From d59b4c02320fd85550e0487dcb3be2c627b1161a Mon Sep 17 00:00:00 2001 From: miwi Date: Fri, 25 Apr 2008 08:16:04 +0000 Subject: - Fix zlib crash from zlib.decompressobj().flush(val) when val was not positive. It tried to allocate negative or zero memory. That fails. - Bump PORTREVISION Reviewed by: alexbl Obtained from: python svn Security: http://www.vuxml.org/freebsd/ec41c3e2-129c-11dd-bab7-0016179b2dd5.html --- lang/python25/Makefile | 2 +- lang/python25/files/patch-Lib-test-test_zlib.py | 14 ++++++++++++++ lang/python25/files/patch-Modules-zlibmodule.c | 13 +++++++++++++ lang/python26/Makefile | 2 +- lang/python26/files/patch-Lib-test-test_zlib.py | 14 ++++++++++++++ lang/python26/files/patch-Modules-zlibmodule.c | 13 +++++++++++++ lang/python27/Makefile | 2 +- lang/python27/files/patch-Lib-test-test_zlib.py | 14 ++++++++++++++ lang/python27/files/patch-Modules-zlibmodule.c | 13 +++++++++++++ lang/python30/Makefile | 2 +- lang/python30/files/patch-Lib-test-test_zlib.py | 14 ++++++++++++++ lang/python30/files/patch-Modules-zlibmodule.c | 13 +++++++++++++ lang/python31/Makefile | 2 +- lang/python31/files/patch-Lib-test-test_zlib.py | 14 ++++++++++++++ lang/python31/files/patch-Modules-zlibmodule.c | 13 +++++++++++++ lang/python32/Makefile | 2 +- lang/python32/files/patch-Lib-test-test_zlib.py | 14 ++++++++++++++ lang/python32/files/patch-Modules-zlibmodule.c | 13 +++++++++++++ 18 files changed, 168 insertions(+), 6 deletions(-) create mode 100644 lang/python25/files/patch-Lib-test-test_zlib.py create mode 100644 lang/python25/files/patch-Modules-zlibmodule.c create mode 100644 lang/python26/files/patch-Lib-test-test_zlib.py create mode 100644 lang/python26/files/patch-Modules-zlibmodule.c create mode 100644 lang/python27/files/patch-Lib-test-test_zlib.py create mode 100644 lang/python27/files/patch-Modules-zlibmodule.c create mode 100644 lang/python30/files/patch-Lib-test-test_zlib.py create mode 100644 lang/python30/files/patch-Modules-zlibmodule.c create mode 100644 lang/python31/files/patch-Lib-test-test_zlib.py create mode 100644 lang/python31/files/patch-Modules-zlibmodule.c create mode 100644 lang/python32/files/patch-Lib-test-test_zlib.py create mode 100644 lang/python32/files/patch-Modules-zlibmodule.c (limited to 'lang') diff --git a/lang/python25/Makefile b/lang/python25/Makefile index 3e19ec12e903..087ddd147bfc 100644 --- a/lang/python25/Makefile +++ b/lang/python25/Makefile @@ -6,7 +6,7 @@ PORTNAME= python25 PORTVERSION= 2.5.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= lang python ipv6 MASTER_SITES= ${PYTHON_MASTER_SITES} MASTER_SITE_SUBDIR= ${PYTHON_MASTER_SITE_SUBDIR} diff --git a/lang/python25/files/patch-Lib-test-test_zlib.py b/lang/python25/files/patch-Lib-test-test_zlib.py new file mode 100644 index 000000000000..425572d2574d --- /dev/null +++ b/lang/python25/files/patch-Lib-test-test_zlib.py @@ -0,0 +1,14 @@ +--- Lib/test/test_zlib.py 2008/04/08 23:47:30 62234 ++++ Lib/test/test_zlib.py 2008/04/09 00:25:17 62235 +@@ -83,6 +83,11 @@ + # verify failure on building decompress object with bad params + self.assertRaises(ValueError, zlib.decompressobj, 0) + ++ def test_decompressobj_badflush(self): ++ # verify failure on calling decompressobj.flush with bad params ++ self.assertRaises(ValueError, zlib.decompressobj().flush, 