rpms/perl
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Updated upstream patches for CVE-2005-3962: 26322 , 26331, 26333

Browse Source
This commit is contained in:
jvdias 2005-12-14 18:00:31 +00:00
parent ae5aa7ac32
commit c74188fcd2
2 changed files with 78 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
perl-5.8.7-CVE-2005-3962-bz174684.patch
View File

@ -1,5 +1,5 @@
--- perl-5.8.7/t/lib/warnings/sv.CVE-2005-3962-bz174684 2004-03-18 07:51:14.000000000 -0500 --- perl-5.8.7/t/lib/warnings/sv.CVE-2005-3962-bz174684 2004-03-18 07:51:14.000000000 -0500
+++ perl-5.8.7/t/lib/warnings/sv 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/t/lib/warnings/sv 2005-12-14 12:40:55.000000000 -0500
@@ -301,12 +301,12 @@ @@ -301,12 +301,12 @@
printf F "%\x02" ; printf F "%\x02" ;
$a = sprintf "%\x02" ; $a = sprintf "%\x02" ;
@ -17,26 +17,28 @@
# sv.c # sv.c
use warnings 'misc' ; use warnings 'misc' ;
--- perl-5.8.7/t/op/sprintf.t.CVE-2005-3962-bz174684 2003-09-01 03:41:07.000000000 -0400 --- perl-5.8.7/t/op/sprintf.t.CVE-2005-3962-bz174684 2003-09-01 03:41:07.000000000 -0400
+++ perl-5.8.7/t/op/sprintf.t 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/t/op/sprintf.t 2005-12-14 12:53:09.000000000 -0500
@@ -385,3 +385,6 @@ @@ -385,3 +385,8 @@
>%4$K %d< >[45, 67]< >%4$K 45 INVALID< >%4$K %d< >[45, 67]< >%4$K 45 INVALID<
>%d %K %d< >[23, 45]< >23 %K 45 INVALID< >%d %K %d< >[23, 45]< >23 %K 45 INVALID<
>%*v*999\$d %d %d< >[11, 22, 33]< >%*v*999\$d 11 22 INVALID< >%*v*999\$d %d %d< >[11, 22, 33]< >%*v*999\$d 11 22 INVALID<
+>%#b< >0< >0< +>%#b< >0< >0<
+>%#o< >0< >0< +>%#o< >0< >0<
+>%#x< >0< >0< +>%#x< >0< >0<
+>%2918905856$v2d< >''< ><
+>%*2918905856$v2d< >''< > UNINIT<
--- perl-5.8.7/t/op/sprintf2.t.CVE-2005-3962-bz174684 2004-02-09 16:37:13.000000000 -0500 --- perl-5.8.7/t/op/sprintf2.t.CVE-2005-3962-bz174684 2004-02-09 16:37:13.000000000 -0500
+++ perl-5.8.7/t/op/sprintf2.t 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/t/op/sprintf2.t 2005-12-14 12:50:39.000000000 -0500
@@ -6,7 +6,7 @@ @@ -6,7 +6,7 @@
require './test.pl'; require './test.pl';
} }
-plan tests => 3; -plan tests => 3;
+plan tests => 7; +plan tests => 7 + 256;
is( is(
sprintf("%.40g ",0.01), sprintf("%.40g ",0.01),
@@ -26,3 +26,29 @@ @@ -26,3 +26,43 @@
q(width calculation under utf8 upgrade) q(width calculation under utf8 upgrade)
); );
} }
@ -66,8 +68,22 @@
+ is($warn, 36, "expected warnings"); + is($warn, 36, "expected warnings");
+ is($bad, 0, "unexpected warnings"); + is($bad, 0, "unexpected warnings");
+} +}
+{
+ foreach my $ord (0 .. 255) {
+ my $bad = 0;
+ local $SIG{__WARN__} = sub {
+ unless ($_[0] =~ /^Invalid conversion in sprintf/ ||
+ $_[0] =~ /^Use of uninitialized value in sprintf/) {
+ warn $_[0];
+ $bad++;
+ }
+ };
+ my $r = eval {sprintf '%v' . chr $ord};
+ is ($bad, 0, "pattern '%v' . chr $ord");
+ }
+}
--- perl-5.8.7/opcode.h.CVE-2005-3962-bz174684 2005-05-27 12:29:50.000000000 -0400 --- perl-5.8.7/opcode.h.CVE-2005-3962-bz174684 2005-05-27 12:29:50.000000000 -0400
+++ perl-5.8.7/opcode.h 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/opcode.h 2005-12-14 12:40:55.000000000 -0500
@@ -1585,7 +1585,7 @@ @@ -1585,7 +1585,7 @@
0x0022281c, /* vec */ 0x0022281c, /* vec */
0x0122291c, /* index */ 0x0122291c, /* index */
@ -78,7 +94,7 @@
0x0001379e, /* ord */ 0x0001379e, /* ord */
0x0001378e, /* chr */ 0x0001378e, /* chr */
--- perl-5.8.7/op.c.CVE-2005-3962-bz174684 2005-04-22 10:12:32.000000000 -0400 --- perl-5.8.7/op.c.CVE-2005-3962-bz174684 2005-04-22 10:12:32.000000000 -0400
+++ perl-5.8.7/op.c 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/op.c 2005-12-14 12:40:55.000000000 -0500
