[Bug 172792] New: use of study() with utf8 support enabled breaks regexps
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172792
Summary: use of study() with utf8 support enabled breaks regexps
Product: Fedora Core
Version: devel
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: jvdias(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list(a)redhat.com
Description of problem:
Use of study() with utf8 support enabled breaks perl-5.8.7's
regular expressions :
OK without UTF:
$ echo 'ABDCEFGHIJK' |
perl -pe 'study; s/HIJK/1234/;'
ABDCEFG1234
$ echo 'ABCDEFGHIJK' |
perl -e '$_=<>; study; print /HIJK/,"\n";'
1
FAILS with UTF:
$ echo 'ABDCEFGHIJK' |
PERL_UNICODE=31 perl -pe 'study; s/HIJK/1234/;'
ABDCEFGHIJK
$ echo 'ABCDEFGHIJK' |
PERL_UNICODE=31 perl -e '$_=<>; study; print /HIJK/,"\n";'
(re did not match)
Seems to be study() that is the culprit:
$ echo 'ABDCEFGHIJK' |
PERL_UNICODE=31 perl -pe 's/HIJK/1234/;'
ABDCEFG1234
And it is because $_ gets utf8-ness from STDIN:
$ echo 'ABDCEFGHIJK' |
PERL_UNICODE=63 perl -e '$_=<>; study; print /HIJK/ ? "OK" : "FAIL","\n";'
FAIL
$ PERL_UNICODE=63 perl -e '$_="ABDCEFGHIJK"; study; print /HIJK/ ? "OK" :
"FAIL","\n";'
OK
This was in the 'en_US.UTF-8' locale. If I make utf-8 support
conditional on locale, the problem goes away for the C locale:
$ echo 'ABDCEFGHIJK' |
PERL_UNICODE=127 LC_ALL=C perl -e '$_=<>; study; print /HIJK/ ? "OK" :
"FAIL","\n";'
OK
Version-Release number of selected component (if applicable):
ALL perl versions
How reproducible:
100%
Additional Information:
This is upstream perl bug 37646 ( http://rt.perl.org/rt3/index.html?q=37646 )
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
15 years, 6 months
[Bug 173563] New: filelist cleanup: drop unnecessary files, eliminate duplicates
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173563
Summary: filelist cleanup: drop unnecessary files, eliminate
duplicates
Product: Fedora Core
Version: devel
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: altblue(a)n0i.net
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list(a)redhat.com
Drop more cruft that comes with the usual installation (Attribute/Handlers/demo,
CGI/eg, TODOs, READMEs, etc) and let DBM_Filter live (as we just want NDBM* out).
(patch for 5.8.7-0.7.fc5 spec attached)
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
15 years, 7 months
[Bug 175513] New: UTF-8 error from sa-learn
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175513
Summary: UTF-8 error from sa-learn
Product: Fedora Core
Version: fc4
Platform: i386
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: spamassassin
AssignedTo: wtogami(a)redhat.com
ReportedBy: iny(a)iki.fi
CC: fedora-perl-devel-
list@redhat.com,felicity@kluge.net,jm(a)jmason.org,parkerm
@pobox.com,reg+redhat@sidney.com,wtogami(a)redhat.com
>From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050923 Fedora/1.7.12-1.5.1
Description of problem:
$ sa-learn --spam Maildir/.training.spam/cur/
Parsing of undecoded UTF-8 will give garbage when decoding entities at /usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/HTML.pm line 182.
Version-Release number of selected component (if applicable):
spamassassin-3.0.4-2.fc4
How reproducible:
Always
Steps to Reproduce:
1. Invoke sa-learn
Actual Results: Got this message.
Expected Results: Shouldn't have got it.
Additional info:
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 8 months
[Bug 173646] New: Selinux denials for spamd
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173646
Summary: Selinux denials for spamd
Product: Fedora Core
Version: fc4
Platform: i686
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: spamassassin
AssignedTo: wtogami(a)redhat.com
ReportedBy: gc1111(a)optonline.net
CC: fedora-perl-devel-
list@redhat.com,felicity@kluge.net,jm(a)jmason.org,parkerm
@pobox.com,reg+redhat@sidney.com,wtogami(a)redhat.com
>From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7
Description of problem:
SeLinux denies access to spamd many times.