0) ++ self.assertRaises(ValueError, zlib.decompressobj().flush, -1) ++ + + + class CompressTestCase(unittest.TestCase): diff --git a/lang/python25/files/patch-Modules-zlibmodule.c b/lang/python25/files/patch-Modules-zlibmodule.c new file mode 100644 index 000000000000..7875a40ada7c --- /dev/null +++ b/lang/python25/files/patch-Modules-zlibmodule.c @@ -0,0 +1,13 @@ +--- Modules/zlibmodule.c.orig 2008-04-25 01:47:26.000000000 +0200 ++++ Modules/zlibmodule.c 2008-04-25 01:48:17.000000000 +0200 +@@ -774,6 +774,10 @@ + + if (!PyArg_ParseTuple(args, "|i:flush", &length)) + return NULL; ++ if (length <= 0) { ++ PyErr_SetString(PyExc_ValueError, "length must be greater than zero"); ++ return NULL; ++ } + if (!(retval = PyString_FromStringAndSize(NULL, length))) + return NULL; + diff --git a/lang/python26/Makefile b/lang/python26/Makefile index 3e19ec12e903..087ddd147bfc 100644 --- a/lang/python26/Makefile +++ b/lang/python26/Makefile @@ -6,7 +6,7 @@ PORTNAME= python25 PORTVERSION= 2.5.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= lang python ipv6 MASTER_SITES= ${PYTHON_MASTER_SITES} MASTER_SITE_SUBDIR= ${PYTHON_MASTER_SITE_SUBDIR} diff --git a/lang/python26/files/patch-Lib-test-test_zlib.py b/lang/python26/files/patch-Lib-test-test_zlib.py new file mode 100644 index 000000000000..425572d2574d --- /dev/null +++ b/lang/python26/files/patch-Lib-test-test_zlib.py @@ -0,0 +1,14 @@ +--- Lib/test/test_zlib.py 2008/04/08 23:47:30 62234 ++++ Lib/test/test_zlib.py 2008/04/09 00:25:17 62235 +@@ -83,6 +83,11 @@ + # verify failure on building decompress object with bad params + self.assertRaises(ValueError, zlib.decompressobj, 0) + ++ def test_decompressobj_badflush(self): ++ # verify failure on calling decompressobj.flush with bad params ++ self.assertRaises(ValueError, zlib.decompressobj().flush, 0) ++ self.assertRaises(ValueError, zlib.decompressobj().flush, -1) ++ + + + class CompressTestCase(unittest.TestCase): diff --git a/lang/python26/files/patch-Modules-zlibmodule.c b/lang/python26/files/patch-Modules-zlibmodule.c new file mode 100644 index 000000000000..7875a40ada7c --- /dev/null +++ b/lang/python26/files/patch-Modules-zlibmodule.c @@ -0,0 +1,13 @@ +--- Modules/zlibmodule.c.orig 2008-04-25 01:47:26.000000000 +0200 ++++ Modules/zlibmodule.c 2008-04-25 01:48:17.000000000 +0200 +@@ -774,6 +774,10 @@ + + if (!PyArg_ParseTuple(args, "|i:flush", &length)) + return NULL; ++ if (length <= 0) { ++ PyErr_SetString(PyExc_ValueError, "length must be greater than zero"); ++ return NULL; ++ } + if (!(retval = PyString_FromStringAndSize(NULL, length))) + return NULL; + diff --git a/lang/python27/Makefile b/lang/python27/Makefile index 3e19ec12e903..087ddd147bfc 100644 --- a/lang/python27/Makefile +++ b/lang/python27/Makefile @@ -6,7 +6,7 @@ PORTNAME= python25 PORTVERSION= 2.5.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= lang python ipv6 MASTER_SITES= ${PYTHON_MASTER_SITES} MASTER_SITE_SUBDIR= ${PYTHON_MASTER_SITE_SUBDIR} diff --git a/lang/python27/files/patch-Lib-test-test_zlib.py b/lang/python27/files/patch-Lib-test-test_zlib.py new file mode 100644 index 000000000000..425572d2574d --- /dev/null +++ b/lang/python27/files/patch-Lib-test-test_zlib.py @@ -0,0 +1,14 @@ +--- Lib/test/test_zlib.py 2008/04/08 23:47:30 62234 ++++ Lib/test/test_zlib.py 2008/04/09 00:25:17 62235 +@@ -83,6 +83,11 @@ + # verify failure on building decompress object with bad params + self.assertRaises(ValueError, zlib.decompressobj, 0) + ++ def test_decompressobj_badflush(self): ++ # verify failure on calling decompressobj.flush with bad params ++ self.assertRaises(ValueError, zlib.decompressobj().flush, 0) ++ self.assertRaises(ValueError, zlib.decompressobj().flush, -1) ++ + + + class CompressTestCase(unittest.TestCase): diff --git a/lang/python27/files/patch-Modules-zlibmodule.c b/lang/python27/files/patch-Modules-zlibmodule.c new file mode 100644 index 000000000000..7875a40ada7c --- /dev/null +++ b/lang/python27/files/patch-Modules-zlibmodule.c @@ -0,0 +1,13 @@ +--- Modules/zlibmodule.c.orig 2008-04-25 01:47:26.000000000 +0200 ++++ Modules/zlibmodule.c 2008-04-25 01:48:17.000000000 +0200 +@@ -774,6 +774,10 @@ + + if (!PyArg_ParseTuple(args, "|i:flush", &length)) + return NULL; ++ if (length <= 0) { ++ PyErr_SetString(PyExc_ValueError, "length must be greater than zero"); ++ return NULL; ++ } + if (!(retval = PyString_FromStringAndSize(NULL, length))) + return NULL; + diff --git a/lang/python30/Makefile b/lang/python30/Makefile index 3e19ec12e903..087ddd147bfc 100644 --- a/lang/python30/Makefile +++ b/lang/python30/Makefile @@ -6,7 +6,7 @@ PORTNAME= python25 PORTVERSION= 2.5.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= lang python ipv6 MASTER_SITES= ${PYTHON_MASTER_SITES} MASTER_SITE_SUBDIR= ${PYTHON_MASTER_SITE_SUBDIR} diff --git a/lang/python30/files/patch-Lib-test-test_zlib.py b/lang/python30/files/patch-Lib-test-test_zlib.py new file mode 100644 index 000000000000..425572d2574d --- /dev/null +++ b/lang/python30/files/patch-Lib-test-test_zlib.py @@ -0,0 +1,14 @@ +--- Lib/test/test_zlib.py 2008/04/08 23:47:30 62234 ++++ Lib/test/test_zlib.py 2008/04/09 00:25:17 62235 +@@ -83,6 +83,11 @@ + # verify failure on building decompress object with bad params + self.assertRaises(ValueError, zlib.decompressobj, 0) + ++ def test_decompressobj_badflush(self): ++ # verify failure on calling decompressobj.flush with bad params ++ self.assertRaises(ValueError, zlib.decompressobj().flush, 0) ++ self.assertRaises(ValueError, zlib.decompressobj().flush, -1) ++ + + + class CompressTestCase(unittest.TestCase): diff --git a/lang/python30/files/patch-Modules-zlibmodule.c b/lang/python30/files/patch-Modules-zlibmodule.c new file mode 100644 index 000000000000..7875a40ada7c --- /dev/null +++ b/lang/python30/files/patch-Modules-zlibmodule.c @@ -0,0 +1,13 @@ +--- Modules/zlibmodule.c.orig 2008-04-25 01:47:26.000000000 +0200 ++++ Modules/zlibmodule.c 2008-04-25 01:48:17.000000000 +0200 +@@ -774,6 +774,10 @@ + + if (!PyArg_ParseTuple(args, "|i:flush", &length)) + return NULL; ++ if (length <= 0) { ++ PyErr_SetString(PyExc_ValueError, "length must be greater than zero"); ++ return NULL; ++ } + if (!(retval = PyString_FromStringAndSize(NULL, length))) + return NULL; + diff --git a/lang/python31/Makefile b/lang/python31/Makefile index 3e19ec12e903..087ddd147bfc 100644 --- a/lang/python31/Makefile +++ b/lang/python31/Makefile @@ -6,7 +6,7 @@ PORTNAME= python25 PORTVERSION= 2.5.