1,33 +0,0 @@ -$NetBSD: patch-bc,v 1.1 2008/08/05 10:13:34 drochner Exp $ - ---- Modules/stropmodule.c.orig 2008-03-02 20:20:32.000000000 +0100 -+++ Modules/stropmodule.c -@@ -214,6 +214,13 @@ strop_joinfields(PyObject *self, PyObjec - return NULL; - } - slen = PyString_GET_SIZE(item); -+ if (slen > INT_MAX - reslen || -+ seplen > INT_MAX - reslen - seplen) { -+ PyErr_SetString(PyExc_OverflowError, -+ "input too long"); -+ Py_DECREF(res); -+ return NULL; -+ } - while (reslen + slen + seplen >= sz) { - if (_PyString_Resize(&res, sz * 2) < 0) - return NULL; -@@ -251,6 +258,14 @@ strop_joinfields(PyObject *self, PyObjec - return NULL; - } - slen = PyString_GET_SIZE(item); -+ if (slen > INT_MAX - reslen || -+ seplen > INT_MAX - reslen - seplen) { -+ PyErr_SetString(PyExc_OverflowError, -+ "input too long"); -+ Py_DECREF(res); -+ Py_XDECREF(item); -+ return NULL; -+ } - while (reslen + slen + seplen >= sz) { - if (_PyString_Resize(&res, sz * 2) < 0) { - Py_DECREF(item); diff --git a/lang/python24/patches/patch-bd b/lang/python24/patches/patch-bd deleted file mode 100644 index 14abc020380..00000000000 --- a/lang/python24/patches/patch-bd +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-bd,v 1.1 2008/08/05 10:13:34 drochner Exp $ - ---- Objects/bufferobject.c.orig 2008-03-02 20:20:32.000000000 +0100 -+++ Objects/bufferobject.c -@@ -384,6 +384,10 @@ buffer_repeat(PyBufferObject *self, int - count = 0; - if (!get_buf(self, &ptr, &size)) - return NULL; -+ if (count > INT_MAX / size) { -+ PyErr_SetString(PyExc_MemoryError, "result too large"); -+ return NULL; -+ } - ob = PyString_FromStringAndSize(NULL, size * count); - if ( ob == NULL ) - return NULL; diff --git a/lang/python24/patches/patch-be b/lang/python24/patches/patch-be deleted file mode 100644 index f76f00086b2..00000000000 --- a/lang/python24/patches/patch-be +++ /dev/null @@ -1,44 +0,0 @@ -$NetBSD: patch-be,v 1.1 2008/08/05 10:13:34 drochner Exp $ - ---- Objects/stringobject.c.orig 2006-10-06 21:26:14.000000000 +0200 -+++ Objects/stringobject.c -@@ -69,6 +69,11 @@ PyString_FromStringAndSize(const char *s - return (PyObject *)op; - } - -+ if (size > INT_MAX - sizeof(PyStringObject)) { -+ PyErr_SetString(PyExc_OverflowError, "string is too large"); -+ return NULL; -+ } -+ - /* Inline PyObject_NewVar */ - op = (PyStringObject *)PyObject_MALLOC(sizeof(PyStringObject) + size); - if (op == NULL) -@@ -104,7 +109,7 @@ PyString_FromString(const char *str) - - assert(str != NULL); - size = strlen(str); -- if (size > INT_MAX) { -+ if (size > INT_MAX - sizeof(PyStringObject)) { - PyErr_SetString(PyExc_OverflowError, - "string is too long for a Python string"); - return NULL; -@@ -907,7 +912,18 @@ string_concat(register PyStringObject *a - Py_INCREF(a); - return (PyObject *)a; - } -+ /* Check that string sizes are not negative, to prevent an -+ overflow in cases where we are passed incorrectly-created -+ strings with negative lengths (due to a bug in other code). -+ */ - size = a->ob_size + b->ob_size; -+ if (a->ob_size < 0 || b->ob_size < 0 || -+ a->ob_size > INT_MAX - b->ob_size) { -+ PyErr_SetString(PyExc_OverflowError, -+ "strings are too large to concat"); -+ return NULL; -+ } -+ - /* Inline PyObject_NewVar */ - op = (PyStringObject *)PyObject_MALLOC(sizeof(PyStringObject) + size); - if (op == NULL) diff --git a/lang/python24/patches/patch-bf b/lang/python24/patches/patch-bf deleted file mode 100644 index 28e193d7827..00000000000 --- a/lang/python24/patches/patch-bf +++ /dev/null @@ -1,19 +0,0 @@ -$NetBSD: patch-bf,v 1.1 2008/08/05 10:13:34 drochner Exp $ - ---- Objects/tupleobject.c.orig 2006-03-17 20:04:15.000000000 +0100 -+++ Objects/tupleobject.c -@@ -60,11 +60,12 @@ PyTuple_New(register int size) - int nbytes = size * sizeof(PyObject *); - /* Check for overflow */ - if (nbytes / sizeof(PyObject *) != (size_t)size || -- (nbytes += sizeof(PyTupleObject) - sizeof(PyObject *)) -- <= 0) -+ (nbytes > INT_MAX - sizeof(PyTupleObject) - sizeof(PyObject *))) - { - return PyErr_NoMemory(); - } -+ nbytes += sizeof(PyTupleObject) - sizeof(PyObject *); -+ - op = PyObject_GC_NewVar(PyTupleObject, &PyTuple_Type, size); - if (op == NULL) - return NULL; diff --git a/lang/python24/patches/patch-bg b/lang/python24/patches/patch-bg deleted file mode 100644 index 17dea7b6f6d..00000000000 --- a/lang/python24/patches/patch-bg +++ /dev/null @@ -1,114 +0,0 @@ -$NetBSD: patch-bg,v 1.1 2008/08/05 10:13:34 drochner Exp $ - ---- Objects/unicodeobject.c.orig 2006-10-05 20:08:58.000000000 +0200 -+++ Objects/unicodeobject.c -@@ -186,6 +186,11 @@ PyUnicodeObject *_PyUnicode_New(int leng - return unicode_empty; - } - -+ /* Ensure we won't overflow the size. */ -+ if (length > ((INT_MAX / sizeof(Py_UNICODE)) - 1)) { -+ return (PyUnicodeObject *)PyErr_NoMemory(); -+ } -+ - /* Unicode freelist & memory allocation */ - if (unicode_freelist) { - unicode = unicode_freelist; -@@ -1040,6 +1045,9 @@ PyObject *PyUnicode_EncodeUTF7(const Py_ - char * out; - char * start; - -+ if (cbAllocated / 5 != size) -+ return PyErr_NoMemory(); -+ - if (size == 0) - return PyString_FromStringAndSize(NULL, 0); - -@@ -1638,6 +1646,7 @@ PyUnicode_EncodeUTF16(const Py_UNICODE * - { - PyObject *v; - unsigned char *p; -+ int nsize, bytesize; - #ifdef Py_UNICODE_WIDE - int i, pairs; - #else -@@ -1662,8 +1671,15 @@ PyUnicode_EncodeUTF16(const Py_UNICODE * - if (s[i] >= 0x10000) - pairs++; - #endif -- v = PyString_FromStringAndSize(NULL, -- 2 * (size + pairs + (byteorder == 0))); -+ /* 2 * (size + pairs + (byteorder == 0)) */ -+ if (size > INT_MAX || -+ size > INT_MAX - pairs - (byteorder == 0)) -+ return PyErr_NoMemory(); -+ nsize = (size + pairs + (byteorder == 0)); -+ bytesize = nsize * 2; -+ if (bytesize / 2 != nsize) -+ return PyErr_NoMemory(); -+ v = PyString_FromStringAndSize(NULL, bytesize); - if (v == NULL) - return NULL; - -@@ -1977,6 +1993,11 @@ PyObject *unicodeescape_string(const Py_ - char *p; - - static const char *hexdigit = "0123456789abcdef"; -+#ifdef Py_UNICODE_WIDE -+ const int expandsize = 10; -+#else -+ const int expandsize = 6; -+#endif - - /* Initial allocation is based on the longest-possible unichr - escape. -@@ -1992,13 +2013,12 @@ PyObject *unicodeescape_string(const Py_ - escape. - */ - -+ if (size > (INT_MAX - 2 - 1) / expandsize) -+ return PyErr_NoMemory(); -+ - repr = PyString_FromStringAndSize(NULL, - 2 --#ifdef Py_UNICODE_WIDE -- + 10*size --#else -- + 6*size --#endif -+ + expandsize*size - + 1); - if (repr == NULL) - return NULL; -@@ -2239,12 +2259,16 @@ PyObject *PyUnicode_EncodeRawUnicodeEsca - char *q; - - static const char *hexdigit = "0123456789abcdef"; -- - #ifdef Py_UNICODE_WIDE -- repr = PyString_FromStringAndSize(NULL, 10 * size); -+ const int expandsize = 10; - #else -- repr = PyString_FromStringAndSize(NULL, 6 * size); -+ const int expandsize = 6; - #endif -+ -+ if (size > INT_MAX / expandsize) -+ return PyErr_NoMemory(); -+ -+ repr = PyString_FromStringAndSize(NULL, expandsize * size); - if (repr == NULL) - return NULL; - if (size == 0) -@@ -4289,6 +4313,11 @@ PyUnicodeObject *pad(PyUnicodeObject *se - return self; - } - -+ if (left > INT_MAX - self->length || -+ right > INT_MAX - (left + self->length)) { -+ PyErr_SetString(PyExc_OverflowError, "padded string is too long"); -+ return NULL; -+ } - u = _PyUnicode_New(left + self->length + right); - if (u) { - if (left) diff --git a/lang/python24/patches/patch-bh b/lang/python24/patches/patch-bh deleted file mode 100644 index 51ffc629d48..00000000000 --- a/lang/python24/patches/patch-bh +++ /dev/null @@ -1,60 +0,0 @@ -$NetBSD: patch-bh,v 1.1 2008/08/05 10:45:45 drochner Exp $ - ---- Include/pymem.h.orig 2008-03-02 20:20:32.000000000 +0100 -+++ Include/pymem.h -@@ -66,8 +66,12 @@ PyAPI_FUNC(void) PyMem_Free(void *); - for malloc(0), which would be treated as an error. Some platforms - would return a pointer with no memory behind it, which would break - pymalloc. To solve these problems, allocate an extra byte. */ --#define PyMem_MALLOC(n) malloc((n) ? (n) : 1) --#define PyMem_REALLOC(p, n) realloc((p), (n) ? (n) : 1) -+/* Returns NULL to indicate error if a negative size or size larger than -+ Py_ssize_t can represent is supplied. Helps prevents security holes. */ -+#define PyMem_MALLOC(n) (((n) < 0 || (n) > INT_MAX) ? NULL \ -+ : malloc((n) ? (n) : 1)) -+#define PyMem_REALLOC(p, n) (((n) < 0 || (n) > INT_MAX) ? NULL \ -+ : realloc((p), (n) ? (n) : 1)) - - #endif /* PYMALLOC_DEBUG */ - -@@ -80,24 +84,31 @@ PyAPI_FUNC(void) PyMem_Free(void *); - * Type-oriented memory interface - * ============================== - * -- * These are carried along for historical reasons. There's rarely a good -- * reason to use them anymore (you can just as easily do the multiply and -- * cast yourself). -+ * Allocate memory for n objects of the given type. Returns a new pointer -+ * or NULL if the request was too large or memory allocation failed. Use -+ * these macros rather than doing the multiplication yourself so that proper -+ * overflow checking is always done. - */ - - #define PyMem_New(type, n) \ -- ( assert((n) <= PY_SIZE_MAX / sizeof(type)) , \ -+ ( ((n) > INT_MAX / sizeof(type)) ? NULL : \ - ( (type *) PyMem_Malloc((n) * sizeof(type)) ) ) - #define PyMem_NEW(type, n) \ -- ( assert((n) <= PY_SIZE_MAX / sizeof(type)) , \ -+ ( ((n) > INT_MAX / sizeof(type)) ? NULL : \ - ( (type *) PyMem_MALLOC((n) * sizeof(type)) ) ) - -+/* -+ * The value of (p) is always clobbered by this macro regardless of success. -+ * The caller MUST check if (p) is NULL afterwards and deal with the memory -+ * error if so. This means the original value of (p) MUST be saved for the -+ * caller's memory error handler to not lose track of it. -+ */ - #define