kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add fix for CVE-2010-2089 taken from Red Hat's Bugzilla database.

Browse source
This commit is contained in:
tron 2010-06-29 08:15:42 +00:00
parent 3323b11f46
commit e9ab7bd256
3 changed files with 330 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
lang/python26/Makefile
View file

@ -1,7 +1,8 @@
# $NetBSD: Makefile,v 1.23 2010/05/02 14:09:11 wiz Exp $
# $NetBSD: Makefile,v 1.24 2010/06/29 08:15:42 tron Exp $
DISTNAME= Python-2.6.5
PKGNAME= ${DISTNAME:S/Python/python26/}
PKGREVISION= 1
CATEGORIES= lang python
MASTER_SITES= http://www.python.org/ftp/python/2.6.5/
EXTRACT_SUFX= .tar.bz2

3
lang/python26/distinfo
View file

@ -1,4 +1,4 @@
$NetBSD: distinfo,v 1.21 2010/05/02 14:09:11 wiz Exp $
$NetBSD: distinfo,v 1.22 2010/06/29 08:15:42 tron Exp $
SHA1 (Python-2.6.5.tar.bz2) = 24c94f5428a8c94c9d0b316e3019fee721fdb5d1
RMD160 (Python-2.6.5.tar.bz2) = 909c6a13749396f2b19fed51821d3e2577b2833b
@ -8,6 +8,7 @@ SHA1 (patch-ab) = d35025df83e70d129f9fbcd277652b0eea83b026
SHA1 (patch-ac) = 858580a4e5c7474127eafb27bdfa96dc96cafad5
SHA1 (patch-ad) = a997e39d16a8f0023125362b180d19ee97ab519b
SHA1 (patch-ae) = 5425515c6bf130eee204ca2749386f6447eaa35b
SHA1 (patch-af) = 42a93a321f6f480133513082c54bcab30e91445f
SHA1 (patch-ah) = f973ac5a82ba5c665d2ec4b0f6130e903b5a5d7c
SHA1 (patch-al) = d753e00ab65564a08988f7934870716aca9b02a9
SHA1 (patch-am) = 77f8ca811777d53d7a1972c177e59568dc49651b

