update to 7.43.0.4
This commit is contained in:
Kamil Dudka
parent
21086f6d31
commit
32500f1dc7
@ -1,93 +0,0 @@
|
||||
From 047bd00ee53a722eaf46e58e330888cf628d5a7c Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Mon, 14 Jan 2019 16:54:19 +0100
|
||||
Subject: [PATCH 1/2] do_curl_setopt_httppost: do not use uninitialized stack
|
||||
variable
|
||||
|
||||
Detected by Coverity Analysis and Clang:
|
||||
|
||||
Error: UNINIT (CWE-457):
|
||||
pycurl-7.43.0.2/src/easyopt.c:493: var_decl: Declaring variable "res" without initializer.
|
||||
pycurl-7.43.0.2/src/easyopt.c:524: uninit_use_in_call: Using uninitialized value "(int)res" when calling "create_and_set_error_object".
|
||||
522| if (PyText_AsStringAndSize(httppost_option, &cstr, &clen, &cencoded_obj)) {
|
||||
523| PyText_EncodedDecref(nencoded_obj);
|
||||
524|-> CURLERROR_SET_RETVAL();
|
||||
525| goto error;
|
||||
526| }
|
||||
|
||||
Error: CLANG_WARNING:
|
||||
pycurl-7.43.0.2/src/easyopt.c:524:17: warning: 2nd function call argument is an uninitialized value
|
||||
pycurl-7.43.0.2/src/pycurl.h:286:5: note: expanded from macro 'CURLERROR_SET_RETVAL'
|
||||
pycurl-7.43.0.2/src/easyopt.c:493:5: note: 'res' declared without an initial value
|
||||
pycurl-7.43.0.2/src/easyopt.c:496:9: note: Assuming 'len' is not equal to 0
|
||||
pycurl-7.43.0.2/src/easyopt.c:496:5: note: Taking false branch
|
||||
pycurl-7.43.0.2/src/easyopt.c:499:17: note: Assuming 'i' is < 'len'
|
||||
pycurl-7.43.0.2/src/easyopt.c:499:5: note: Loop condition is true. Entering loop body
|
||||
pycurl-7.43.0.2/src/easyopt.c:505:13: note: Assuming 'which_httppost_item' is not equal to 0
|
||||
pycurl-7.43.0.2/src/easyopt.c:505:9: note: Taking false branch
|
||||
pycurl-7.43.0.2/src/easyopt.c:509:13: note: Assuming the condition is false
|
||||
pycurl-7.43.0.2/src/easyopt.c:509:9: note: Taking false branch
|
||||
pycurl-7.43.0.2/src/easyopt.c:513:13: note: Assuming the condition is false
|
||||
pycurl-7.43.0.2/src/easyopt.c:513:9: note: Taking false branch
|
||||
pycurl-7.43.0.2/src/easyopt.c:519:13: note: Assuming the condition is true
|
||||
pycurl-7.43.0.2/src/easyopt.c:519:9: note: Taking true branch
|
||||
pycurl-7.43.0.2/src/easyopt.c:522:17: note: Assuming the condition is true
|
||||
pycurl-7.43.0.2/src/easyopt.c:522:13: note: Taking true branch
|
||||
pycurl-7.43.0.2/src/easyopt.c:524:17: note: 2nd function call argument is an uninitialized value
|
||||
pycurl-7.43.0.2/src/pycurl.h:286:5: note: expanded from macro 'CURLERROR_SET_RETVAL'
|
||||
---
|
||||
src/easyopt.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/easyopt.c b/src/easyopt.c
|
||||
index 015fa93..471400c 100644
|
||||
--- a/src/easyopt.c
|
||||
+++ b/src/easyopt.c
|
||||
@@ -521,7 +521,7 @@ do_curl_setopt_httppost(CurlObject *self, int option, int which, PyObject *obj)
|
||||
|
||||
if (PyText_AsStringAndSize(httppost_option, &cstr, &clen, &cencoded_obj)) {
|
||||
PyText_EncodedDecref(nencoded_obj);
|
||||
- CURLERROR_SET_RETVAL();
|
||||
+ create_and_set_error_object(self, CURLE_BAD_FUNCTION_ARGUMENT);
|
||||
goto error;
|
||||
}
|
||||
/* INFO: curl_formadd() internally does memdup() the data, so
|
||||
--
|
||||
2.17.2
|
||||
|
||||
|
||||
From 6f0f7896412c107c390f4967dcdf94fd14d52047 Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Mon, 14 Jan 2019 16:57:14 +0100
|
||||
Subject: [PATCH 2/2] do_multi_add_handle: execute clean-up code before return
|
||||
|
||||
Detected by Coverity Analysis:
|
||||
|
||||
Error: UNREACHABLE (CWE-561):
|
||||
pycurl-7.43.0.2/src/multi.c:631: unreachable: This code cannot be reached: "PyDict_DelItem(self->easy_o...".