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= lang python ipv6 MASTER_SITES= ${PYTHON_MASTER_SITES} MASTER_SITE_SUBDIR= ${PYTHON_MASTER_SITE_SUBDIR} diff --git a/lang/python31/files/patch-Lib-test-test_zlib.py b/lang/python31/files/patch-Lib-test-test_zlib.py new file mode 100644 index 000000000000..425572d2574d --- /dev/null +++ b/lang/python31/files/patch-Lib-test-test_zlib.py @@ -0,0 +1,14 @@ +--- Lib/test/test_zlib.py 2008/04/08 23:47:30 62234 ++++ Lib/test/test_zlib.py 2008/04/09 00:25:17 62235 +@@ -83,6 +83,11 @@ + # verify failure on building decompress object with bad params + self.assertRaises(ValueError, zlib.decompressobj, 0) + ++ def test_decompressobj_badflush(self): ++ # verify failure on calling decompressobj.flush with bad params ++ self.assertRaises(ValueError, zlib.decompressobj().flush, 0) ++ self.assertRaises(ValueError, zlib.decompressobj().flush, -1) ++ + + + class CompressTestCase(unittest.TestCase): diff --git a/lang/python31/files/patch-Modules-zlibmodule.c b/lang/python31/files/patch-Modules-zlibmodule.c new file mode 100644 index 000000000000..7875a40ada7c --- /dev/null +++ b/lang/python31/files/patch-Modules-zlibmodule.c @@ -0,0 +1,13 @@ +--- Modules/zlibmodule.c.orig 2008-04-25 01:47:26.000000000 +0200 ++++ Modules/zlibmodule.c 2008-04-25 01:48:17.000000000 +0200 +@@ -774,6 +774,10 @@ + + if (!PyArg_ParseTuple(args, "|i:flush", &length)) + return NULL; ++ if (length <= 0) { ++ PyErr_SetString(PyExc_ValueError, "length must be greater than zero"); ++ return NULL; ++ } + if (!(retval = PyString_FromStringAndSize(NULL, length))) + return NULL; + diff --git a/lang/python32/Makefile b/lang/python32/Makefile index 3e19ec12e903..087ddd147bfc 100644 --- a/lang/python32/Makefile +++ b/lang/python32/Makefile @@ -6,7 +6,7 @@ PORTNAME= python25 PORTVERSION= 2.5.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= lang python ipv6 MASTER_SITES= ${PYTHON_MASTER_SITES} MASTER_SITE_SUBDIR= ${PYTHON_MASTER_SITE_SUBDIR} diff --git a/lang/python32/files/patch-Lib-test-test_zlib.py b/lang/python32/files/patch-Lib-test-test_zlib.py new file mode 100644 index 000000000000..425572d2574d --- /dev/null +++ b/lang/python32/files/patch-Lib-test-test_zlib.py @@ -0,0 +1,14 @@ +--- Lib/test/test_zlib.py 2008/04/08 23:47:30 62234 ++++ Lib/test/test_zlib.py 2008/04/09 00:25:17 62235 +@@ -83,6 +83,11 @@ + # verify failure on building decompress object with bad params + self.assertRaises(ValueError, zlib.decompressobj, 0) + ++ def test_decompressobj_badflush(self): ++ # verify failure on calling decompressobj.flush with bad params ++ self.assertRaises(ValueError, zlib.decompressobj().flush, 0) ++ self.assertRaises(ValueError, zlib.decompressobj().flush, -1) ++ + + + class CompressTestCase(unittest.TestCase): diff --git a/lang/python32/files/patch-Modules-zlibmodule.c b/lang/python32/files/patch-Modules-zlibmodule.c new file mode 100644 index 000000000000..7875a40ada7c --- /dev/null +++ b/lang/python32/files/patch-Modules-zlibmodule.c @@ -0,0 +1,13 @@ +--- Modules/zlibmodule.c.orig 2008-04-25 01:47:26.000000000 +0200 ++++ Modules/zlibmodule.c 2008-04-25 01:48:17.000000000 +0200 +@@ -774,6 +774,10 @@ + + if (!PyArg_ParseTuple(args, "|i:flush", &length)) + return NULL; ++ if (length <= 0) { ++ PyErr_SetString(PyExc_ValueError, "length must be greater than zero"); ++ return NULL; ++ } + if (!(retval = PyString_FromStringAndSize(NULL, length))) + return NULL; + -- cgit