October 2009 - Ocaml-devel - Fedora Mailing-Lists

[Bug 531019] New: Wrong dependency for cduce

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: Wrong dependency for cduce https://bugzilla.redhat.com/show_bug.cgi?id=531019 Summary: Wrong dependency for cduce Product: Fedora Version: 11 Platform: All OS/Version: Linux Status: NEW Severity: high Priority: low Component: cduce AssignedTo: rjones(a)redhat.com ReportedBy: gc(a)pps.jussieu.fr QAContact: extras-qa(a)fedoraproject.org CC: rjones(a)redhat.com, fedora-ocaml-list(a)redhat.com Classification: Fedora Description of problem: The cduce binary in the distribution (i586) is compiled for libcurl.so.3 while the package libcurl-7.19.6-1.fc11.i586 provides libcurl.so.4 Version-Release number of selected component (if applicable): cduce-0.5.2.1-14 How reproducible: Call cduce toplevel and you obtain cduce: error while loading shared libraries: libcurl.so.3: cannot open shared object file: No such file or directory Additional info: cduce 0.5.3 is out -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

14 years, 5 months

1
12
0 / 0

rpms/ocaml/devel ocaml.spec,1.61,1.62

by Richard W.M. Jones

Author: rjones Update of /cvs/pkgs/rpms/ocaml/devel In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv5985 Modified Files: ocaml.spec Log Message: Install ocaml.info files correctly (RHBZ#531204). Index: ocaml.spec =================================================================== RCS file: /cvs/pkgs/rpms/ocaml/devel/ocaml.spec,v retrieving revision 1.61 retrieving revision 1.62 diff -u -p -r1.61 -r1.62 --- ocaml.spec 16 Oct 2009 15:31:50 -0000 1.61 +++ ocaml.spec 27 Oct 2009 10:02:04 -0000 1.62 @@ -2,7 +2,7 @@ Name: ocaml Version: 3.11.1 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Objective Caml compiler and programming environment @@ -271,8 +271,8 @@ rm -rf $RPM_BUILD_ROOT %post docs /sbin/install-info \ - --entry "* ocaml: (ocaml). The Objective Caml compiler and programming environment" \ - --section "Programming Languages" \ + --entry="* ocaml: (ocaml). The Objective Caml compiler and programming environment" \ + --section="Programming Languages" \ %{_infodir}/%{name}.info \ %{_infodir}/dir 2>/dev/null || : @@ -451,6 +451,9 @@ fi %changelog +* Tue Oct 27 2009 Richard W.M. Jones <rjones(a)redhat.com> - 3.11.1-5 +- Install ocaml.info files correctly (RHBZ#531204). + * Fri Oct 16 2009 Richard W.M. Jones <rjones(a)redhat.com> - 3.11.1-4 - Set includes so building the *info programs works without having OCaml already installed.

14 years, 6 months

1
0
0 / 0

rpms/cduce/F-11 cduce.spec,1.12,1.13

by Richard W.M. Jones

Author: rjones Update of /cvs/pkgs/rpms/cduce/F-11 In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv18372 Modified Files: cduce.spec Log Message: Bump to fix broken dependency (RHBZ#531019). Index: cduce.spec =================================================================== RCS file: /cvs/pkgs/rpms/cduce/F-11/cduce.spec,v retrieving revision 1.12 retrieving revision 1.13 diff -u -p -r1.12 -r1.13 --- cduce.spec 17 Jun 2009 10:44:43 -0000 1.12 +++ cduce.spec 26 Oct 2009 17:48:11 -0000 1.13 @@ -8,7 +8,7 @@ Name: cduce Version: 0.5.2.1 -Release: 14%{?dist}.1 +Release: 14%{?dist}.2 Summary: Modern XML-oriented functional language Group: Development/Libraries @@ -165,6 +165,9 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Mon Oct 26 2009 Richard W.M. Jones <rjones(a)redhat.com> - 0.5.2.1-14.2 +- Bump to fix broken dependency (RHBZ#531019). + * Wed Jun 17 2009 S390x secondary arch maintainer <fedora-s390x(a)lists.fedoraproject.org> 0.5.2.1-14.1 - ExcludeArch s390, s390x as we don't have OCaml on those archs

