diff options
| author | Ruslan Makhmatkhanov <rm@FreeBSD.org> | 2016-06-17 17:09:04 +0000 |
|---|---|---|
| committer | Ruslan Makhmatkhanov <rm@FreeBSD.org> | 2016-06-17 17:09:04 +0000 |
| commit | 5643ed620ad357da5eeacb8833b77c6f2d7747ac (patch) | |
| tree | 0adb184f75003084e164df487438ff3c51107f45 /lang/python33/files/patch-Modules_zipimport.c | |
| parent | Document integer overflow in python's zipimport module (diff) | |
lang/python[xx]: backport upstream fix for CVE-2016-5636
Add patch for integer overflow in zipimport module to all our python ports.
While I'm here, get rid of -f flag in ${RM} invocation, because ${RM} already
expands to rm -f, so in result we are getting something like:
/bin/rm -f -f /wrkdirs/usr/ports/lang/python35/work/stage/usr/local/lib/libpython3.so
PR: 210325
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security: 1d0f6852-33d8-11e6-a671-60a44ce6887b
With hat: python
Notes
Notes:
svn path=/head/; revision=417019
Diffstat (limited to 'lang/python33/files/patch-Modules_zipimport.c')
| -rw-r--r-- | lang/python33/files/patch-Modules_zipimport.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/lang/python33/files/patch-Modules_zipimport.c b/lang/python33/files/patch-Modules_zipimport.c new file mode 100644 index 000000000000..66b635ebb4d4 --- /dev/null +++ b/lang/python33/files/patch-Modules_zipimport.c @@ -0,0 +1,17 @@ + +Bug: http://bugs.python.org/issue26171 + +--- Modules/zipimport.c.orig 2014-10-12 07:03:53 UTC ++++ Modules/zipimport.c +@@ -1089,6 +1089,11 @@ get_data(PyObject *archive, PyObject *to + PyMarshal_ReadShortFromFile(fp); /* local header size */ + file_offset += l; /* Start of file data */ + ++ if (data_size > LONG_MAX - 1) { ++ fclose(fp); ++ PyErr_NoMemory(); ++ return NULL; ++ } + bytes_size = compress == 0 ? data_size : data_size + 1; + if (bytes_size == 0) + bytes_size++; |