Sun Feb 9 13:47:10 2014 UTC ()
adopt the socket.recvfrom_into() security fix from Python-2.7
bump PKGREV


(drochner)
diff -r1.56 -r1.57 pkgsrc/lang/python26/Makefile
diff -r1.52 -r1.53 pkgsrc/lang/python26/distinfo
diff -r1.3 -r1.4 pkgsrc/lang/python26/patches/patch-ap
cvs diff -r1.56 -r1.57 pkgsrc/lang/python26/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/lang/python26/Attic/Makefile 2013/11/06 07:25:49 1.56
+++ pkgsrc/lang/python26/Attic/Makefile 2014/02/09 13:47:10 1.57
@@ -1,17 +1,19 @@ @@ -1,17 +1,19 @@
1# $NetBSD: Makefile,v 1.56 2013/11/06 07:25:49 adam Exp $ 1# $NetBSD: Makefile,v 1.57 2014/02/09 13:47:10 drochner Exp $
2 2
3.include "dist.mk" 3.include "dist.mk"
4 4
 5PKGREVISION= 1
 6
5PKGNAME= python26-${PY_DISTVERSION} 7PKGNAME= python26-${PY_DISTVERSION}
6CATEGORIES= lang python 8CATEGORIES= lang python
7 9
8MAINTAINER= pkgsrc-users@NetBSD.org 10MAINTAINER= pkgsrc-users@NetBSD.org
9HOMEPAGE= http://www.python.org/ 11HOMEPAGE= http://www.python.org/
10COMMENT= Interpreted, interactive, object-oriented programming language 12COMMENT= Interpreted, interactive, object-oriented programming language
11LICENSE= python-software-foundation 13LICENSE= python-software-foundation
12 14
13CONFLICTS+= python-[0-9]* 15CONFLICTS+= python-[0-9]*
14 16
15GNU_CONFIGURE= yes 17GNU_CONFIGURE= yes
16CONFIGURE_ARGS+= --with-threads 18CONFIGURE_ARGS+= --with-threads
17CONFIGURE_ARGS+= --enable-shared 19CONFIGURE_ARGS+= --enable-shared
cvs diff -r1.52 -r1.53 pkgsrc/lang/python26/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/lang/python26/Attic/distinfo 2013/11/06 07:25:49 1.52
+++ pkgsrc/lang/python26/Attic/distinfo 2014/02/09 13:47:10 1.53
@@ -1,30 +1,30 @@ @@ -1,30 +1,30 @@
1$NetBSD: distinfo,v 1.52 2013/11/06 07:25:49 adam Exp $ 1$NetBSD: distinfo,v 1.53 2014/02/09 13:47:10 drochner Exp $
2 2
3SHA1 (Python-2.6.9.tar.xz) = 2fc159946dfcceffbe4a8638de32d0cd8059c2f8 3SHA1 (Python-2.6.9.tar.xz) = 2fc159946dfcceffbe4a8638de32d0cd8059c2f8
4RMD160 (Python-2.6.9.tar.xz) = 42edf7c9f2f64b77ab173de30ea453257c2c06b3 4RMD160 (Python-2.6.9.tar.xz) = 42edf7c9f2f64b77ab173de30ea453257c2c06b3
5Size (Python-2.6.9.tar.xz) = 9333664 bytes 5Size (Python-2.6.9.tar.xz) = 9333664 bytes
6SHA1 (patch-Lib_distutils_unixccompiler.py) = 1ce01fbe2d36cf0c7ce347c878cfe2d290ec8490 6SHA1 (patch-Lib_distutils_unixccompiler.py) = 1ce01fbe2d36cf0c7ce347c878cfe2d290ec8490
7SHA1 (patch-Mac_Modules_fm___Fmmodule.c) = b9314bccb51b4fe672b81559068f7a79d2965f94 7SHA1 (patch-Mac_Modules_fm___Fmmodule.c) = b9314bccb51b4fe672b81559068f7a79d2965f94