14 years, 6 months

1
0
0 / 0

[Bug 521324] New: cil.mli is missing from ocaml-cil-devel

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: cil.mli is missing from ocaml-cil-devel https://bugzilla.redhat.com/show_bug.cgi?id=521324 Summary: cil.mli is missing from ocaml-cil-devel Product: Fedora Version: rawhide Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: low Component: ocaml-cil AssignedTo: rjones(a)redhat.com ReportedBy: loganjerry(a)gmail.com QAContact: extras-qa(a)fedoraproject.org CC: rjones(a)redhat.com, fedora-ocaml-list(a)redhat.com Classification: Fedora Description of problem: The files cil.ml and cil.mli should be in the ocaml-cil-devel package, but are not. Version-Release number of selected component (if applicable): ocaml-cil-devel-1.3.7-2.fc12.x86_64 How reproducible: N/A Steps to Reproduce: 1. 2. 3. Actual results: N/A Expected results: N/A Additional info: -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

14 years, 6 months

1
4
0 / 0

rpms/ocaml-cil/devel ocaml-cil.spec,1.11,1.12

by Richard W.M. Jones

Author: rjones Update of /cvs/pkgs/rpms/ocaml-cil/devel In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv8094 Modified Files: ocaml-cil.spec Log Message: Include natively compiled files and *.mli files (RHBZ#521324). Index: ocaml-cil.spec =================================================================== RCS file: /cvs/pkgs/rpms/ocaml-cil/devel/ocaml-cil.spec,v retrieving revision 1.11 retrieving revision 1.12 diff -u -p -r1.11 -r1.12 --- ocaml-cil.spec 25 Jul 2009 19:53:25 -0000 1.11 +++ ocaml-cil.spec 23 Oct 2009 08:23:11 -0000 1.12 @@ -6,7 +6,7 @@ Name: ocaml-cil Version: 1.3.7 -Release: 2%{?dist} +Release: 3%{?dist} Summary: CIL - Infrastructure for C Program Analysis and Transformation Group: Development/Libraries @@ -96,7 +96,7 @@ for gcc. %build -make +make RELEASE=1 make quicktest cat > META <<EOF @@ -137,7 +137,8 @@ export OCAMLFIND_DESTDIR=$RPM_BUILD_ROOT mkdir -p $DESTDIR%{perl_vendorlib} install -m 0644 lib/*.pm bin/CilConfig.pm $DESTDIR%{perl_vendorlib} mkdir -p $OCAMLFIND_DESTDIR -ocamlfind install cil META obj/$archos/*.{ml,mli,cmi,cmo,cmx,cma,cmxa,o,a} +ocamlfind install cil META obj/$archos/*.{ml,mli,cmi,cmo,cmx,cma,cmxa,o,a} \ + src/*.mli mkdir -p $DESTDIR%{_bindir} install -m 0755 bin/cilly $DESTDIR%{_bindir} @@ -195,6 +196,9 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Fri Oct 23 2009 Richard W.M. Jones <rjones(a)redhat.com> - 1.3.7-3 +- Include natively compiled files and *.mli files (RHBZ#521324). + * Sat Jul 25 2009 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.3.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