@@ -2076,7 +2076,9 @@ @@ -2076,7 +2076,9 @@
/* XXX might want a ck_negate() for this */ /* XXX might want a ck_negate() for this */
cUNOPo->op_first->op_private &= ~OPpCONST_STRICT; cUNOPo->op_first->op_private &= ~OPpCONST_STRICT;
@ -91,7 +107,7 @@
case OP_LCFIRST: case OP_LCFIRST:
case OP_UC: case OP_UC:
--- perl-5.8.7/makedef.pl.CVE-2005-3962-bz174684 2005-05-09 09:27:41.000000000 -0400 --- perl-5.8.7/makedef.pl.CVE-2005-3962-bz174684 2005-05-09 09:27:41.000000000 -0400
+++ perl-5.8.7/makedef.pl 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/makedef.pl 2005-12-14 12:40:55.000000000 -0500
@@ -635,11 +635,13 @@ @@ -635,11 +635,13 @@
)]; )];
} }
@ -112,7 +128,7 @@
unless ($define{'USE_5005THREADS'} || $define{'USE_ITHREADS'}) { unless ($define{'USE_5005THREADS'} || $define{'USE_ITHREADS'}) {
skip_symbols [qw( skip_symbols [qw(
--- perl-5.8.7/ext/Sys/Syslog/Syslog.pm.CVE-2005-3962-bz174684 2005-04-22 07:53:56.000000000 -0400 --- perl-5.8.7/ext/Sys/Syslog/Syslog.pm.CVE-2005-3962-bz174684 2005-04-22 07:53:56.000000000 -0400
+++ perl-5.8.7/ext/Sys/Syslog/Syslog.pm 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/ext/Sys/Syslog/Syslog.pm 2005-12-14 12:40:55.000000000 -0500
@@ -1,14 +1,13 @@ @@ -1,14 +1,13 @@
package Sys::Syslog; package Sys::Syslog;
require 5.006; require 5.006;
@ -203,7 +219,7 @@
$sum = $numpri + $numfac; $sum = $numpri + $numfac;
my $buf = "<$sum>$whoami: $message\0"; my $buf = "<$sum>$whoami: $message\0";
--- perl-5.8.7/opcode.pl.CVE-2005-3962-bz174684 2004-12-01 08:54:30.000000000 -0500 --- perl-5.8.7/opcode.pl.CVE-2005-3962-bz174684 2004-12-01 08:54:30.000000000 -0500
+++ perl-5.8.7/opcode.pl 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/opcode.pl 2005-12-14 12:40:55.000000000 -0500
@@ -606,7 +606,7 @@ @@ -606,7 +606,7 @@
index index ck_index isT@ S S S? index index ck_index isT@ S S S?
rindex rindex ck_index isT@ S S S? rindex rindex ck_index isT@ S S S?
@ -214,7 +230,7 @@
ord ord ck_fun ifsTu% S? ord ord ck_fun ifsTu% S?
chr chr ck_fun fsTu% S? chr chr ck_fun fsTu% S?
--- perl-5.8.7/handy.h.CVE-2005-3962-bz174684 2005-04-20 12:33:28.000000000 -0400 --- perl-5.8.7/handy.h.CVE-2005-3962-bz174684 2005-04-20 12:33:28.000000000 -0400
+++ perl-5.8.7/handy.h 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/handy.h 2005-12-14 12:40:55.000000000 -0500
@@ -598,91 +598,65 @@ @@ -598,91 +598,65 @@
=cut */ =cut */
@ -342,8 +358,8 @@
#ifdef USE_STRUCT_COPY #ifdef USE_STRUCT_COPY
#define StructCopy(s,d,t) (*((t*)(d)) = *((t*)(s))) #define StructCopy(s,d,t) (*((t*)(d)) = *((t*)(s)))
--- perl-5.8.7/perl.h.CVE-2005-3962-bz174684 2005-12-09 13:57:57.000000000 -0500 --- perl-5.8.7/perl.h.CVE-2005-3962-bz174684 2005-12-14 12:40:55.000000000 -0500
+++ perl-5.8.7/perl.h 2005-12-09 13:57:57.000000000 -0500 +++ perl-5.8.7/perl.h 2005-12-14 12:40:55.000000000 -0500
@@ -720,6 +720,13 @@ @@ -720,6 +720,13 @@
#define MEM_SIZE Size_t #define MEM_SIZE Size_t
@ -370,8 +386,39 @@
EXTCONST char PL_uuemap[65] EXTCONST char PL_uuemap[65]
INIT("`!\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_"); INIT("`!\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_");
--- perl-5.8.7/sv.c.CVE-2005-3962-bz174684 2005-05-27 06:38:11.000000000 -0400 --- perl-5.8.7/sv.c.CVE-2005-3962-bz174684 2005-05-27 06:38:11.000000000 -0400
+++ perl-5.8.7/sv.c 2005-12-09 13:58:10.000000000 -0500 +++ perl-5.8.7/sv.c 2005-12-14 12:48:45.000000000 -0500
@@ -8707,9 +8707,15 @@ @@ -8589,9 +8589,12 @@
if (vectorarg) {
if (args)
vecsv = va_arg(*args, SV*);
- else
- vecsv = (evix ? evix <= svmax : svix < svmax) ?