8SHA1 (patch-Mac_Modules_qd___Qdmodule.c) = 45c748b15b9436d45ba137460389638aa7108c8d 8SHA1 (patch-Mac_Modules_qd___Qdmodule.c) = 45c748b15b9436d45ba137460389638aa7108c8d
9SHA1 (patch-Mac_Modules_qdoffs___Qdoffsmodule.c) = 9994f0c1a908f18f1f3df3f05b184f082c018365 9SHA1 (patch-Mac_Modules_qdoffs___Qdoffsmodule.c) = 9994f0c1a908f18f1f3df3f05b184f082c018365
10SHA1 (patch-Modules_pyexpat.c) = 093f5abb50667e776c66564f4ec87addfdc05ff3 10SHA1 (patch-Modules_pyexpat.c) = 093f5abb50667e776c66564f4ec87addfdc05ff3
11SHA1 (patch-SA43463) = a0285ce9eb1d994bb05cd54812f3fc9cb678fe7f 11SHA1 (patch-SA43463) = a0285ce9eb1d994bb05cd54812f3fc9cb678fe7f
12SHA1 (patch-aa) = 0528fc5da76d5f1d19586ea3dda1acd09a4b0113 12SHA1 (patch-aa) = 0528fc5da76d5f1d19586ea3dda1acd09a4b0113
13SHA1 (patch-ab) = b47aa9d18a7c1a99ac8cc8b29c64867443f303e5 13SHA1 (patch-ab) = b47aa9d18a7c1a99ac8cc8b29c64867443f303e5
14SHA1 (patch-ac) = 57c88d47f82630e67bcd27ab61bf4362035da2f2 14SHA1 (patch-ac) = 57c88d47f82630e67bcd27ab61bf4362035da2f2
15SHA1 (patch-ad) = a997e39d16a8f0023125362b180d19ee97ab519b 15SHA1 (patch-ad) = a997e39d16a8f0023125362b180d19ee97ab519b
16SHA1 (patch-ae) = a6d578b5f12eb42fbbcc11791576d2686a4807d9 16SHA1 (patch-ae) = a6d578b5f12eb42fbbcc11791576d2686a4807d9
17SHA1 (patch-ah) = 501d220b41e578402f3400fe88e582aa2408a147 17SHA1 (patch-ah) = 501d220b41e578402f3400fe88e582aa2408a147
18SHA1 (patch-al) = 45dd16af8e7a45aa323138f712c034aa79a91019 18SHA1 (patch-al) = 45dd16af8e7a45aa323138f712c034aa79a91019
19SHA1 (patch-am) = 380dfaa8ca90532a52dcca972e34965f6e64fce1 19SHA1 (patch-am) = 380dfaa8ca90532a52dcca972e34965f6e64fce1
20SHA1 (patch-an) = 17b4e17b3b562c29a050e9bb20447084ce82b8ab 20SHA1 (patch-an) = 17b4e17b3b562c29a050e9bb20447084ce82b8ab
21SHA1 (patch-ao) = 8c6a156b0f0c2a6d319658477fff348e6a0c3603 21SHA1 (patch-ao) = 8c6a156b0f0c2a6d319658477fff348e6a0c3603
22SHA1 (patch-ap) = d23a869a449ab9dc166cfa149913b20c9acad9cb 22SHA1 (patch-ap) = 5ad6f248027be369bd27f69210ff3c7b97a297a2
23SHA1 (patch-au) = 230d74342997021e957105786e93600f5d03cf7b 23SHA1 (patch-au) = 230d74342997021e957105786e93600f5d03cf7b
24SHA1 (patch-av) = d6bf0419015656a8d2f13d3132873e453c8a6b6e 24SHA1 (patch-av) = d6bf0419015656a8d2f13d3132873e453c8a6b6e
25SHA1 (patch-az) = 473419352f6e1ff3c6e6268e81457e6f8a1fccb8 25SHA1 (patch-az) = 473419352f6e1ff3c6e6268e81457e6f8a1fccb8