14 years, 6 months

1
0
0 / 0

rpms/ocaml/devel ocaml.spec,1.60,1.61

by Richard W.M. Jones

Author: rjones Update of /cvs/pkgs/rpms/ocaml/devel In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv2666 Modified Files: ocaml.spec Log Message: - Set includes so building the *info programs works without having OCaml already installed. Index: ocaml.spec =================================================================== RCS file: /cvs/pkgs/rpms/ocaml/devel/ocaml.spec,v retrieving revision 1.60 retrieving revision 1.61 diff -u -p -r1.60 -r1.61 --- ocaml.spec 16 Oct 2009 14:55:32 -0000 1.60 +++ ocaml.spec 16 Oct 2009 15:31:50 -0000 1.61 @@ -2,7 +2,7 @@ Name: ocaml Version: 3.11.1 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Objective Caml compiler and programming environment @@ -220,9 +220,10 @@ make -C emacs ocamltags # Currently these tools are supplied by Debian, but are expected # to go upstream at some point. cp %{SOURCE6} %{SOURCE7} . -boot/ocamlrun ./ocamlc -I otherlibs/dynlink dynlinkaux.cmo ocamlbyteinfo.ml -o ocamlbyteinfo +includes="-nostdlib -I stdlib -I utils -I parsing -I typing -I bytecomp -I asmcomp -I driver -I otherlibs/unix -I otherlibs/str -I otherlibs/dynlink" +boot/ocamlrun ./ocamlc $includes dynlinkaux.cmo ocamlbyteinfo.ml -o ocamlbyteinfo cp otherlibs/dynlink/natdynlink.ml . -boot/ocamlrun ./ocamlopt unix.cmxa str.cmxa natdynlink.ml ocamlplugininfo.ml -o ocamlplugininfo +boot/ocamlrun ./ocamlopt $includes unix.cmxa str.cmxa natdynlink.ml ocamlplugininfo.ml -o ocamlplugininfo %install @@ -450,6 +451,10 @@ fi %changelog +* Fri Oct 16 2009 Richard W.M. Jones <rjones(a)redhat.com> - 3.11.1-4 +- Set includes so building the *info programs works without + having OCaml already installed. + * Fri Oct 16 2009 Richard W.M. Jones <rjones(a)redhat.com> - 3.11.1-3 - Add ocamlbyteinfo and ocamlplugininfo programs from Debian.

14 years, 6 months

1
0
0 / 0

rpms/ocaml/devel ocamlbyteinfo.ml, NONE, 1.1 ocamlplugininfo.ml, NONE, 1.1 ocaml.spec, 1.59, 1.60

by Richard W.M. Jones

Author: rjones Update of /cvs/pkgs/rpms/ocaml/devel In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv23885 Modified Files: ocaml.spec Added Files: ocamlbyteinfo.ml ocamlplugininfo.ml Log Message: * Fri Oct 16 2009 Richard W.M. Jones <rjones(a)redhat.com> - 3.11.1-3 - Add ocamlbyteinfo and ocamlplugininfo programs from Debian. ***** Error reading new file: [Errno 2] No such file or directory: 'ocamlbyteinfo.ml' ***** Error reading new file: [Errno 2] No such file or directory: 'ocamlplugininfo.ml' Index: ocaml.spec =================================================================== RCS file: /cvs/pkgs/rpms/ocaml/devel/ocaml.spec,v retrieving revision 1.59 retrieving revision 1.60 diff -u -p -r1.59 -r1.60 --- ocaml.spec 4 Oct 2009 22:34:51 -0000 1.59 +++ ocaml.spec 16 Oct 2009 14:55:32 -0000 1.60 @@ -2,7 +2,7 @@ Name: ocaml Version: 3.11.1 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Objective Caml compiler and programming environment @@ -18,6 +18,11 @@ Source3: http://caml.inria.fr/dis Source4: ocaml-find-requires.sh Source5: ocaml-find-provides.sh +# Useful utilities from Debian, and sent upstream. +# http://git.debian.org/?p=pkg-ocaml-maint/packages/ocaml.git;a=tree;f=debi... +Source6: ocamlbyteinfo.ml +Source7: ocamlplugininfo.ml + Patch0: ocaml-3.11.0-rpath.patch Patch1: ocaml-user-cflags.patch @@ -212,6 +217,13 @@ make -C emacs ocamltags # make -C tools objinfo (cd tools; ../boot/ocamlrun ../ocamlopt -nostdlib -I ../stdlib -I ../utils -I ../parsing -I ../typing -I ../bytecomp -I ../asmcomp -I ../driver -o objinfo config.cmx objinfo.ml) +# Currently these tools are supplied by Debian, but are expected +# to go upstream at some point. +cp %{SOURCE6} %{SOURCE7} . +boot/ocamlrun ./ocamlc -I otherlibs/dynlink dynlinkaux.cmo ocamlbyteinfo.ml -o ocamlbyteinfo +cp otherlibs/dynlink/natdynlink.ml . +boot/ocamlrun ./ocamlopt unix.cmxa str.cmxa natdynlink.ml ocamlplugininfo.ml -o ocamlplugininfo + %install rm -rf $RPM_BUILD_ROOT @@ -248,6 +260,9 @@ echo %{version} > $RPM_BUILD_ROOT%{_libd # Remove rpaths from stublibs .so files. chrpath --delete $RPM_BUILD_ROOT%{_libdir}/ocaml/stublibs/*.so +install -m 0755 ocamlbyteinfo $RPM_BUILD_ROOT%{_bindir} +install -m 0755 ocamlplugininfo $RPM_BUILD_ROOT%{_bindir} + %clean rm -rf $RPM_BUILD_ROOT @@ -270,6 +285,7 @@ fi %files %defattr(-,root,root,-) %{_bindir}/ocaml +%{_bindir}/ocamlbyteinfo %{_bindir}/ocamlbuild %{_bindir}/ocamlbuild.byte %{_bindir}/ocamlbuild.native @@ -286,6 +302,7 @@ fi %{_bindir}/ocamlobjinfo %{_bindir}/ocamlopt %{_bindir}/ocamlopt.opt +%{_bindir}/ocamlplugininfo %{_bindir}/ocamlprof %{_bindir}/ocamlyacc %{_libdir}/ocaml/addlabels @@ -433,6 +450,9 @@ fi %changelog +* Fri Oct 16 2009 Richard W.M. Jones <rjones(a)redhat.com> - 3.11.1-3 +- Add ocamlbyteinfo and ocamlplugininfo programs from Debian. + * Sun Oct 4 2009 Richard W.M. Jones <rjones(a)redhat.com> - 3.11.1-2 - ocaml-find-requires.sh: Calculate runtime version using ocamlrun -version instead of fedora-ocaml-release file.

14 years, 6 months

1
0
0 / 0

rpms/ocaml-mysql/F-10 ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch, NONE, 1.1 ocaml-mysql.spec, 1.2, 1.3

by Richard W.M. Jones

Author: rjones Update of /cvs/pkgs/rpms/ocaml-mysql/F-10 In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19036 Modified Files: ocaml-mysql.spec Added Files: ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch Log Message: Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch: mysql.ml | 18 ++++++++++++------ mysql.mli | 5 +++++ mysql_stubs.c | 27 +++++++++++++++++++++++++++ 3 files changed, 44 insertions(+), 6 deletions(-) --- NEW FILE ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch --- diff -ur ocaml-mysql-1.0.4.orig/mysql.ml ocaml-mysql-1.0.4/mysql.ml --- ocaml-mysql-1.0.4.orig/mysql.ml 2006-02-23 22:13:22.000000000 +0000 +++ ocaml-mysql-1.0.4/mysql.ml 2009-10-16 11:42:08.074508283 +0100 @@ -333,6 +333,7 @@ external real_status : dbd -> int = "db_status" external errmsg : dbd -> string option = "db_errmsg" external escape : string -> string = "db_escape" +external real_escape: dbd -> string -> string = "db_real_escape" external fetch : result -> string option array option = "db_fetch" external to_row : result -> int64 -> unit = "db_to_row" external size : result -> int64 = "db_size" @@ -516,7 +517,9 @@ the corresponding type *) let ml2str str = "'" ^ escape str ^ "'" +let ml2rstr conn str = "'" ^ real_escape conn str ^ "'" let ml2blob = ml2str +let ml2rblob = ml2rstr let ml2int x = string_of_int x let ml2decimal x = x let ml322int x = Int32.to_string x @@ -524,12 +527,15 @@ let mlnative2int x = Nativeint.to_string x let ml2float x = string_of_float x let ml2enum x = escape x -let ml2set x = let rec loop arg = match arg with - | [] -> "" - | [x] -> escape x - | x::y::ys -> escape x ^ "," ^ loop (y::ys) - in - loop x +let ml2renum x = real_escape x +let ml2set_filter f x = + let rec loop f = function + | [] -> "" + | [x] -> f x + | x::y::ys -> f x ^ "," ^ loop f (y::ys) + in loop f x +let ml2set x = ml2set_filter escape x +let ml2rset conn x = ml2set_filter (real_escape conn) x let ml2datetimel ~year ~month ~day ~hour ~min ~sec = Printf.sprintf "'%04d-%02d-%02d %02d:%02d:%02d'" diff -ur ocaml-mysql-1.0.4.orig/mysql.mli ocaml-mysql-1.0.4/mysql.mli --- ocaml-mysql-1.0.4.orig/mysql.mli 2006-02-23 22:13:22.000000000 +0000 +++ ocaml-mysql-1.0.4/mysql.mli 2009-10-16 11:42:08.075507981 +0100 @@ -230,6 +230,7 @@ (** [escape str] returns the same string as [str] in MySQL syntax with special characters quoted to not confuse the MySQL parser *) val escape : string -> string +val real_escape : dbd -> string -> string (** [xxx2ml str] decodes a MySQL value of type xxx into a corresponding OCaml value *) @@ -277,14 +278,18 @@ (** [ml2xxx v] encodes [v] into MySQL