Version-Release number of selected component (if applicable):
spamassassin-3.0.4-2.fc4
How reproducible:
Always
Steps to Reproduce:
1. Use Selinux in enforcing/targeted mode
2. Set evolution to filter mail using spamassassin
3. Read mail
4. Look at audit logs
Actual Results: Many denials as per Additional Information
Expected Results: No Selinux denials
Additional info:
Extract from /var/log/audit/audit.log:
type=AVC msg=audit(1132324042.516:8455): avc: denied { write } for pid=1862 comm="spamd" name="log" dev=tmpfs ino=4750 scontext=system_u:system_r:spamd_t tcontext=system_u:object_r:device_t tclass=sock_file
type=SYSCALL msg=audit(1132324042.516:8455): arch=40000003 syscall=102 success=no exit=-13 a0=3 a1=bfb60480 a2=862bc0 a3=6e items=1 pid=1862 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="spamd" exe="/usr/bin/perl"
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 9 months
[Bug 175439] New: [FC4 Regression]: spamc doesn't use localhost by default
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175439
Summary: [FC4 Regression]: spamc doesn't use localhost by default
Product: Fedora Core
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: spamassassin
AssignedTo: wtogami(a)redhat.com
ReportedBy: hongjiu.lu(a)intel.com
CC: fedora-perl-devel-
list@redhat.com,felicity@kluge.net,jm(a)jmason.org,parkerm
@pobox.com,reg+redhat@sidney.com,wtogami(a)redhat.com
I have
:0fw
| /usr/bin/spamc
in /etc/procmailrc. It worked with FC3. But after upgrading to FC4, I got
Dec 10 08:38:45 ocean spamd[27833]: unauthorized connection from
gate.in.lucon.org [192.168.10.1] at port 32823
My machine has
eth0 Link encap:Ethernet HWaddr 00:07:E9:9C:3E:3E
inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::207:e9ff:fe9c:3e3e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5662 errors:0 dropped:0 overruns:0 frame:0
TX packets:5908 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1160392 (1.1 MiB) TX bytes:2571450 (2.4 MiB)
It looks like spamc is connecting to 192.168.10.1 instead of 127.0.0.1.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 11 months
[Bug 172739] New: Deep recursion in CGI::Carp::warn
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172739
Summary: Deep recursion in CGI::Carp::warn
Product: Fedora Core
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: jorris(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list(a)redhat.com
Description of problem:
CGI::Carp::Warn experiences deep recursion when hit, followed by a segmentation
fault. This can make developing any web applications using CGI::Carp::Warn
difficult, as any trivial warning will cause pages of log output followed by a
crash.
See https://rt.perl.org/rt3/Ticket/Display.html?id=36521 for details and
possible patches.
Version-Release number of selected component (if applicable):
perl-5.8.6-15
How reproducible:
Always
Steps to Reproduce:
Execute script:
#!/usr/bin/perl
use CGI::Carp qw(fatalsToBrowser);
use diagnostics;
warn "foo";
Results:
Deeply nested warning message followed by segfault.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 12 months
[Bug 174684] New: Perl integer overflow issue
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174684
Summary: Perl integer overflow issue
Product: Fedora Core
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: security
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: bressers(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list(a)redhat.com
Perl integer overflow issue
There exists an integer overflow problem in Perl which can lead to a
string format issue. If a large enough integer is supplied to a
printf statement which uses the %n conversion, it may be possible to
execute arbitrary code. This problem will not be easy to remotely
exploit as a very poorly written script will first be needed.
http://marc.theaimsgroup.com/?l=full-disclosure&m=113342788118630&w=2
Doesn't Affec: RHEL2.1
This issue also affects FC3
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years
[Bug 172336] New: getgrnam() crashes with "Out of memory" if /etc/group contains long lines
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172336
Summary: getgrnam() crashes with "Out of memory" if /etc/group
contains long lines
Product: Fedora Core
Version: fc4
Platform: i386
URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=227621
OS/Version: Linux
Status: NEW
Severity: security
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: jvdias(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list@redhat.com,prockai(a)redhat.com
+++ This bug was initially created as a clone of Bug #163958 +++
>From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050720
Firefox/1.0.6
Description of problem:
This bug has been fixed in Debian and in newest Perl. I'm just wondering does
this concern RHEL 3 too, because we are rather close having "too much" users in
one group and I would rather see this bug fixed before that we are going to have
problems.
* Fix test of reenterant function return values which was causing
perl to malloc itself to death if ERANGE was encountered before
ENOENT (such as a long line in /etc/group; closes: #227621).
Version-Release number of selected component (if applicable):
How reproducible:
Didn't try
Additional info:
-- Additional comment from jvdias(a)redhat.com on 2005-11-02 16:23 EST --
This is PERL bug 37056, fixed with patch 25084 in bleadperl (5.9.x):
( http://rt.perl.org/rt3/Ticket/Display.html?id=37056 )
Subject: getgrent fails if a line in /etc/groups gets too long
Date: Fri, 02 Sep 2005 15:53:08 +0200
To: perlbug(a)perl.org
From: Michiel Blotwijk <michiel(a)blotwijk.com>
This is a bug report for perl from michiel(a)altiplano.be,
generated with the help of perlbug 1.35 running under perl v5.8.5.
-----------------------------------------------------------------
[Please enter your report here]
The function getgrent throws an error if a line in /etc/groups gets
too long (> 3000 characters). This error can be reproduced as follows:
1/ Manually add a large number of users to a group in /etc/group. It doesn't
really matter if these are real users or not, as long as the line exceeds
3000 characters.
2/ perl -e 'use User::grent; while (my $gr = getgrent() ) { print
$gr->name."\n"; }'
This will return an "Out of memory!" message.
