From 26bede19040fe43794320d41464aac58c1c17c58 Mon Sep 17 00:00:00 2001 From: recht Date: Sat, 1 Oct 2005 19:36:01 +0000 Subject: Add a patch for CAN-2005-2491 (uffer overflow vulnerability in the PCRE library) from ubuntu Linux (via gentoo). For details see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 Bump PKGREVISION's. --- lang/python23-nth/Makefile | 4 +-- lang/python23-nth/distinfo | 5 ++- lang/python23-nth/patches/patch-ea | 12 +++++++ lang/python23-nth/patches/patch-eb | 19 +++++++++++ lang/python23-nth/patches/patch-ec | 69 ++++++++++++++++++++++++++++++++++++++ lang/python23-pth/Makefile | 5 +-- lang/python23/Makefile | 4 +-- lang/python23/distinfo | 5 ++- lang/python23/patches/patch-ea | 12 +++++++ lang/python23/patches/patch-eb | 19 +++++++++++ lang/python23/patches/patch-ec | 69 ++++++++++++++++++++++++++++++++++++++ 11 files changed, 215 insertions(+), 8 deletions(-) create mode 100644 lang/python23-nth/patches/patch-ea create mode 100644 lang/python23-nth/patches/patch-eb create mode 100644 lang/python23-nth/patches/patch-ec create mode 100644 lang/python23/patches/patch-ea create mode 100644 lang/python23/patches/patch-eb create mode 100644 lang/python23/patches/patch-ec diff --git a/lang/python23-nth/Makefile b/lang/python23-nth/Makefile index 4b581ca4aa1..adac92e966e 100644 --- a/lang/python23-nth/Makefile +++ b/lang/python23-nth/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.5 2005/07/03 19:49:06 recht Exp $ +# $NetBSD: Makefile,v 1.6 2005/10/01 19:36:01 recht Exp $ # PKGNAME= python23-nth-2.3.5 -PKGREVISION= 1 +PKGREVISION= 2 CONFLICTS+= python-[0-9]* diff --git a/lang/python23-nth/distinfo b/lang/python23-nth/distinfo index afbf773025b..a793927bae9 100644 --- a/lang/python23-nth/distinfo +++ b/lang/python23-nth/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.5 2005/06/30 03:12:42 minskim Exp $ +$NetBSD: distinfo,v 1.6 2005/10/01 19:36:01 recht Exp $ SHA1 (Python-2.3.5.tgz) = 2729d068f5d1abe7b743f32012d4f7c4b0508a3c RMD160 (Python-2.3.5.tgz) = 2104a393ca7c91b72b990ced53a0da752ccf42ef @@ -17,3 +17,6 @@ SHA1 (patch-ca) = 95f5a515fe3dafd75d077e0591e88a34447152ff SHA1 (patch-cb) = 301205b29db1ca60f06b2dc0423f5f911eabcd18 SHA1 (patch-da) = b082eff79571726701aab53c37d8d53a8115e204 SHA1 (patch-dc) = 3f2f9c37ae7ee35550669a3e517833e68dc0ab61 +SHA1 (patch-ea) = babfed4a0e5ae599441423a06622d4820ab237b1 +SHA1 (patch-eb) = b72694d414b55d11e324cc76d6ed03b7c8e7630c +SHA1 (patch-ec) = 9bec8cc75868ca785810b92ffe60406117bdc3fd diff --git a/lang/python23-nth/patches/patch-ea b/lang/python23-nth/patches/patch-ea new file mode 100644 index 00000000000..b5c47557b5b --- /dev/null +++ b/lang/python23-nth/patches/patch-ea @@ -0,0 +1,12 @@ +$NetBSD: patch-ea,v 1.1 2005/10/01 19:36:01 recht Exp $ + +--- Modules/pcre.h.orig 2000-06-28 22:56:30.000000000 +0200 ++++ Modules/pcre.h 2005-10-01 21:13:56.000000000 +0200 +@@ -40,6 +40,7 @@ + #ifdef FOR_PYTHON + #define PCRE_LOCALE 0x0200 + #endif ++#define PCRE_NO_AUTO_CAPTURE 0x1000 + + /* Exec-time error codes */ + diff --git a/lang/python23-nth/patches/patch-eb b/lang/python23-nth/patches/patch-eb new file mode 100644 index 00000000000..0c88d4339fc --- /dev/null +++ b/lang/python23-nth/patches/patch-eb @@ -0,0 +1,19 @@ +$NetBSD: patch-eb,v 1.1 2005/10/01 19:36:01 recht Exp $ + +--- Modules/pcre-int.h.orig 1998-05-07 17:32:38.000000000 +0200 ++++ Modules/pcre-int.h 2005-10-01 21:13:56.000000000 +0200 +@@ -81,11 +81,12 @@ + #define PUBLIC_OPTIONS \ + (PCRE_CASELESS|PCRE_EXTENDED|PCRE_ANCHORED|PCRE_MULTILINE| \ + PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY| \ +- PCRE_LOCALE) ++ PCRE_NO_AUTO_CAPTURE|PCRE_LOCALE) + #else + #define PUBLIC_OPTIONS \ + (PCRE_CASELESS|PCRE_EXTENDED|PCRE_ANCHORED|PCRE_MULTILINE| \ +- PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY) ++ PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY| \ ++ PCRE_NO_AUTO_CAPTURE) + #endif + #define PUBLIC_EXEC_OPTIONS \ + (PCRE_CASELESS|PCRE_ANCHORED|PCRE_MULTILINE|PCRE_NOTBOL|PCRE_NOTEOL| \ diff --git a/lang/python23-nth/patches/patch-ec b/lang/python23-nth/patches/patch-ec new file mode 100644 index 00000000000..8d4d0cf13b1 --- /dev/null +++ b/lang/python23-nth/patches/patch-ec @@ -0,0 +1,69 @@ +$NetBSD: patch-ec,v 1.1 2005/10/01 19:36:01 recht Exp $ + +--- Modules/pypcre.c.orig 2003-10-20 16:34:47.000000000 +0200 ++++ Modules/pypcre.c 2005-10-01 21:13:56.000000000 +0200 +@@ -1163,14 +1163,31 @@ + int min = 0; + int max = -1; + ++/* Read the minimum value and do a paranoid check: a negative value indicates ++an integer overflow. */ ++ + while ((pcre_ctypes[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0'; + ++if (min < 0 || min > 65535) ++ { ++ *errorptr = ERR5; ++ return p; ++ } ++ ++/* Read the maximum value if there is one, and again do a paranoid on its size ++. Also, max must not be less than min. */ ++ + if (*p == '}') max = min; else + { + if (*(++p) != '}') + { + max = 0; + while((pcre_ctypes[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0'; ++ if (max < 0 || max > 65535) ++ { ++ *errorptr = ERR5; ++ return p; ++ } + if (max < min) + { + *errorptr = ERR4; +@@ -2267,6 +2284,7 @@ + int bracount = 0; + int brastack[200]; + int top_backref = 0; ++BOOL capturing; + unsigned int brastackptr = 0; + uschar *code; + const uschar *ptr; +@@ -2446,6 +2464,7 @@ + /* Brackets may be genuine groups or special things */ + + case '(': ++ capturing = FALSE; + + /* Handle special forms of bracket, which all start (? */ + +@@ -2543,10 +2562,15 @@ + continue; /* End of this bracket handling */ + } + ++ /* Ordinary parentheses, not followed by '?', are capturing unless ++ PCRE_NO_AUTO_CAPTURE is set. */ ++ ++ else capturing = (options & PCRE_NO_AUTO_CAPTURE) == 0; ++ + /* Extracting brackets must be counted so we can process escapes in a + Perlish way. */ + +- else bracount++; ++ if (capturing) bracount++; + + /* Non-special forms of bracket. Save length for computing whole length + at end if there's a repeat that requires duplication of the group. */ diff --git a/lang/python23-pth/Makefile b/lang/python23-pth/Makefile index 8ac241913a4..3be1764a14f 100644 --- a/lang/python23-pth/Makefile +++ b/lang/python23-pth/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.29 2005/07/03 19:49:06 recht Exp $ +# $NetBSD: Makefile,v 1.30 2005/10/01 19:36:01 recht Exp $ # DISTNAME= Python-2.3.5 PKGNAME= python23-pth-2.3.5 +PKGREVISION= 1 CATEGORIES= lang python MASTER_SITES= # empty DISTFILES= # empty @@ -11,7 +12,7 @@ MAINTAINER= recht@NetBSD.org HOMEPAGE= http://www.python.org/ COMMENT= Interpreted, interactive, object-oriented programming language -DEPENDS+= python23>=2.3.4:../../lang/python23 +DEPENDS+= python23>=2.3.5nb3:../../lang/python23 EXTRACT_ONLY= # empty NO_CHECKSUM= yes diff --git a/lang/python23/Makefile b/lang/python23/Makefile index ff484033d47..e875065fd46 100644 --- a/lang/python23/Makefile +++ b/lang/python23/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.29 2005/08/02 05:06:56 kristerw Exp $ +# $NetBSD: Makefile,v 1.30 2005/10/01 19:36:01 recht Exp $ # PKGNAME= python23-2.3.5 -PKGREVISION= 2 +PKGREVISION= 3 CONFLICTS+= python-[0-9]* diff --git a/lang/python23/distinfo b/lang/python23/distinfo index 7d8bc3d6a65..733c95fa92e 100644 --- a/lang/python23/distinfo +++ b/lang/python23/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.33 2005/09/21 09:39:26 joerg Exp $ +$NetBSD: distinfo,v 1.34 2005/10/01 19:36:01 recht Exp $ SHA1 (Python-2.3.5.tgz) = 2729d068f5d1abe7b743f32012d4f7c4b0508a3c RMD160 (Python-2.3.5.tgz) = 2104a393ca7c91b72b990ced53a0da752ccf42ef @@ -18,3 +18,6 @@ SHA1 (patch-cd) = 5e980fcb567dcfc23b1ccac54a2457d5d9dba69a SHA1 (patch-ce) = 