- svargs[evix ? evix-1 : svix++] : &PL_sv_undef;
+ else if (evix) {
+ vecsv = (evix > 0 && evix <= svmax)
+ ? svargs[evix-1] : &PL_sv_undef;
+ } else {
+ vecsv = svix < svmax ? svargs[svix++] : &PL_sv_undef;
+ }
dotstr = SvPVx(vecsv, dotstrlen);
if (DO_UTF8(vecsv))
is_utf8 = TRUE;
@@ -8601,12 +8604,13 @@
vecstr = (U8*)SvPVx(vecsv,veclen);
vec_utf8 = DO_UTF8(vecsv);
}
- else if (efix ? efix <= svmax : svix < svmax) {
+ else if (efix ? (efix > 0 && efix <= svmax) : svix < svmax) {
vecsv = svargs[efix ? efix-1 : svix++];
vecstr = (U8*)SvPVx(vecsv,veclen);
vec_utf8 = DO_UTF8(vecsv);
}
else {
+ vecsv = &PL_sv_undef;
vecstr = (U8*)"";
veclen = 0;
}
@@ -8707,9 +8711,15 @@
if (vectorize) if (vectorize)
argsv = vecsv; argsv = vecsv;
@ -390,7 +437,7 @@
switch (c = *q++) { switch (c = *q++) {
@@ -8972,6 +8978,8 @@ @@ -8972,6 +8982,8 @@
*--eptr = '0'; *--eptr = '0';
break; break;
case 2: case 2:
@ -399,7 +446,7 @@
do { do {
dig = uv & 1; dig = uv & 1;
*--eptr = '0' + dig; *--eptr = '0' + dig;
@@ -9274,6 +9282,8 @@ @@ -9274,6 +9286,8 @@
/* calculate width before utf8_upgrade changes it */ /* calculate width before utf8_upgrade changes it */
have = esignlen + zeros + elen; have = esignlen + zeros + elen;
@ -408,7 +455,7 @@
if (is_utf8 != has_utf8) { if (is_utf8 != has_utf8) {
if (is_utf8) { if (is_utf8) {
@@ -9301,6 +9311,9 @@ @@ -9301,6 +9315,9 @@
need = (have > width ? have : width); need = (have > width ? have : width);
gap = need - have; gap = need - have;
@ -418,3 +465,10 @@
SvGROW(sv, SvCUR(sv) + need + dotstrlen + 1); SvGROW(sv, SvCUR(sv) + need + dotstrlen + 1);
p = SvEND(sv); p = SvEND(sv);
if (esignlen && fill == '0') { if (esignlen && fill == '0') {
--- perl-5.8.7/globvar.sym.CVE-2005-3962-bz174684 2000-08-14 11:22:14.000000000 -0400
+++ perl-5.8.7/globvar.sym 2005-12-14 12:51:12.000000000 -0500
@@ -66,3 +66,4 @@
vtbl_collxfrm
vtbl_amagic
vtbl_amagicelem
+memory_wrap

7
perl.spec
View File

@ -5,7 +5,7 @@
%define multilib_64_archs x86_64 s390x ppc64 sparc64 %define multilib_64_archs x86_64 s390x ppc64 sparc64
%define perlver 5.8.7 %define perlver 5.8.7
%define perlrel 8 %define perlrel 8.1
%define perlepoch 3 %define perlepoch 3
%{?!perl_debugging: %define perl_debugging 0} %{?!perl_debugging: %define perl_debugging 0}
@ -511,7 +511,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog %changelog
* Thu Dec 08 2005 Jason Vas Dias <jvdias@redhat.com> - 3.5.8.7-8 * Wed Dec 14 2005 Jason Vas Dias <jvdias@redhat.com> - 3:5.6.7-8.1
- Updated upstream patches for CVE-2005-3962: 26322 , 26331, 26333
* Thu Dec 08 2005 Jason Vas Dias <jvdias@redhat.com> - 3:5.8.7-8
- Apply upstream patches 26283 and 26284 : complete, revised fixes - Apply upstream patches 26283 and 26284 : complete, revised fixes
for CVE-2005-3962 and CVE-2005-3912 and for CVE-2005-3962 and CVE-2005-3912 and
"Sys::Syslog security vulnerabilities" issues. "Sys::Syslog security vulnerabilities" issues.