|
||||
629| if (res != CURLM_OK) {
|
||||
630| CURLERROR_MSG("curl_multi_add_handle() failed due to internal errors");
|
||||
631|-> PyDict_DelItem(self->easy_object_dict, (PyObject *) obj);
|
||||
632| }
|
||||
633| obj->multi_stack = self;
|
||||
---
|
||||
src/multi.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/multi.c b/src/multi.c
|
||||
index 7ecedbf..3407423 100644
|
||||
--- a/src/multi.c
|
||||
+++ b/src/multi.c
|
||||
@@ -627,8 +627,8 @@ do_multi_add_handle(CurlMultiObject *self, PyObject *args)
|
||||
assert(obj->multi_stack == NULL);
|
||||
res = curl_multi_add_handle(self->multi_handle, obj->handle);
|
||||
if (res != CURLM_OK) {
|
||||
- CURLERROR_MSG("curl_multi_add_handle() failed due to internal errors");
|
||||
PyDict_DelItem(self->easy_object_dict, (PyObject *) obj);
|
||||
+ CURLERROR_MSG("curl_multi_add_handle() failed due to internal errors");
|
||||
}
|
||||
obj->multi_stack = self;
|
||||
Py_INCREF(self);
|
||||
--
|
||||
2.17.2
|
||||
|
||||
@ -8,8 +8,8 @@ This effectively reverts the following commit:
|
||||
|
||||
Bug: https://bugzilla.redhat.com/1446850
|
||||
---
|
||||
src/module.c | 20 +-------------------
|
||||
1 file changed, 1 insertion(+), 19 deletions(-)
|
||||
src/module.c | 24 +-----------------------
|
||||
1 file changed, 1 insertion(+), 23 deletions(-)
|
||||
|
||||
diff --git a/src/module.c b/src/module.c
|
||||
index a7108a0..af79875 100644
|
||||
@ -24,7 +24,7 @@ index a7108a0..af79875 100644
|
||||
size_t libcurl_version_len, pycurl_version_len;
|
||||
PyObject *xio_module = NULL;
|
||||
PyObject *collections_module = NULL;
|
||||
@@ -345,24 +345,6 @@ initpycurl(void)
|
||||
@@ -345,28 +345,6 @@ initpycurl(void)
|
||||
goto error;
|
||||
}
|
||||
|
||||
@ -34,10 +34,14 @@ index a7108a0..af79875 100644
|
||||
- } else if (!strncmp(vi->ssl_version, "OpenSSL/", 8) || !strncmp(vi->ssl_version, "LibreSSL/", 9) ||
|
||||
- !strncmp(vi->ssl_version, "BoringSSL", 9)) {
|
||||
- runtime_ssl_lib = "openssl";
|
||||
- } else if (!strncmp(vi->ssl_version, "wolfSSL/", 8)) {
|
||||
- runtime_ssl_lib = "wolfssl";
|
||||
- } else if (!strncmp(vi->ssl_version, "GnuTLS/", 7)) {
|
||||
- runtime_ssl_lib = "gnutls";
|
||||
- } else if (!strncmp(vi->ssl_version, "NSS/", 4)) {
|
||||
- runtime_ssl_lib = "nss";
|
||||
- } else if (!strncmp(vi->ssl_version, "mbedTLS/", 8)) {
|
||||
- runtime_ssl_lib = "mbedtls";
|
||||
- } else {
|
||||
- runtime_ssl_lib = "none/other";
|
||||
- }
|
||||
|
||||
@ -19,18 +19,14 @@
|
||||
%global modname pycurl
|
||||
|
||||
Name: python-%{modname}
|
||||
Version: 7.43.0.2
|
||||
Release: 10%{?dist}
|
||||
Version: 7.43.0.4
|
||||
Release: 1%{?dist}
|
||||
Summary: A Python interface to libcurl
|
||||
|
||||
License: LGPLv2+ or MIT
|
||||
URL: http://pycurl.sourceforge.net/
|
||||
Source0: https://dl.bintray.com/pycurl/pycurl/pycurl-%{version}.tar.gz
|
||||
|
||||
# fix programming mistakes detected by static analyzers
|
||||
# upstream pull request: https://github.com/pycurl/pycurl/pull/550
|
||||
Patch1: 0001-python-pycurl-7.43.0.2-static-analysis.patch
|
||||
|
||||
# drop link-time vs. run-time TLS backend check (#1446850)
|
||||
Patch2: 0002-python-pycurl-7.43.0-tls-backend.patch
|
||||
|
||||
@ -157,6 +153,9 @@ rm -fv tests/fake-curl/libcurl/*.so
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Jan 15 2020 Kamil Dudka <kdudka@redhat.com> - 7.43.0.4-1
|
||||
- update to 7.43.0.4
|
||||
|
||||
* Fri Nov 15 2019 Kamil Dudka <kdudka@redhat.com> - 7.43.0.2-10
|
||||
- do not build python2-pycurl on f32+
|
||||
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (pycurl-7.43.0.2.tar.gz) = 8635fb33107c9351b7527036b8ab16d76aad72c2170643928034641770d07ab1507a8b2adc8b1a1dcfff29272f55cb00fee65abfcc0c639db14fdc20fc3a0fd0
|
||||
SHA512 (pycurl-7.43.0.4.tar.gz) = 79df189eca6b337d7e7243f9209055e629e76457aaacb1cc170c42363290162d121ba6128e20067fb04375b971cf36843634b46ec8466e69be614b86640c7256
|
||||
|
||||
Loading…
Reference in New Issue
Block a user