6b88d8177d0b1f900ee5898f113eccf8426ea756 SHA1 (patch-da) = b082eff79571726701aab53c37d8d53a8115e204 SHA1 (patch-dc) = 3f2f9c37ae7ee35550669a3e517833e68dc0ab61 +SHA1 (patch-ea) = babfed4a0e5ae599441423a06622d4820ab237b1 +SHA1 (patch-eb) = b72694d414b55d11e324cc76d6ed03b7c8e7630c +SHA1 (patch-ec) = 9bec8cc75868ca785810b92ffe60406117bdc3fd diff --git a/lang/python23/patches/patch-ea b/lang/python23/patches/patch-ea new file mode 100644 index 00000000000..b5c47557b5b --- /dev/null +++ b/lang/python23/patches/patch-ea @@ -0,0 +1,12 @@ +$NetBSD: patch-ea,v 1.1 2005/10/01 19:36:01 recht Exp $ + +--- Modules/pcre.h.orig 2000-06-28 22:56:30.000000000 +0200 ++++ Modules/pcre.h 2005-10-01 21:13:56.000000000 +0200 +@@ -40,6 +40,7 @@ + #ifdef FOR_PYTHON + #define PCRE_LOCALE 0x0200 + #endif ++#define PCRE_NO_AUTO_CAPTURE 0x1000 + + /* Exec-time error codes */ + diff --git a/lang/python23/patches/patch-eb b/lang/python23/patches/patch-eb new file mode 100644 index 00000000000..0c88d4339fc --- /dev/null +++ b/lang/python23/patches/patch-eb @@ -0,0 +1,19 @@ +$NetBSD: patch-eb,v 1.1 2005/10/01 19:36:01 recht Exp $ + +--- Modules/pcre-int.h.orig 1998-05-07 17:32:38.000000000 +0200 ++++ Modules/pcre-int.h 2005-10-01 21:13:56.000000000 +0200 +@@ -81,11 +81,12 @@ + #define PUBLIC_OPTIONS \ + (PCRE_CASELESS|PCRE_EXTENDED|PCRE_ANCHORED|PCRE_MULTILINE| \ + PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY| \ +- PCRE_LOCALE) ++ PCRE_NO_AUTO_CAPTURE|PCRE_LOCALE) + #else + #define PUBLIC_OPTIONS \ + (PCRE_CASELESS|PCRE_EXTENDED|PCRE_ANCHORED|PCRE_MULTILINE| \ +- PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY) ++ PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY| \ ++ PCRE_NO_AUTO_CAPTURE) + #endif + #define PUBLIC_EXEC_OPTIONS \ + (PCRE_CASELESS|PCRE_ANCHORED|PCRE_MULTILINE|PCRE_NOTBOL|PCRE_NOTEOL| \ diff --git a/lang/python23/patches/patch-ec b/lang/python23/patches/patch-ec new file mode 100644 index 00000000000..8d4d0cf13b1 --- /dev/null +++ b/lang/python23/patches/patch-ec @@ -0,0 +1,69 @@ +$NetBSD: patch-ec,v 1.1 2005/10/01 19:36:01 recht Exp $ + +--- Modules/pypcre.c.orig 2003-10-20 16:34:47.000000000 +0200 ++++ Modules/pypcre.c 2005-10-01 21:13:56.000000000 +0200 +@@ -1163,14 +1163,31 @@ + int min = 0; + int max = -1; + ++/* Read the minimum value and do a paranoid check: a negative value indicates ++an integer overflow. */ ++ + while ((pcre_ctypes[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0'; + ++if (min < 0 || min > 65535) ++ { ++ *errorptr = ERR5; ++ return p; ++ } ++ ++/* Read the maximum value if there is one, and again do a paranoid on its size ++. Also, max must not be less than min. */ ++ + if (*p == '}') max = min; else + { + if (*(++p) != '}') + { + max = 0; + while((pcre_ctypes[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0'; ++ if (max < 0 || max > 65535) ++ { ++ *errorptr = ERR5; ++ return p; ++ } + if (max < min) + { + *errorptr = ERR4; +@@ -2267,6 +2284,7 @@ + int bracount = 0; + int brastack[200]; + int top_backref = 0; ++BOOL capturing; + unsigned int brastackptr = 0; + uschar *code; + const uschar *ptr; +@@ -2446,6 +2464,7 @@ + /* Brackets may be genuine groups or special things */ + + case '(': ++ capturing = FALSE; + + /* Handle special forms of bracket, which all start (? */ + +@@ -2543,10 +2562,15 @@ + continue; /* End of this bracket handling */ + } + ++ /* Ordinary parentheses, not followed by '?', are capturing unless ++ PCRE_NO_AUTO_CAPTURE is set. */ ++ ++ else capturing = (options & PCRE_NO_AUTO_CAPTURE) == 0; ++ + /* Extracting brackets must be counted so we can process escapes in a + Perlish way. */ + +- else bracount++; ++ if (capturing) bracount++; + + /* Non-special forms of bracket. Save length for computing whole length + at end if there's a repeat that requires duplication of the group. */ -- cgit v1.2.3