[perl-Digest-SHA/f19] Fix possible crash on uninitialized object

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



commit d7d25fe0ca9dabfb2bb14efd41627b4eaf4c97b0
Author: Petr Písař <ppisar@xxxxxxxxxx>
Date:   Wed Mar 12 10:42:53 2014 +0100

    Fix possible crash on uninitialized object

 ...-5.85-Check-for-ISA-when-invoking-methods.patch |   68 ++++++++++++++++++++
 perl-Digest-SHA.spec                               |    9 ++-
 2 files changed, 76 insertions(+), 1 deletions(-)
---
diff --git a/Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch b/Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch
new file mode 100644
index 0000000..94749b4
--- /dev/null
+++ b/Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch
@@ -0,0 +1,68 @@
+From c898bd4f5880bd7ddbf5987024c2748eae3d88a7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@xxxxxxxxxx>
+Date: Wed, 12 Mar 2014 10:17:16 +0100
+Subject: [PATCH] Check for ISA when invoking methods
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+After:
+
+use Digest::SHA;
+my $d=Digest::SHA->add(qq(a));
+
+calling $d->hashsize() and other methods resulted in crash.
+
+This is relevant patch from Digest-SHA-5.87.
+
+Perl RT#121421
+<https://bugzilla.redhat.com/show_bug.cgi?id=1075478>
+
+Signed-off-by: Petr Písař <ppisar@xxxxxxxxxx>
+---
+ SHA.xs | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/SHA.xs b/SHA.xs
+index 3caf8ef..69908a0 100644
+--- a/SHA.xs
++++ b/SHA.xs
+@@ -34,6 +34,8 @@ shaclose(s)
+ CODE:
+ 	RETVAL = shaclose(s);
+ 	sv_setiv(SvRV(ST(0)), 0);
++OUTPUT:
++	RETVAL
+ 
+ int
+ shadump(file, s)
+@@ -186,6 +188,8 @@ PREINIT:
+ 	SHA *state;
+ 	int result;
+ PPCODE:
++	if (!sv_isa(self, "Digest::SHA"))
++		XSRETURN_UNDEF;
+ 	state = INT2PTR(SHA *, SvIV(SvRV(SvRV(self))));
+ 	result = ix ? shaalg(state) : shadsize(state) << 3;
+ 	ST(0) = sv_2mortal(newSViv(result));
+@@ -200,6 +204,8 @@ PREINIT:
+ 	STRLEN len;
+ 	SHA *state;
+ PPCODE:
++	if (!sv_isa(self, "Digest::SHA"))
++		XSRETURN_UNDEF;
+ 	state = INT2PTR(SHA *, SvIV(SvRV(SvRV(self))));
+ 	for (i = 1; i < items; i++) {
+ 		data = (unsigned char *) (SvPVbyte(ST(i), len));
+@@ -224,6 +230,8 @@ PREINIT:
+ 	SHA *state;
+ 	char *result;
+ PPCODE:
++	if (!sv_isa(self, "Digest::SHA"))
++		XSRETURN_UNDEF;
+ 	state = INT2PTR(SHA *, SvIV(SvRV(SvRV(self))));
+ 	shafinish(state);
+ 	len = 0;
+-- 
+1.8.5.3
+
diff --git a/perl-Digest-SHA.spec b/perl-Digest-SHA.spec
index 65c78f4..e35ad0f 100644
--- a/perl-Digest-SHA.spec
+++ b/perl-Digest-SHA.spec
@@ -1,7 +1,7 @@
 Name:           perl-Digest-SHA
 Epoch:          1
 Version:        5.85
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Perl extension for SHA-1/224/256/384/512
 License:        GPL+ or Artistic
 Group:          Development/Libraries
@@ -10,6 +10,9 @@ Source0:        http://www.cpan.org/authors/id/M/MS/MSHELOR/Digest-SHA-%{version
 # Since 5.80, upstream overrides CFLAGS because they think it improves
 # performance. Revert it.
 Patch0:         Digest-SHA-5.84-Reset-CFLAGS.patch
+# Fix possible crash on uninitialized object, fixed in 5.87, bug #1075478,
+# RT#121421
+Patch1:         Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch
 BuildRequires:  perl
 BuildRequires:  perl(Config)
 BuildRequires:  perl(ExtUtils::MakeMaker)
@@ -47,6 +50,7 @@ handle all types of input, including partial-byte data.
 %prep
 %setup -q -n Digest-SHA-%{version}
 %patch0 -p1
+%patch1 -p1
 chmod -x examples/*
 perl -MExtUtils::MakeMaker -e 'ExtUtils::MM_Unix->fixin(q{examples/dups})'
 
@@ -72,6 +76,9 @@ make test
 %{_mandir}/man3/*
 
 %changelog
+* Wed Mar 12 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 1:5.85-2
+- Fix possible crash on uninitialized object (bug #1075478)
+
 * Fri Jun 28 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1:5.85-1
 - 5.85 bump
 
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/perl-devel





[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Legacy Announce]     [Fedora PHP Devel]     [Kernel Devel]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite Information]
  Powered by Linux