This thread seems to be related:
http://lists.debian.org/debian-security/2005/06/msg00041.html
Originally reported at Debian:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=227621
As said in the Debian bug report:
From: "Steinar H. Gunderson" <sgunderson(a)bigfoot.com>
To: Peter Palúch <peterp(a)frix.fri.utc.sk>
Cc: control(a)bugs.debian.org, 227621(a)bugs.debian.org,
debian-security(a)lists.debian.org
Subject: Re: perl: getgrnam() crashes with "Out of memory" if /etc/group
contains long lines
Date: Fri, 10 Jun 2005 15:03:02 +0200
It's about the same bug in perl as it was in glibc. reentr.pl line 698 reads:
$call = qq[((PL_REENTRANT_RETINT = $call)$test ? $true :
(((PL_REENTRANT_RETINT == ERANGE) || (errno == ERANGE)) ?
($seenm{$func}{$seenr{$func}})Perl_reentrant_retry("$func"$rv) : 0))];
The problem here is "errno == ERANGE". If, at any time, there's a line longer
than the initial buffer, getgrent() (or any in the same family) will get
ERANGE back (and errno will be set to ERANGE). However, this is never reset.
Thus, when getgrent_r() hits EOF, it returns ENOENT, _but errno is still
ERANGE_. Perl figures the buffer was too small, doubles it and tries again,
but still gets ENOENT, of course (and errno is still ERANGE). This goes on
forever and ever until you run out of memory (which happens quite fast).
The solution is simply to remove "errno == ERANGE" AFAICS; getgrent_r() does
not define what happens to errno, and the return message will always be
ERANGE if the buffer is too small.
I'm a bit tempted to tag this "security"; if a user can (say) change his or
her own GECOS field to make it long enough, Perl programs using getpwent()
will crash, for instance. I can't find any direct way to exploit it (chfn
limits the length of the fields, for instance), but I'm still slightly
concerned over the possibilities of a DoS; Cc-ing debian-security.
/* Steinar */
I agree this bug has security implications .
This problem affects all {get,set}* nss perl wrapper functions, not only
getgrent .
This problem affects all previous releases of PERL in all current Red Hat
releases.
The patch is very straightforward - replace all occurences of
((PL_REENTRANT_RETINT == ERANGE) || (errno == ERANGE))
with
(PL_REENTRANT_RETINT == ERANGE)
in reentr.inc and reentr.pl.
This bug is now being fixed in these perl versions:
Rawhide / FC-5 : perl-5.8.7-0.7.fc5
FC-4 : perl-5.8.6-16
RHEL-4 : perl-5.8.5-17.RHEL4
RHEL-3 : perl-5.8.0-90.2
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years
[Bug 174984] New: missing timezone variable for Asia/Yekaterinburg in /usr/lib/perl5/vendor_perl/5.8.6/Date/Manip.pm
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174984
Summary: missing timezone variable for Asia/Yekaterinburg in
/usr/lib/perl5/vendor_perl/5.8.6/Date/Manip.pm
Product: Fedora Core
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl-DateManip
AssignedTo: wtogami(a)redhat.com
ReportedBy: slain(a)surw.ru
CC: fedora-perl-devel-list(a)redhat.com
>From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7
Description of problem:
Programs using Date::Manip doesn't work
if timezone is set to Asia/Ekaterinburg(YEKT),cause of missing timezone variable in /usr/lib/perl5/vendor_perl/5.8.6/Date/Manip.pm
Version-Release number of selected component (if applicable):
perl-DateManip-5.42a-4
How reproducible:
Always
Steps to Reproduce:
1. sudo logwatch
Actual Results: ERROR: Date::Manip unable to determine TimeZone.
at /usr/lib/perl5/vendor_perl/5.8.6/Date/Manip.pm line 3495
Date::Manip::Date_TimeZone called at /usr/lib/perl5/vendor_perl/5.8.6/Date/Manip.pm line 661
Date::Manip::Date_Init() called at /usr/lib/perl5/vendor_perl/5.8.6/Date/Manip.pm line 779
Date::Manip::ParseDateString('epoch 1133701851') called at /usr/share/logwatch/lib/Logwatch.pm line 508
Logwatch::TimeBuild() called at /usr/sbin/logwatch line 663
Expected Results: working logwatch
Additional info:
Here is patch to solve it:
--- /usr/lib/perl5/vendor_perl/5.8.6/Date/Manip.pm 2003-07-02 22:42:47.000000000 +0600
+++ Manip.pm 2005-12-05 17:57:34.000000000 +0500
@@ -606,6 +606,7 @@
"zp4 +0400 ". # USSR Zone 3
"msd +0400 ". # Moscow Daylight
"zp5 +0500 ". # USSR Zone 4
+ "yekt +0500 ". # Asia/Yekaterinburg
"ist +0530 ". # Indian Standard
"zp6 +0600 ". # USSR Zone 5
"novst +0600 ". # Novosibirsk time zone, Russia
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 6 months