[perl-CGI-Simple/el5/master] patch for randomizing boundary (bz 658973)

Tom Callaway spot at fedoraproject.org
Wed Dec 1 18:49:31 UTC 2010 

commit 8134c999dfc664467a88704d496c0b3052f9965c
Author: Tom "spot" Callaway <tcallawa at redhat.com>
Date:   Wed Dec 1 13:49:55 2010 -0500

    patch for randomizing boundary (bz 658973)

 perl-CGI-Simple-boundary-fix.patch |   54 ++++++++++++++++++++++++++++++++++++
 perl-CGI-Simple.spec               |   52 ++++++++++++++++++++++++++++++----
 sources                            |    2 +-
 3 files changed, 100 insertions(+), 8 deletions(-)
---
diff --git a/perl-CGI-Simple-boundary-fix.patch b/perl-CGI-Simple-boundary-fix.patch
new file mode 100644
index 0000000..4b1f8db
--- /dev/null
+++ b/perl-CGI-Simple-boundary-fix.patch
@@ -0,0 +1,54 @@
+diff -up CGI-Simple-1.112/lib/CGI/Simple.pm.boundary-fix CGI-Simple-1.112/lib/CGI/Simple.pm
+--- CGI-Simple-1.112/lib/CGI/Simple.pm.boundary-fix	2009-05-31 06:43:05.000000000 -0400
++++ CGI-Simple-1.112/lib/CGI/Simple.pm	2010-12-01 13:25:51.647803001 -0500
+@@ -1105,7 +1105,14 @@ sub multipart_init {
+   my ( $self, @p ) = @_;
+   use CGI::Simple::Util qw(rearrange);
+   my ( $boundary, @other ) = rearrange( ['BOUNDARY'], @p );
+-  $boundary = $boundary || '------- =_aaaaaaaaaa0';
++  if (!$boundary) {
++      $boundary = '------- =_';
++      my @chrs = ('0'..'9', 'A'..'Z', 'a'..'z');
++      for (1..17) {
++          $boundary .= $chrs[rand(scalar @chrs)];
++      }
++  }
++
+   my $CRLF = $self->crlf;    # get CRLF sequence
+   my $warning
+    = "WARNING: YOUR BROWSER DOESN'T SUPPORT THIS SERVER-PUSH TECHNOLOGY.";
+diff -up CGI-Simple-1.112/t/050.simple.t.boundary-fix CGI-Simple-1.112/t/050.simple.t
+--- CGI-Simple-1.112/t/050.simple.t.boundary-fix	2010-12-01 13:46:01.565803000 -0500
++++ CGI-Simple-1.112/t/050.simple.t	2010-12-01 13:46:30.965803001 -0500
+@@ -945,10 +945,11 @@ $q = new CGI::Simple;
+ $sv = $q->multipart_init();
+ like(
+   $sv,
+-  qr|Content-Type: multipart/x-mixed-replace;boundary="------- =_aaaaaaaaaa0"|,
++  qr|Content-Type: multipart/x-mixed-replace;boundary="------- =_[a-zA-Z0-9]{17}"|,
+   'multipart_init(), 1'
+ );
+-like( $sv, qr/--------- =_aaaaaaaaaa0$CRLF/, 'multipart_init(), 2' );
++like( $sv, qr/--------- =_[a-zA-Z0-9]{17}$CRLF/,
++  'multipart_init(), 2' );
+ $sv = $q->multipart_init( 'this_is_the_boundary' );
+ like( $sv, qr/boundary="this_is_the_boundary"/, 'multipart_init(), 3' );
+ $sv = $q->multipart_init( -boundary => 'this_is_another_boundary' );
+diff -up CGI-Simple-1.112/t/070.standard.t.boundary-fix CGI-Simple-1.112/t/070.standard.t
+--- CGI-Simple-1.112/t/070.standard.t.boundary-fix	2010-12-01 13:46:46.365803003 -0500
++++ CGI-Simple-1.112/t/070.standard.t	2010-12-01 13:47:20.993803003 -0500
+@@ -953,10 +953,12 @@ restore_parameters();
+ $sv = multipart_init();
+ like(
+   $sv,
+-  qr|Content-Type: multipart/x-mixed-replace;boundary="------- =_aaaaaaaaaa0"|,
++  qr|Content-Type: multipart/x-mixed-replace;boundary="------- =_[a-zA-Z0-9]{17}"|,
+   'multipart_init(), 1'
+ );
+-like( $sv, qr/--------- =_aaaaaaaaaa0$CRLF/, 'multipart_init(), 2' );
++
++like( $sv, qr/--------- =_[a-zA-Z0-9]{17}$CRLF/,
++  'multipart_init(), 2' );
+ $sv = multipart_init( 'this_is_the_boundary' );
+ like( $sv, qr/boundary="this_is_the_boundary"/, 'multipart_init(), 3' );
+ $sv = multipart_init( -boundary => 'this_is_another_boundary' );
diff --git a/perl-CGI-Simple.spec b/perl-CGI-Simple.spec
index 6649312..cc9748a 100644
--- a/perl-CGI-Simple.spec
+++ b/perl-CGI-Simple.spec
@@ -1,25 +1,30 @@
 Name:           perl-CGI-Simple
-Version:        0.077
-Release:        7%{?dist}
+Version:        1.112
+Release:        2%{?dist}
 Summary:        Simple totally OO CGI interface that is CGI.pm compliant
 Group:          Development/Libraries
 License:        GPL+ or Artistic
-URL:            http://search.cpan.org/dist/Cgi-Simple/
-Source0:        http://search.cpan.org/CPAN/authors/id/J/JF/JFREEMAN/Cgi-Simple-%{version}.tar.gz
+URL:            http://search.cpan.org/dist/CGI-Simple/
+Source0:        http://search.cpan.org/CPAN/authors/id/A/AN/ANDYA/CGI-Simple-%{version}.tar.gz
+# https://github.com/AndyA/CGI--Simple/commit/e4942b871a26c1317a175a91ebb7262eea59b380
+Patch0:		perl-CGI-Simple-boundary-fix.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildArch:      noarch
+BuildRequires:  perl(ExtUtils::MakeMaker), perl(Test::More), perl(IO::Scalar)
 Requires:  perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
 
 %description
 %{summary}.
 
 %prep
-%setup -q -n Cgi-Simple-%{version}
-chmod -x Changes README cgi-simple_vs_cgi-pm.html Simple.pm Simple/*.pm
+%setup -q -n CGI-Simple-%{version}
+%patch0 -p1 -b .boundary-fix
+chmod -x Changes README
 perldoc -t perlartistic > Artistic
 perldoc -t perlgpl > COPYING
 
+
 %build
 %{__perl} Makefile.PL INSTALLDIRS=vendor
 make 
@@ -39,12 +44,45 @@ rm -rf $RPM_BUILD_ROOT
 
 %files
 %defattr(-,root,root,-)
-%doc Artistic COPYING Changes README cgi-simple_vs_cgi-pm.html
+%doc Artistic COPYING Changes README
 %{perl_vendorlib}/CGI
 %{_mandir}/man3/*.3*
 
 
 %changelog
+* Wed Dec  1 2010 Tom "spot" Callaway <tcallawa at redhat.com> - 1.112-2
+- patch for randomizing boundary (bz 658973)
+
+* Mon Jul 12 2010 Tom "spot" Callaway <tcallawa at redhat.com> - 1.112-1
+- update to 1.112
+
+* Fri Apr 30 2010 Marcela Maslanova <mmaslano at redhat.com> - 1.108-4
+- Mass rebuild with perl-5.12.0
+
+* Mon Dec  7 2009 Stepan Kasal <skasal at redhat.com> - 1.108-3
+- rebuild against perl 5.10.1
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.108-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Fri Mar 13 2009 Tom "spot" Callaway <tcallawa at redhat.com> 1.108-1
+- update to 1.108
+
+* Thu Feb 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.103-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Tue Feb  5 2008 Tom "spot" Callaway <tcallawa at redhat.com> 1.103-3
+- rebuild for new perl
+
+* Wed Nov 28 2007 Tom "spot" Callaway <tcallawa at redhat.com> 1.103-2
+- BR Test::More
+
+* Wed Nov 28 2007 Tom "spot" Callaway <tcallawa at redhat.com> 1.103-1
+- bump to 1.103
+
+* Mon Oct 15 2007 Tom "spot" Callaway <tcallawa at redhat.com> 0.077-8
+- add BR: perl(ExtUtils::MakeMaker)
+
 * Fri Aug 24 2007 Tom "spot" Callaway <tcallawa at redhat.com> 0.077-7
 - license fix
 
diff --git a/sources b/sources
index c547b9b..cbff1fd 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-5b947fe84b30a2c8ed050550f73b39a9  Cgi-Simple-0.077.tar.gz
+6a59dd252317b94fffe0aa3fdae206c7  CGI-Simple-1.112.tar.gz

More information about the perl-devel mailing list