syntax. *) val ml2str : string -> string +val ml2rstr : dbd -> string -> string val ml2blob : string -> string +val ml2rblob : dbd -> string -> string val ml2int : int -> string val ml2decimal : string -> string val ml322int : int32 -> string val ml642int : int64 -> string val ml2float : float -> string val ml2enum : string -> string +val ml2renum : dbd -> string -> string val ml2set : string list -> string +val ml2rset : dbd -> string list -> string val ml2datetime : int * int * int * int * int * int -> string val ml2datetimel : year:int -> month:int -> day:int -> hour:int -> min:int -> sec:int -> string val ml2date : int * int * int -> string diff -ur ocaml-mysql-1.0.4.orig/mysql_stubs.c ocaml-mysql-1.0.4/mysql_stubs.c --- ocaml-mysql-1.0.4.orig/mysql_stubs.c 2006-02-23 23:12:36.000000000 +0000 +++ ocaml-mysql-1.0.4/mysql_stubs.c 2009-10-16 11:42:08.076508492 +0100 @@ -472,6 +472,33 @@ CAMLreturn(res); } +EXTERNAL value +db_real_escape(value dbd, value str) +{ + CAMLparam2(dbd, str); + char *s; + char *buf; + int len, esclen; + MYSQL *mysql; + CAMLlocal1(res); + + check_dbd(dbd, "escape"); + mysql = DBDmysql(dbd); + + s = String_val(str); + len = string_length(str); + buf = (char*) stat_alloc(2*len+1); + caml_enter_blocking_section(); + esclen = mysql_real_escape_string(mysql,buf,s,len); + caml_leave_blocking_section(); + + res = alloc_string(esclen); + memcpy(String_val(res), buf, esclen); + stat_free(buf); + + CAMLreturn(res); +} + /* * db_size -- returns the size of the current result (number of rows). */ Index: ocaml-mysql.spec =================================================================== RCS file: /cvs/pkgs/rpms/ocaml-mysql/F-10/ocaml-mysql.spec,v retrieving revision 1.2 retrieving revision 1.3 diff -u -p -r1.2 -r1.3 --- ocaml-mysql.spec 23 Apr 2008 11:10:52 -0000 1.2 +++ ocaml-mysql.spec 16 Oct 2009 10:46:42 -0000 1.3 @@ -3,7 +3,7 @@ Name: ocaml-mysql Version: 1.0.4 -Release: 3%{?dist} +Release: 3%{?dist}.1 Summary: OCaml library for accessing MySQL databases Group: Development/Libraries @@ -12,6 +12,8 @@ URL: http://raevnos.pennmush. Source0: http://raevnos.pennmush.org/code/ocaml-mysql/ocaml-mysql-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Patch0: ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch + BuildRequires: ocaml >= 3.10.0 BuildRequires: ocaml-findlib-devel BuildRequires: ocaml-ocamldoc @@ -43,6 +45,7 @@ developing applications that use %{name} %prep %setup -q +%patch0 -p1 ./configure --libdir=%{_libdir} @@ -94,6 +97,9 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Fri Oct 16 2009 Richard W.M. Jones <rjones(a)redhat.com> - 1.0.4-3.fc10.1 +- Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). + * Wed Apr 23 2008 Richard W.M. Jones <rjones(a)redhat.com> - 1.0.4-3 - Rebuild for OCaml 3.10.2