26SHA1 (patch-ba) = 97dcf72d7380a2d257220669845c52a698165fcf 26SHA1 (patch-ba) = 97dcf72d7380a2d257220669845c52a698165fcf
27SHA1 (patch-bb) = 6cdd94dd1e69630159194c7c153b6c4e46c81456 27SHA1 (patch-bb) = 6cdd94dd1e69630159194c7c153b6c4e46c81456
28SHA1 (patch-bc) = 09aaa254a54109026bb262a949b4006235df7858 28SHA1 (patch-bc) = 09aaa254a54109026bb262a949b4006235df7858
29SHA1 (patch-pyconfig.h.in) = ad0f7d60886849e58a03fb28bb6c5ba0600c4698 29SHA1 (patch-pyconfig.h.in) = ad0f7d60886849e58a03fb28bb6c5ba0600c4698
30SHA1 (patch-xa) = 25f02b03f1c5534e1d839a5489d5a046071f32c0 30SHA1 (patch-xa) = 25f02b03f1c5534e1d839a5489d5a046071f32c0
cvs diff -r1.3 -r1.4 pkgsrc/lang/python26/patches/Attic/patch-ap (expand / switch to unified diff)

--- pkgsrc/lang/python26/patches/Attic/patch-ap 2010/09/04 05:12:00 1.3
+++ pkgsrc/lang/python26/patches/Attic/patch-ap 2014/02/09 13:47:10 1.4
@@ -1,16 +1,20 @@ @@ -1,16 +1,20 @@
1$NetBSD: patch-ap,v 1.3 2010/09/04 05:12:00 obache Exp $ 1$NetBSD: patch-ap,v 1.4 2014/02/09 13:47:10 drochner Exp $
2 2
3--- Modules/socketmodule.c.orig 2010-05-23 15:22:08.000000000 +0000 3Fix vulnerability reported in SA56624. Patch taken from here:
 4
 5http://hg.python.org/cpython/rev/87673659d8f7
 6
 7--- Modules/socketmodule.c.orig 2014-02-09 12:58:52.000000000 +0000
4+++ Modules/socketmodule.c 8+++ Modules/socketmodule.c
5@@ -379,7 +379,7 @@ const char *inet_ntop(int af, const void 9@@ -379,7 +379,7 @@ const char *inet_ntop(int af, const void
6 #define SOCKETCLOSE close 10 #define SOCKETCLOSE close
7 #endif 11 #endif
8  12
9-#if defined(HAVE_BLUETOOTH_H) || defined(HAVE_BLUETOOTH_BLUETOOTH_H) && !defined(__NetBSD__) 13-#if defined(HAVE_BLUETOOTH_H) || defined(HAVE_BLUETOOTH_BLUETOOTH_H) && !defined(__NetBSD__)
10+#if defined(HAVE_BLUETOOTH_H) || defined(HAVE_BLUETOOTH_BLUETOOTH_H) && !defined(__NetBSD__) && !defined(__DragonFly__) 14+#if defined(HAVE_BLUETOOTH_H) || defined(HAVE_BLUETOOTH_BLUETOOTH_H) && !defined(__NetBSD__) && !defined(__DragonFly__)
11 #define USE_BLUETOOTH 1 15 #define USE_BLUETOOTH 1
12 #if defined(__FreeBSD__) 16 #if defined(__FreeBSD__)
13 #define BTPROTO_L2CAP BLUETOOTH_PROTO_L2CAP 17 #define BTPROTO_L2CAP BLUETOOTH_PROTO_L2CAP
14@@ -393,11 +393,13 @@ const char *inet_ntop(int af, const void 18@@ -393,11 +393,13 @@ const char *inet_ntop(int af, const void
15 #define _BT_L2_MEMB(sa, memb) ((sa)->l2cap_##memb) 19 #define _BT_L2_MEMB(sa, memb) ((sa)->l2cap_##memb)
16 #define _BT_RC_MEMB(sa, memb) ((sa)->rfcomm_##memb) 20 #define _BT_RC_MEMB(sa, memb) ((sa)->rfcomm_##memb)
