Sun Feb 9 09:02:50 2014 UTC ()

Add fix for security vulnerability reported in SA56624.
Patch taken from Python Mercurial repository.


(tron)

diff -r1.33 -r1.34 pkgsrc/lang/python27/Makefile
diff -r1.29 -r1.30 pkgsrc/lang/python27/distinfo
diff -r0 -r1.1 pkgsrc/lang/python27/patches/patch-Modules_socketmodule.c

--- pkgsrc/lang/python27/Makefile 2013/12/12 11:34:23 1.33
+++ pkgsrc/lang/python27/Makefile 2014/02/09 09:02:50 1.34

 @@ -1,18 +1,19 @@
-# $NetBSD: Makefile,v 1.33 2013/12/12 11:34:23 jperkin Exp $
+# $NetBSD: Makefile,v 1.34 2014/02/09 09:02:50 tron Exp $
 .include "dist.mk"
 PKGNAME=	python27-${PY_DISTVERSION}
 PKGREVISION=	1
 CATEGORIES=	lang python
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://www.python.org/
 COMMENT=	Interpreted, interactive, object-oriented programming language
 LICENSE=	python-software-foundation
 CONFLICTS+=	python-[0-9]*
 GNU_CONFIGURE=		yes
 CONFIGURE_ARGS+=	--with-threads
 CONFIGURE_ARGS+=	--enable-shared
 CONFIGURE_ARGS+=	OPT=${CFLAGS:Q}

--- pkgsrc/lang/python27/distinfo 2013/12/14 18:59:55 1.29
+++ pkgsrc/lang/python27/distinfo 2014/02/09 09:02:50 1.30

 @@ -1,23 +1,24 @@
-$NetBSD: distinfo,v 1.29 2013/12/14 18:59:55 bsiegert Exp $
+$NetBSD: distinfo,v 1.30 2014/02/09 09:02:50 tron Exp $
 SHA1 (Python-2.7.6.tar.xz) = 8321636af2acbeaa68fc635d7dda7369ed446a80
 RMD160 (Python-2.7.6.tar.xz) = 8efc73a01a466d8fa16c5c1734c89be79c2c538a
 Size (Python-2.7.6.tar.xz) = 10431288 bytes
 SHA1 (patch-Include_node.h) = 673d148b625711ac47e4bfeb0f5b0d5b31f94d7e
 SHA1 (patch-Include_pyerrors.h) = 3eba043c83b1d1df4918524f7b53047a6ed372ae
 SHA1 (patch-Lib_distutils_unixccompiler.py) = 39b967dc2ae648143d5841f22602a21063b4d5ea
 SHA1 (patch-Modules___ssl.c) = aaddaea5bcd6c84d3d896c7c37f710933b8228bc
 SHA1 (patch-Modules_getpath.c) = f68b38eb90f974b67ceab3922ce7f92eb77f25c3
 SHA1 (patch-Modules_socketmodule.c) = 07c76dcf6dc8605446bc8e01d80e1f1e30a5ebf7
 SHA1 (patch-aa) = 990e4025bb6a37715e1f5df1831499f0ab08acfa
 SHA1 (patch-ab) = 0d0ae9802dfe3b85659adb16793affd8c4ffce43
 SHA1 (patch-ad) = de730b9f5a5efb56afa8bed05824b5f6579242ec
 SHA1 (patch-ae) = ff6d8c6164fe3c6dc4fb33d88eb8a49d5c5442f6
 SHA1 (patch-ah) = ae3ce0656d890ca34292920bf0185f94ba847139
 SHA1 (patch-al) = dd8bed847f797b97df1a9ad7ffe17645b0f08925
 SHA1 (patch-am) = 80718042f67a22489b1ae0806e71f28c1515c28e
 SHA1 (patch-an) = 6098fbf0fc31422196cc40d3a227934523db11ca
 SHA1 (patch-ao) = 3a1cd2b255340fd23fc1fce8680e692581ffcec1
 SHA1 (patch-au) = 2a2a988ac92553d17eb898870d1adb3c30a59b66
 SHA1 (patch-av) = a14eaf4d5db6fc3b79ed896fbfcc34ca98051af2
 SHA1 (patch-aw) = 15652e241f371a22c7300f46771825ea74514fa0
 SHA1 (patch-ax) = be7498a37a89c86d278d07c38666237215308498

$NetBSD: patch-Modules_socketmodule.c,v 1.1 2014/02/09 09:02:50 tron Exp $

Fix vulnerability reported in SA56624. Patch taken from here:

http://hg.python.org/cpython/rev/87673659d8f7

--- Modules/socketmodule.c.orig	2013-11-10 07:36:41.000000000 +0000
+++ Modules/socketmodule.c	2014-02-09 08:41:25.000000000 +0000
@@ -2742,6 +2742,10 @@
     if (recvlen == 0) {
         /* If nbytes was not specified, use the buffer's length */
         recvlen = buflen;
+    } else if (recvlen > buflen) {
+        PyErr_SetString(PyExc_ValueError,
+                        "nbytes is greater than the length of the buffer");
+        goto error;
     }
 
     readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr);