From 5643ed620ad357da5eeacb8833b77c6f2d7747ac Mon Sep 17 00:00:00 2001 From: Ruslan Makhmatkhanov Date: Fri, 17 Jun 2016 17:09:04 +0000 Subject: lang/python[xx]: backport upstream fix for CVE-2016-5636 Add patch for integer overflow in zipimport module to all our python ports. While I'm here, get rid of -f flag in ${RM} invocation, because ${RM} already expands to rm -f, so in result we are getting something like: /bin/rm -f -f /wrkdirs/usr/ports/lang/python35/work/stage/usr/local/lib/libpython3.so PR: 210325 Submitted by: Vladimir Krstulja Security: 1d0f6852-33d8-11e6-a671-60a44ce6887b With hat: python --- lang/python33/files/patch-Modules_zipimport.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 lang/python33/files/patch-Modules_zipimport.c (limited to 'lang/python33/files/patch-Modules_zipimport.c') diff --git a/lang/python33/files/patch-Modules_zipimport.c b/lang/python33/files/patch-Modules_zipimport.c new file mode 100644 index 000000000000..66b635ebb4d4 --- /dev/null +++ b/lang/python33/files/patch-Modules_zipimport.c @@ -0,0 +1,17 @@ + +Bug: http://bugs.python.org/issue26171 + +--- Modules/zipimport.c.orig 2014-10-12 07:03:53 UTC ++++ Modules/zipimport.c +@@ -1089,6 +1089,11 @@ get_data(PyObject *archive, PyObject *to + PyMarshal_ReadShortFromFile(fp); /* local header size */ + file_offset += l; /* Start of file data */ + ++ if (data_size > LONG_MAX - 1) { ++ fclose(fp); ++ PyErr_NoMemory(); ++ return NULL; ++ } + bytes_size = compress == 0 ? data_size : data_size + 1; + if (bytes_size == 0) + bytes_size++; -- cgit v1.2.3