326
lang/python26/patches/patch-af Normal file
View file

@ -0,0 +1,326 @@
$NetBSD: patch-af,v 1.1 2010/06/29 08:15:42 tron Exp $
Fix for the memory corruption caused by the "audioop" module reported
in CVE-2010-2089. Patch taken from here:
https://bugzilla.redhat.com/attachment.cgi?id=418359&action=diff
--- Modules/audioop.c.orig 2010-06-29 09:09:00.000000000 +0100
+++ Modules/audioop.c 2010-06-29 09:09:00.000000000 +0100
@@ -295,6 +295,29 @@
static PyObject *AudioopError;
+static int
+audioop_check_size(int size)
+{
+ if ( size != 1 && size != 2 && size != 4 ) {
+ PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
+ return 0;
+ } else {
+ return 1;
+ }
+}
+
+static int
+audioop_check_parameters(int len, int size)
+{
+ if (!audioop_check_size(size))
+ return 0;
+ if ( len % size != 0 ) {
+ PyErr_SetString(AudioopError, "not a whole number of frames");
+ return 0;
+ }
+ return 1;
+}
+
static PyObject *
audioop_getsample(PyObject *self, PyObject *args)
{
@@ -304,10 +327,8 @@
if ( !PyArg_ParseTuple(args, "s#ii:getsample", &cp, &len, &size, &i) )
return 0;
- if ( size != 1 && size != 2 && size != 4 ) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
if ( i < 0 || i >= len/size ) {
PyErr_SetString(AudioopError, "Index out of range");
return 0;
@@ -328,10 +349,8 @@
if ( !PyArg_ParseTuple(args, "s#i:max", &cp, &len, &size) )
return 0;
- if ( size != 1 && size != 2 && size != 4 ) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
for ( i=0; i<len; i+= size) {
if ( size == 1 ) val = (int)*CHARP(cp, i);
else if ( size == 2 ) val = (int)*SHORTP(cp, i);
@@ -352,10 +371,8 @@
if (!PyArg_ParseTuple(args, "s#i:minmax", &cp, &len, &size))
return NULL;
- if (size != 1 && size != 2 && size != 4) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
+ if (!audioop_check_parameters(len, size))
return NULL;
- }
for (i = 0; i < len; i += size) {
if (size == 1) val = (int) *CHARP(cp, i);
else if (size == 2) val = (int) *SHORTP(cp, i);
@@ -376,10 +393,8 @@
if ( !PyArg_ParseTuple(args, "s#i:avg", &cp, &len, &size) )
return 0;
- if ( size != 1 && size != 2 && size != 4 ) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
for ( i=0; i<len; i+= size) {
if ( size == 1 ) val = (int)*CHARP(cp, i);
else if ( size == 2 ) val = (int)*SHORTP(cp, i);
@@ -403,10 +418,8 @@
if ( !PyArg_ParseTuple(args, "s#i:rms", &cp, &len, &size) )
return 0;
- if ( size != 1 && size != 2 && size != 4 ) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
for ( i=0; i<len; i+= size) {
if ( size == 1 ) val = (int)*CHARP(cp, i);
else if ( size == 2 ) val = (int)*SHORTP(cp, i);
@@ -614,10 +627,8 @@
if ( !PyArg_ParseTuple(args, "s#i:avgpp", &cp, &len, &size) )
return 0;
- if ( size != 1 && size != 2 && size != 4 ) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
/* Compute first delta value ahead. Also automatically makes us
** skip the first extreme value
*/
@@ -671,10 +682,8 @@
if ( !PyArg_ParseTuple(args, "s#i:maxpp", &cp, &len, &size) )
return 0;
- if ( size != 1 && size != 2 && size != 4 ) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
/* Compute first delta value ahead. Also automatically makes us
** skip the first extreme value
*/
@@ -722,10 +731,8 @@
if ( !PyArg_ParseTuple(args, "s#i:cross", &cp, &len, &size) )
return 0;
- if ( size != 1 && size != 2 && size != 4 ) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
ncross = -1;
prevval = 17; /* Anything <> 0,1 */
for ( i=0; i<len; i+= size) {
@@ -750,6 +757,8 @@
if ( !PyArg_ParseTuple(args, "s#id:mul", &cp, &len, &size, &factor ) )
return 0;
+ if (!audioop_check_parameters(len, size))
+ return NULL;
if ( size == 1 ) maxval = (double) 0x7f;
else if ( size == 2 ) maxval = (double) 0x7fff;
@@ -792,6 +801,12 @@
if ( !PyArg_ParseTuple(args, "s#idd:tomono",
&cp, &len, &size, &fac1, &fac2 ) )
return 0;
+ if (!audioop_check_parameters(len, size))
+ return NULL;
+ if ( ((len / size) & 1) != 0 ) {
+ PyErr_SetString(AudioopError, "not a whole number of frames");
+ return NULL;
+ }
if ( size == 1 ) maxval = (double) 0x7f;
else if ( size == 2 ) maxval = (double) 0x7fff;
@@ -837,6 +852,8 @@
if ( !PyArg_ParseTuple(args, "s#idd:tostereo",
&cp, &len, &size, &fac1, &fac2 ) )
return 0;
+ if (!audioop_check_parameters(len, size))
+ return NULL;
if ( size == 1 ) maxval = (double) 0x7f;
else if ( size == 2 ) maxval = (double) 0x7fff;
@@ -896,7 +913,8 @@
if ( !PyArg_ParseTuple(args, "s#s#i:add",
&cp1, &len1, &cp2, &len2, &size ) )
return 0;
-
+ if (!audioop_check_parameters(len1, size))
+ return NULL;
if ( len1 != len2 ) {
PyErr_SetString(AudioopError, "Lengths should be the same");
return 0;
@@ -950,11 +968,8 @@
if ( !PyArg_ParseTuple(args, "s#ii:bias",
&cp, &len, &size , &bias) )
return 0;
-
- if ( size != 1 && size != 2 && size != 4) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
rv = PyString_FromStringAndSize(NULL, len);
if ( rv == 0 )
@@ -986,12 +1001,9 @@
if ( !PyArg_ParseTuple(args, "s#i:reverse",
&cp, &len, &size) )
return 0;
+ if (!audioop_check_parameters(len, size))
+ return NULL;
- if ( size != 1 && size != 2 && size != 4 ) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
-
rv = PyString_FromStringAndSize(NULL, len);
if ( rv == 0 )
return 0;
@@ -1023,12 +1035,10 @@
if ( !PyArg_ParseTuple(args, "s#ii:lin2lin",
&cp, &len, &size, &size2) )
return 0;
-
- if ( (size != 1 && size != 2 && size != 4) ||
- (size2 != 1 && size2 != 2 && size2 != 4)) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
+ if (!audioop_check_size(size2))
+ return NULL;
new_len = (len/size)*size2;
if (new_len < 0) {
@@ -1080,10 +1090,8 @@
&nchannels, &inrate, &outrate, &state,
&weightA, &weightB))
return NULL;
- if (size != 1 && size != 2 && size != 4) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
+ if (!audioop_check_size(size))
return NULL;
- }
if (nchannels < 1) {
PyErr_SetString(AudioopError, "# of channels should be >= 1");
return NULL;
@@ -1269,11 +1277,8 @@
if ( !PyArg_ParseTuple(args, "s#i:lin2ulaw",
&cp, &len, &size) )
return 0 ;
-
- if ( size != 1 && size != 2 && size != 4) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
rv = PyString_FromStringAndSize(NULL, len/size);
if ( rv == 0 )
@@ -1303,11 +1308,8 @@
if ( !PyArg_ParseTuple(args, "s#i:ulaw2lin",
&cp, &len, &size) )
return 0;
-
- if ( size != 1 && size != 2 && size != 4) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_size(size))
+ return NULL;
new_len = len*size;
if (new_len < 0) {
@@ -1343,11 +1345,8 @@
if ( !PyArg_ParseTuple(args, "s#i:lin2alaw",
&cp, &len, &size) )
return 0;
-
- if ( size != 1 && size != 2 && size != 4) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
rv = PyString_FromStringAndSize(NULL, len/size);
if ( rv == 0 )
@@ -1377,11 +1376,8 @@
if ( !PyArg_ParseTuple(args, "s#i:alaw2lin",
&cp, &len, &size) )
return 0;
-
- if ( size != 1 && size != 2 && size != 4) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_size(size))
+ return NULL;
new_len = len*size;
if (new_len < 0) {
@@ -1418,12 +1414,8 @@
if ( !PyArg_ParseTuple(args, "s#iO:lin2adpcm",
&cp, &len, &size, &state) )
return 0;
-
-
- if ( size != 1 && size != 2 && size != 4) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_parameters(len, size))
+ return NULL;
str = PyString_FromStringAndSize(NULL, len/(size*2));
if ( str == 0 )
@@ -1526,11 +1518,8 @@
if ( !PyArg_ParseTuple(args, "s#iO:adpcm2lin",
&cp, &len, &size, &state) )
return 0;
-
- if ( size != 1 && size != 2 && size != 4) {
- PyErr_SetString(AudioopError, "Size should be 1, 2 or 4");
- return 0;
- }
+ if (!audioop_check_size(size))
+ return NULL;
/* Decode state, should have (value, step) */
if ( state == Py_None ) {