14 years, 6 months

1
0
0 / 0

rpms/ocaml-mysql/F-11 ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch, NONE, 1.1 ocaml-mysql.spec, 1.7, 1.8

by Richard W.M. Jones

Author: rjones Update of /cvs/pkgs/rpms/ocaml-mysql/F-11 In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19002 Modified Files: ocaml-mysql.spec Added Files: ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch Log Message: Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch: mysql.ml | 18 ++++++++++++------ mysql.mli | 5 +++++ mysql_stubs.c | 27 +++++++++++++++++++++++++++ 3 files changed, 44 insertions(+), 6 deletions(-) --- NEW FILE ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch --- diff -ur ocaml-mysql-1.0.4.orig/mysql.ml ocaml-mysql-1.0.4/mysql.ml --- ocaml-mysql-1.0.4.orig/mysql.ml 2006-02-23 22:13:22.000000000 +0000 +++ ocaml-mysql-1.0.4/mysql.ml 2009-10-16 11:42:08.074508283 +0100 @@ -333,6 +333,7 @@ external real_status : dbd -> int = "db_status" external errmsg : dbd -> string option = "db_errmsg" external escape : string -> string = "db_escape" +external real_escape: dbd -> string -> string = "db_real_escape" external fetch : result -> string option array option = "db_fetch" external to_row : result -> int64 -> unit = "db_to_row" external size : result -> int64 = "db_size" @@ -516,7 +517,9 @@ the corresponding type *) let ml2str str = "'" ^ escape str ^ "'" +let ml2rstr conn str = "'" ^ real_escape conn str ^ "'" let ml2blob = ml2str +let ml2rblob = ml2rstr let ml2int x = string_of_int x let ml2decimal x = x let ml322int x = Int32.to_string x @@ -524,12 +527,15 @@ let mlnative2int x = Nativeint.to_string x let ml2float x = string_of_float x let ml2enum x = escape x -let ml2set x = let rec loop arg = match arg with - | [] -> "" - | [x] -> escape x - | x::y::ys -> escape x ^ "," ^ loop (y::ys) - in - loop x +let ml2renum x = real_escape x +let ml2set_filter f x = + let rec loop f = function + | [] -> "" + | [x] -> f x + | x::y::ys -> f x ^ "," ^ loop f (y::ys) + in loop f x +let ml2set x = ml2set_filter escape x +let ml2rset conn x = ml2set_filter (real_escape conn) x let ml2datetimel ~year ~month ~day ~hour ~min ~sec = Printf.sprintf "'%04d-%02d-%02d %02d:%02d:%02d'" diff -ur ocaml-mysql-1.0.4.orig/mysql.mli ocaml-mysql-1.0.4/mysql.mli --- ocaml-mysql-1.0.4.orig/mysql.mli 2006-02-23 22:13:22.000000000 +0000 +++ ocaml-mysql-1.0.4/mysql.mli 2009-10-16 11:42:08.075507981 +0100 @@ -230,6 +230,7 @@ (** [escape str] returns the same string as [str] in MySQL syntax with special characters quoted to not confuse the MySQL parser *) val escape : string -> string +val real_escape : dbd -> string -> string (** [xxx2ml str] decodes a MySQL value of type xxx into a corresponding OCaml value *) @@ -277,14 +278,18 @@ (** [ml2xxx v] encodes [v] into MySQL syntax. *) val ml2str : string -> string +val ml2rstr : dbd -> string -> string val ml2blob : string -> string +val ml2rblob : dbd -> string -> string val ml2int : int -> string val ml2decimal : string -> string val ml322int : int32 -> string val ml642int : int64 -> string val ml2float : float -> string val ml2enum : string -> string +val ml2renum : dbd -> string -> string val ml2set : string list -> string +val ml2rset : dbd -> string list -> string val ml2datetime : int * int * int * int * int * int -> string val ml2datetimel : year:int -> month:int -> day:int -> hour:int -> min:int -> sec:int -> string val ml2date : int * int * int -> string diff -ur ocaml-mysql-1.0.4.orig/mysql_stubs.c ocaml-mysql-1.0.4/mysql_stubs.c --- ocaml-mysql-1.0.4.orig/mysql_stubs.c 2006-02-23 23:12:36.000000000 +0000 +++ ocaml-mysql-1.0.4/mysql_stubs.c 2009-10-16 11:42:08.076508492 +0100 @@ -472,6 +472,33 @@ CAMLreturn(res); } +EXTERNAL value +db_real_escape(value dbd, value str) +{ + CAMLparam2(dbd, str); + char *s; + char *buf; + int len, esclen; + MYSQL *mysql; + CAMLlocal1(res); + + check_dbd(dbd, "escape"); + mysql = DBDmysql(dbd); + + s = String_val(str); + len = string_length(str); + buf = (char*) stat_alloc(2*len+1); + caml_enter_blocking_section(); + esclen = mysql_real_escape_string(mysql,buf,s,len); + caml_leave_blocking_section(); + + res = alloc_string(esclen); + memcpy(String_val(res), buf, esclen); + stat_free(buf); + + CAMLreturn(res); +} + /* * db_size -- returns the size of the current result (number of rows). */ Index: ocaml-mysql.spec =================================================================== RCS file: /cvs/pkgs/rpms/ocaml-mysql/F-11/ocaml-mysql.spec,v retrieving revision 1.7 retrieving revision 1.8 diff -u -p -r1.7 -r1.8 --- ocaml-mysql.spec 26 Feb 2009 07:17:08 -0000 1.7 +++ ocaml-mysql.spec 16 Oct 2009 10:46:40 -0000 1.8 @@ -3,7 +3,7 @@ Name: ocaml-mysql Version: 1.0.4 -Release: 8%{?dist} +Release: 8%{?dist}.1 Summary: OCaml library for accessing MySQL databases Group: Development/Libraries @@ -12,6 +12,8 @@ URL: http://raevnos.pennmush. Source0: http://raevnos.pennmush.org/code/ocaml-mysql/ocaml-mysql-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Patch0: ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch + BuildRequires: ocaml >= 3.10.0 BuildRequires: ocaml-findlib-devel BuildRequires: ocaml-ocamldoc @@ -45,6 +47,7 @@ developing applications that use %{name} %prep %setup -q +%patch0 -p1 ./configure --libdir=%{_libdir} @@ -96,6 +99,9 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Fri Oct 16 2009 Richard W.M. Jones <rjones(a)redhat.com> - 1.0.4-8.fc11.1 +- Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). + * Wed Feb 25 2009 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0.4-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

