From 9d89f109e71fe31216a281b47a2c415b5b610281 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Fri, 27 Mar 2020 14:36:23 +0100
Subject: [PATCH] Prevent from an integer overflow in POSIX::SigSet()

---
 ...calls-to-sigaddset-in-POSIX-SigSet-n.patch | 86 +++++++++++++++++++
 perl.spec                                     |  6 ++
 2 files changed, 92 insertions(+)
 create mode 100644 perl-5.31.7-error-check-the-calls-to-sigaddset-in-POSIX-SigSet-n.patch

diff --git a/perl-5.31.7-error-check-the-calls-to-sigaddset-in-POSIX-SigSet-n.patch b/perl-5.31.7-error-check-the-calls-to-sigaddset-in-POSIX-SigSet-n.patch
new file mode 100644
index 0000000..b5914b3
--- /dev/null
+++ b/perl-5.31.7-error-check-the-calls-to-sigaddset-in-POSIX-SigSet-n.patch
@@ -0,0 +1,86 @@
+From 3a5c73f344d9d5d89b2881b2c3569cac3ca89ad9 Mon Sep 17 00:00:00 2001
+From: Tony Cook <tony@develop-help.com>
+Date: Mon, 25 Nov 2019 09:27:16 +1100
+Subject: [PATCH] error check the calls to sigaddset in POSIX::SigSet->new
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Coverity complained that SvIV() could return negative numbers,
+but doesn't complain about the similar call in the sigaddset()
+method, which is error checked.
+
+So error check sigaddset() and throw an error if it fails.
+
+CID 244386.
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ ext/POSIX/POSIX.xs      |  7 +++++--
+ ext/POSIX/lib/POSIX.pod |  3 +++
+ ext/POSIX/t/sigset.t    | 19 +++++++++++++++++++
+ 3 files changed, 27 insertions(+), 2 deletions(-)
+
+diff --git a/ext/POSIX/POSIX.xs b/ext/POSIX/POSIX.xs
+index 42c4d0f4b5..03342c3ea4 100644
+--- a/ext/POSIX/POSIX.xs
++++ b/ext/POSIX/POSIX.xs
+@@ -1844,8 +1844,11 @@ new(packname = "POSIX::SigSet", ...)
+ 					       sizeof(sigset_t),
+ 					       packname);
+ 	    sigemptyset(s);
+-	    for (i = 1; i < items; i++)
+-		sigaddset(s, SvIV(ST(i)));
++	    for (i = 1; i < items; i++) {
++                IV sig = SvIV(ST(i));
++		if (sigaddset(s, sig) < 0)
++                    croak("POSIX::Sigset->new: failed to add signal %" IVdf, sig);
++            }
+ 	    XSRETURN(1);
+ 	}
+ 
+diff --git a/ext/POSIX/lib/POSIX.pod b/ext/POSIX/lib/POSIX.pod
+index 10e12e88db..923198477d 100644
+--- a/ext/POSIX/lib/POSIX.pod
++++ b/ext/POSIX/lib/POSIX.pod
+@@ -2267,6 +2267,9 @@ Create a set with C<SIGUSR1>.
+ 
+ 	$sigset = POSIX::SigSet->new( &POSIX::SIGUSR1 );
+ 
++Throws an error if any of the signals supplied cannot be added to the
++set.
++
+ =item C<addset>
+ 
+ Add a signal to a SigSet object.
+diff --git a/ext/POSIX/t/sigset.t b/ext/POSIX/t/sigset.t
+index e65e4076b4..807aa3a1fd 100644
+--- a/ext/POSIX/t/sigset.t
++++ b/ext/POSIX/t/sigset.t
+@@ -93,4 +93,23 @@ foreach ([$signo[0]],
+     expected_signals($sigset, "new(@$_)", @$_);
+ }
+ 
++SKIP:
++{
++    # CID 244386
++    # linux and freebsd do validate for positive and very large signal numbers
++    # darwin uses a macro that simply ignores large signals and shifts by
++    # a negative number for negative signals, always succeeding
++    #
++    # since the idea is to validate our code rather than the implementation
++    # of sigaddset, just test the platforms we know can fail
++    skip "Not all systems validate the signal number", 2
++      unless $^O =~ /^(linux|freebsd)$/;
++    my $badsig = -1;
++    note "badsig $badsig";
++    ok(!eval{ POSIX::SigSet->new($badsig); 1 },
++       "POSIX::SigSet->new should throw on large signal number");
++    like($@."", qr/POSIX::Sigset->new: failed to add signal $badsig/,
++         "check message");
++}
++
+ done_testing();
+-- 
+2.21.1
+
diff --git a/perl.spec b/perl.spec
index 7da2701..06b103d 100644
--- a/perl.spec
+++ b/perl.spec
@@ -303,6 +303,9 @@ Patch72:        perl-5.31.6-PATCH-GH-17081-Workaround-glibc-bug-with-LC_MESSAGES
 # Fix POSIX:setlocale() documentation, in upstream after 5.31.7
 Patch73:        perl-5.31.7-POSIX.pod-Update-setlocale-docs.patch
 
+# Prevent from an integer overflow in POSIX::SigSet(), in upstream after 5.31.7
+Patch74:        perl-5.31.7-error-check-the-calls-to-sigaddset-in-POSIX-SigSet-n.patch
+
 # Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
 Patch200:       perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
 
@@ -4362,6 +4365,7 @@ you're not running VMS, this module does nothing.
 %patch71 -p1
 %patch72 -p1
 %patch73 -p1
+%patch74 -p1
 %patch200 -p1
 %patch201 -p1
 
@@ -4428,6 +4432,7 @@ perl -x patchlevel.h \
     'Fedora Patch71: Fix a buffer overread when parsing a number (GH#17279)' \
     'Fedora Patch72: Work around a glibc bug in caching LC_MESSAGES (GH#17081)' \
     'Fedora Patch73: Fix POSIX:setlocale() documentation' \
+    'Fedora Patch74: Prevent from an integer overflow in POSIX::SigSet()' \
     'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
     'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
     %{nil}
@@ -7189,6 +7194,7 @@ popd
 - Fix a directory ownership in perl-Sys-Hostname
 - Work around a glibc bug in caching LC_MESSAGES (GH#17081)
 - Fix POSIX:setlocale() documentation
+- Prevent from an integer overflow in POSIX::SigSet()
 
 * Mon Mar 16 2020 Jitka Plesnikova <jplesnik@redhat.com> - 4:5.30.2-452
 - 5.30.2 bump (see <https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod>