Tue Feb 11 05:52:56 2014 UTC ()

Fixes SA56624, taken from upstream.

Bump PKGREVISION.


(obache)

diff -r1.13 -r1.14 pkgsrc/lang/python33/Makefile
diff -r1.7 -r1.8 pkgsrc/lang/python33/distinfo
diff -r0 -r1.1 pkgsrc/lang/python33/patches/patch-Modules_socketmodule.c

--- pkgsrc/lang/python33/Attic/Makefile 2013/11/21 14:06:43 1.13
+++ pkgsrc/lang/python33/Attic/Makefile 2014/02/11 05:52:56 1.14

 @@ -1,18 +1,19 @@
-# $NetBSD: Makefile,v 1.13 2013/11/21 14:06:43 adam Exp $
+# $NetBSD: Makefile,v 1.14 2014/02/11 05:52:56 obache Exp $
 .include "dist.mk"
 PKGNAME=	python33-${PY_DISTVERSION}
 PKGREVISION=	1
 CATEGORIES=	lang python
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://www.python.org/
 COMMENT=	Interpreted, interactive, object-oriented programming language
 LICENSE=	python-software-foundation
 CONFLICTS+=	python-[0-9]*
 GNU_CONFIGURE=		yes
 CONFIGURE_ARGS+=	--with-threads
 CONFIGURE_ARGS+=	--enable-shared
 CONFIGURE_ARGS+=	OPT=${CFLAGS:M*:Q}

--- pkgsrc/lang/python33/Attic/distinfo 2013/11/21 14:06:43 1.7
+++ pkgsrc/lang/python33/Attic/distinfo 2014/02/11 05:52:56 1.8

 @@ -1,18 +1,19 @@
-$NetBSD: distinfo,v 1.7 2013/11/21 14:06:43 adam Exp $
+$NetBSD: distinfo,v 1.8 2014/02/11 05:52:56 obache Exp $
 SHA1 (Python-3.3.3.tar.xz) = af4e75a34bd538c79b9871227c2e7f56569ac107
 RMD160 (Python-3.3.3.tar.xz) = 62e262879f871fc2e9c5b3e85debd51c2691ca32
 Size (Python-3.3.3.tar.xz) = 12057744 bytes
 SHA1 (patch-Lib_distutils_unixccompiler.py) = 39cb8d1e1e3e76e2b6b5dbc1a6b5e0815300b2ce
 SHA1 (patch-Modules_socketmodule.c) = 789b05d27f5821ee9968dacd4dedc9133cc73775
 SHA1 (patch-aa) = 99ebcbbfc53b855a32b424dec27012e1e969c3d0
 SHA1 (patch-ab) = 1c0a25bf7ec6ee76e84c799619ec7cd8910f16e1
 SHA1 (patch-ah) = bb43aaab260935a5a0d5e7ce1ccc30f4832cab1d
 SHA1 (patch-al) = e5438d1bbc20cc85521b3570710846cf4a070ae1
 SHA1 (patch-am) = 9712e33cf8e3c04a9bc0e89be4fb571790e26e4e
 SHA1 (patch-an) = 933acde107b735931d26ace4eef251000b9f07ba
 SHA1 (patch-ao) = dc524b08634c23c25227bd03e221dab0ff2a03f3
 SHA1 (patch-au) = c892f1004eb32e9608f93c08ec6f94e16bdca182
 SHA1 (patch-av) = 9b44f339f65f029b7f17dbc654739a7ae3c12780
 SHA1 (patch-aw) = 598e4710c426110012048946786a6d72f050e0fc
 SHA1 (patch-pyconfig.h.in) = 7ebc0ed9ca9a37c5a6c8e04cc3f7fca4a5c90e8c
 SHA1 (patch-xa) = fb81eaa604b4ed7c1b64c3f4731d58a8aee257be

$NetBSD: patch-Modules_socketmodule.c,v 1.1 2014/02/11 05:52:56 obache Exp $

* Fix vulnerability reported in SA56624, taken from upstream:
  http://hg.python.org/cpython/rev/7f176a45211f/

--- Modules/socketmodule.c.orig	2013-11-17 07:23:02.000000000 +0000
+++ Modules/socketmodule.c
@@ -2935,6 +2935,11 @@ sock_recvfrom_into(PySocketSockObject *s
     if (recvlen == 0) {
         /* If nbytes was not specified, use the buffer's length */
         recvlen = buflen;
+    } else if (recvlen > buflen) {
+        PyBuffer_Release(&pbuf);
+        PyErr_SetString(PyExc_ValueError,
+                        "nbytes is greater than the length of the buffer");
+        return NULL;
     }
 
     readlen = sock_recvfrom_guts(s, buf, recvlen, flags, &addr);