14 years, 6 months

1
0
0 / 0

rpms/ocaml-mysql/F-12 ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch, NONE, 1.1 ocaml-mysql.spec, 1.10, 1.11

by Richard W.M. Jones

Author: rjones Update of /cvs/pkgs/rpms/ocaml-mysql/F-12 In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19017 Modified Files: ocaml-mysql.spec Added Files: ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch Log Message: Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch: mysql.ml | 18 ++++++++++++------ mysql.mli | 5 +++++ mysql_stubs.c | 27 +++++++++++++++++++++++++++ 3 files changed, 44 insertions(+), 6 deletions(-) --- NEW FILE ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch --- diff -ur ocaml-mysql-1.0.4.orig/mysql.ml ocaml-mysql-1.0.4/mysql.ml --- ocaml-mysql-1.0.4.orig/mysql.ml 2006-02-23 22:13:22.000000000 +0000 +++ ocaml-mysql-1.0.4/mysql.ml 2009-10-16 11:42:08.074508283 +0100 @@ -333,6 +333,7 @@ external real_status : dbd -> int = "db_status" external errmsg : dbd -> string option = "db_errmsg" external escape : string -> string = "db_escape" +external real_escape: dbd -> string -> string = "db_real_escape" external fetch : result -> string option array option = "db_fetch" external to_row : result -> int64 -> unit = "db_to_row" external size : result -> int64 = "db_size" @@ -516,7 +517,9 @@ the corresponding type *) let ml2str str = "'" ^ escape str ^ "'" +let ml2rstr conn str = "'" ^ real_escape conn str ^ "'" let ml2blob = ml2str +let ml2rblob = ml2rstr let ml2int x = string_of_int x let ml2decimal x = x let ml322int x = Int32.to_string x @@ -524,12 +527,15 @@ let mlnative2int x = Nativeint.to_string x let ml2float x = string_of_float x let ml2enum x = escape x -let ml2set x = let rec loop arg = match arg with - | [] -> "" - | [x] -> escape x - | x::y::ys -> escape x ^ "," ^ loop (y::ys) - in - loop x +let ml2renum x = real_escape x +let ml2set_filter f x = + let rec loop f = function + | [] -> "" + | [x] -> f x + | x::y::ys -> f x ^ "," ^ loop f (y::ys) + in loop f x +let ml2set x = ml2set_filter escape x +let ml2rset conn x = ml2set_filter (real_escape conn) x let ml2datetimel ~year ~month ~day ~hour ~min ~sec = Printf.sprintf "'%04d-%02d-%02d %02d:%02d:%02d'" diff -ur ocaml-mysql-1.0.4.orig/mysql.mli ocaml-mysql-1.0.4/mysql.mli --- ocaml-mysql-1.0.4.orig/mysql.mli 2006-02-23 22:13:22.000000000 +0000 +++ ocaml-mysql-1.0.4/mysql.mli 2009-10-16 11:42:08.075507981 +0100 @@ -230,6 +230,7 @@ (** [escape str] returns the same string as [str] in MySQL syntax with special characters quoted to not confuse the MySQL parser *) val escape : string -> string +val real_escape : dbd -> string -> string (** [xxx2ml str] decodes a MySQL value of type xxx into a corresponding OCaml value *) @@ -277,14 +278,18 @@ (** [ml2xxx v] encodes [v] into MySQL syntax. *) val ml2str : string -> string +val ml2rstr : dbd -> string -> string val ml2blob : string -> string +val ml2rblob : dbd -> string -> string val ml2int : int -> string val ml2decimal : string -> string val ml322int : int32 -> string val ml642int : int64 -> string val ml2float : float -> string val ml2enum : string -> string +val ml2renum : dbd -> string -> string val ml2set : string list -> string +val ml2rset : dbd -> string list -> string val ml2datetime : int * int * int * int * int * int -> string val ml2datetimel : year:int -> month:int -> day:int -> hour:int -> min:int -> sec:int -> string val ml2date : int * int * int -> string diff -ur ocaml-mysql-1.0.4.orig/mysql_stubs.c ocaml-mysql-1.0.4/mysql_stubs.c --- ocaml-mysql-1.0.4.orig/mysql_stubs.c 2006-02-23 23:12:36.000000000 +0000 +++ ocaml-mysql-1.0.4/mysql_stubs.c 2009-10-16 11:42:08.076508492 +0100 @@ -472,6 +472,33 @@ CAMLreturn(res); } +EXTERNAL value +db_real_escape(value dbd, value str) +{ + CAMLparam2(dbd, str); + char *s; + char *buf; + int len, esclen; + MYSQL *mysql; + CAMLlocal1(res); + + check_dbd(dbd, "escape"); + mysql = DBDmysql(dbd); + + s = String_val(str); + len = string_length(str); + buf = (char*) stat_alloc(2*len+1); + caml_enter_blocking_section(); + esclen = mysql_real_escape_string(mysql,buf,s,len); + caml_leave_blocking_section(); + + res = alloc_string(esclen); + memcpy(String_val(res), buf, esclen); + stat_free(buf); + + CAMLreturn(res); +} + /* * db_size -- returns the size of the current result (number of rows). */ Index: ocaml-mysql.spec =================================================================== RCS file: /cvs/pkgs/rpms/ocaml-mysql/F-12/ocaml-mysql.spec,v retrieving revision 1.10 retrieving revision 1.11 diff -u -p -r1.10 -r1.11 --- ocaml-mysql.spec 25 Jul 2009 20:00:13 -0000 1.10 +++ ocaml-mysql.spec 16 Oct 2009 10:46:40 -0000 1.11 @@ -3,7 +3,7 @@ Name: ocaml-mysql Version: 1.0.4 -Release: 10%{?dist} +Release: 11%{?dist} Summary: OCaml library for accessing MySQL databases Group: Development/Libraries @@ -13,6 +13,8 @@ Source0: http://raevnos.pennmush. BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) ExcludeArch: sparc64 s390 s390x +Patch0: ocaml-mysql-1.0.4-CVE-2009-2942-missing-escape.patch + BuildRequires: ocaml >= 3.10.0 BuildRequires: ocaml-findlib-devel BuildRequires: ocaml-ocamldoc @@ -46,6 +48,7 @@ developing applications that use %{name} %prep %setup -q +%patch0 -p1 ./configure --libdir=%{_libdir} @@ -97,6 +100,9 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Fri Oct 16 2009 Richard W.M. Jones <rjones(a)redhat.com> - 1.0.4-11 +- Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). + * Sat Jul 25 2009 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.0.4-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

14 years, 6 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Ocaml-devel October 2009