PyMem_Resize(p, type, n) \ -- ( assert((n) <= PY_SIZE_MAX / sizeof(type)) , \ -- ( (p) = (type *) PyMem_Realloc((p), (n) * sizeof(type)) ) ) -+ ( (p) = ((n) > INT_MAX / sizeof(type)) ? NULL : \ -+ (type *) PyMem_Realloc((p), (n) * sizeof(type)) ) - #define PyMem_RESIZE(p, type, n) \ -- ( assert((n) <= PY_SIZE_MAX / sizeof(type)) , \ -- ( (p) = (type *) PyMem_REALLOC((p), (n) * sizeof(type)) ) ) -+ ( (p) = ((n) > INT_MAX / sizeof(type)) ? NULL : \ -+ (type *) PyMem_REALLOC((p), (n) * sizeof(type)) ) - - /* In order to avoid breaking old code mixing PyObject_{New, NEW} with - PyMem_{Del, DEL} and PyMem_{Free, FREE}, the PyMem "release memory" diff --git a/lang/python24/patches/patch-bi b/lang/python24/patches/patch-bi deleted file mode 100644 index cb4d2c5e95d..00000000000 --- a/lang/python24/patches/patch-bi +++ /dev/null @@ -1,16 +0,0 @@ -$NetBSD: patch-bi,v 1.1 2008/08/05 10:45:45 drochner Exp $ - ---- Modules/almodule.c.orig 2006-09-27 21:17:32.000000000 +0200 -+++ Modules/almodule.c -@@ -1633,9 +1633,11 @@ al_QueryValues(PyObject *self, PyObject - if (nvals < 0) - goto cleanup; - if (nvals > setsize) { -+ ALvalue *old_return_set = return_set; - setsize = nvals; - PyMem_RESIZE(return_set, ALvalue, setsize); - if (return_set == NULL) { -+ return_set = old_return_set; - PyErr_NoMemory(); - goto cleanup; - } diff --git a/lang/python24/patches/patch-bj b/lang/python24/patches/patch-bj deleted file mode 100644 index 6bf08ba39f6..00000000000 --- a/lang/python24/patches/patch-bj +++ /dev/null @@ -1,35 +0,0 @@ -$NetBSD: patch-bj,v 1.1 2008/08/05 10:45:45 drochner Exp $ - ---- Modules/arraymodule.c.orig 2008-03-02 20:20:32.000000000 +0100 -+++ Modules/arraymodule.c -@@ -814,6 +814,7 @@ static int - array_do_extend(arrayobject *self, PyObject *bb) - { - int size; -+ char *old_item; - - if (!array_Check(bb)) - return array_iter_extend(self, bb); -@@ -829,10 +830,11 @@ array_do_extend(arrayobject *self, PyObj - return -1; - } - size = self->ob_size + b->ob_size; -+ old_item = self->ob_item; - PyMem_RESIZE(self->ob_item, char, size*self->ob_descr->itemsize); - if (self->ob_item == NULL) { -- PyObject_Del(self); -- PyErr_NoMemory(); -+ self->ob_item = old_item; -+ PyErr_NoMemory(); - return -1; - } - memcpy(self->ob_item + self->ob_size*self->ob_descr->itemsize, -@@ -884,7 +886,7 @@ array_inplace_repeat(arrayobject *self, - if (size > INT_MAX / n) { - return PyErr_NoMemory(); - } -- PyMem_Resize(items, char, n * size); -+ PyMem_RESIZE(items, char, n * size); - if (items == NULL) - return PyErr_NoMemory(); - p = items; diff --git a/lang/python24/patches/patch-bk b/lang/python24/patches/patch-bk deleted file mode 100644 index 85c60356c3a..00000000000 --- a/lang/python24/patches/patch-bk +++ /dev/null @@ -1,18 +0,0 @@ -$NetBSD: patch-bk,v 1.1 2008/08/05 10:45:45 drochner Exp $ - ---- Modules/selectmodule.c.orig 2006-09-27 21:17:32.000000000 +0200 -+++ Modules/selectmodule.c -@@ -342,10 +342,12 @@ update_ufd_array(pollObject *self) - { - int i, pos; - PyObject *key, *value; -+ struct pollfd *old_ufds = self->ufds; - - self->ufd_len = PyDict_Size(self->dict); -- PyMem_Resize(self->ufds, struct pollfd, self->ufd_len); -+ PyMem_RESIZE(self->ufds, struct pollfd, self->ufd_len); - if (self->ufds == NULL) { -+ self->ufds = old_ufds; - PyErr_NoMemory(); - return 0; - } diff --git a/lang/python24/patches/patch-bl b/lang/python24/patches/patch-bl deleted file mode 100644 index 8abfc2f0854..00000000000 --- a/lang/python24/patches/patch-bl +++ /dev/null @@ -1,36 +0,0 @@ -$NetBSD: patch-bl,v 1.1 2008/08/05 10:45:46 drochner Exp $ - ---- Objects/obmalloc.c.orig 2005-07-11 07:57:11.000000000 +0200 -+++ Objects/obmalloc.c -@@ -585,6 +585,15 @@ PyObject_Malloc(size_t nbytes) - uint size; - - /* -+ * Limit ourselves to INT_MAX bytes to prevent security holes. -+ * Most python internals blindly use a signed Py_ssize_t to track -+ * things without checking for overflows or negatives. -+ * As size_t is unsigned, checking for nbytes < 0 is not required. -+ */ -+ if (nbytes > INT_MAX) -+ return NULL; -+ -+ /* - * This implicitly redirects malloc(0). - */ - if ((nbytes - 1) < SMALL_REQUEST_THRESHOLD) { -@@ -814,6 +823,15 @@ PyObject_Realloc(void *p, size_t nbytes) - if (p == NULL) - return PyObject_Malloc(nbytes); - -+ /* -+ * Limit ourselves to INT_MAX bytes to prevent security holes. -+ * Most python internals blindly use a signed Py_ssize_t to track -+ * things without checking for overflows or negatives. -+ * As size_t is unsigned, checking for nbytes < 0 is not required. -+ */ -+ if (nbytes > INT_MAX) -+ return NULL; -+ - pool = POOL_ADDR(p); - if (Py_ADDRESS_IN_RANGE(p, pool)) { - /* We're in charge of this block */ diff --git a/lang/python24/patches/patch-bm b/lang/python24/patches/patch-bm deleted file mode 100644 index 2c1de4873a1..00000000000 --- a/lang/python24/patches/patch-bm +++ /dev/null @@ -1,57 +0,0 @@ -$NetBSD: patch-bm,v 1.1 2008/08/07 11:20:18 drochner Exp $ - ---- Python/mysnprintf.c.orig 2001-12-21 17:32:15.000000000 +0100 -+++ Python/mysnprintf.c -@@ -54,18 +54,28 @@ int - PyOS_vsnprintf(char *str, size_t size, const char *format, va_list va) - { - int len; /* # bytes written, excluding \0 */ --#ifndef HAVE_SNPRINTF -+#ifdef HAVE_SNPRINTF -+#define _PyOS_vsnprintf_EXTRA_SPACE 1 -+#else -+#define _PyOS_vsnprintf_EXTRA_SPACE 512 - char *buffer; - #endif - assert(str != NULL); - assert(size > 0); - assert(format != NULL); -+ /* We take a size_t as input but return an int. Sanity check -+ * our input so that it won't cause an overflow in the -+ * vsnprintf return value or the buffer malloc size. */ -+ if (size > INT_MAX - _PyOS_vsnprintf_EXTRA_SPACE) { -+ len = -666; -+ goto Done; -+ } - - #ifdef HAVE_SNPRINTF - len = vsnprintf(str, size, format, va); - #else - /* Emulate it. */ -- buffer = PyMem_MALLOC(size + 512); -+ buffer = PyMem_MALLOC(size + _PyOS_vsnprintf_EXTRA_SPACE); - if (buffer == NULL) { - len = -666; - goto Done; -@@ -75,7 +85,7 @@ PyOS_vsnprintf(char *str, size_t size, c - if (len < 0) - /* ignore the error */; - -- else if ((size_t)len >= size + 512) -+ else if ((size_t)len >= size + _PyOS_vsnprintf_EXTRA_SPACE) - Py_FatalError("Buffer overflow in PyOS_snprintf/PyOS_vsnprintf"); - - else { -@@ -86,8 +96,10 @@ PyOS_vsnprintf(char *str, size_t size, c - str[to_copy] = '\0'; - } - PyMem_FREE(buffer); --Done: - #endif -- str[size-1] = '\0'; -+Done: -+ if (size > 0) -+ str[size-1] = '\0'; - return len; -+#undef _PyOS_vsnprintf_EXTRA_SPACE - } |