@@ -56,27 +60,38 @@ $NetBSD: patch-ap,v 1.3 2010/09/04 05:12 @@ -56,27 +60,38 @@ $NetBSD: patch-ap,v 1.3 2010/09/04 05:12
56+ if (setbdaddr(straddr, &_BT_HCI_MEMB(addr, bdaddr)) < 0) 60+ if (setbdaddr(straddr, &_BT_HCI_MEMB(addr, bdaddr)) < 0)
57+ return 0; 61+ return 0;
58+#else 62+#else
59 _BT_HCI_MEMB(addr, family) = AF_BLUETOOTH; 63 _BT_HCI_MEMB(addr, family) = AF_BLUETOOTH;
60 if (!PyArg_ParseTuple(args, "i", &_BT_HCI_MEMB(addr, dev))) { 64 if (!PyArg_ParseTuple(args, "i", &_BT_HCI_MEMB(addr, dev))) {
61 PyErr_SetString(socket_error, "getsockaddrarg: " 65 PyErr_SetString(socket_error, "getsockaddrarg: "
62 "wrong format"); 66 "wrong format");
63 return 0; 67 return 0;
64 } 68 }
65+#endif 69+#endif
66 *len_ret = sizeof *addr; 70 *len_ret = sizeof *addr;
67 return 1; 71 return 1;
68 } 72 }
69@@ -4588,9 +4607,13 @@ init_socket(void) 73@@ -2625,6 +2644,10 @@ sock_recvfrom_into(PySocketSockObject *s
 74 if (recvlen == 0) {
 75 /* If nbytes was not specified, use the buffer's length */
 76 recvlen = buflen;
 77+ } else if (recvlen > buflen) {
 78+ PyErr_SetString(PyExc_ValueError,
 79+ "nbytes is greater than the length of the buffer");
 80+ return NULL;
 81 }
 82
 83 readlen = sock_recvfrom_guts(s, buf, recvlen, flags, &addr);
 84@@ -4588,9 +4611,13 @@ init_socket(void)
70 PyModule_AddIntConstant(m, "BTPROTO_L2CAP", BTPROTO_L2CAP); 85 PyModule_AddIntConstant(m, "BTPROTO_L2CAP", BTPROTO_L2CAP);
71 PyModule_AddIntConstant(m, "BTPROTO_HCI", BTPROTO_HCI); 86 PyModule_AddIntConstant(m, "BTPROTO_HCI", BTPROTO_HCI);
72 PyModule_AddIntConstant(m, "SOL_HCI", SOL_HCI); 87 PyModule_AddIntConstant(m, "SOL_HCI", SOL_HCI);
73+#if !defined(__NetBSD__) && !defined(__DragonFly__) 88+#if !defined(__NetBSD__) && !defined(__DragonFly__)
74 PyModule_AddIntConstant(m, "HCI_FILTER", HCI_FILTER); 89 PyModule_AddIntConstant(m, "HCI_FILTER", HCI_FILTER);
75+#endif 90+#endif
76 #if !defined(__FreeBSD__) 91 #if !defined(__FreeBSD__)
77+#if !defined(__NetBSD__) && !defined(__DragonFly__) 92+#if !defined(__NetBSD__) && !defined(__DragonFly__)
78 PyModule_AddIntConstant(m, "HCI_TIME_STAMP", HCI_TIME_STAMP); 93 PyModule_AddIntConstant(m, "HCI_TIME_STAMP", HCI_TIME_STAMP);
79+#endif 94+#endif
80 PyModule_AddIntConstant(m, "HCI_DATA_DIR", HCI_DATA_DIR); 95 PyModule_AddIntConstant(m, "HCI_DATA_DIR", HCI_DATA_DIR);
81 PyModule_AddIntConstant(m, "BTPROTO_SCO", BTPROTO_SCO); 96 PyModule_AddIntConstant(m, "BTPROTO_SCO", BTPROTO_SCO);
82 #endif 97 #endif