[perl-Digest-SHA/f20] Fix possible crash on uninitialized object
Petr Pisar
ppisar at fedoraproject.org
Wed Mar 12 09:44:59 UTC 2014
commit a5dbd14a928f47f2e946c3b83e06c5fa6fc4bd9e
Author: Petr Písař <ppisar at redhat.com>
Date: Wed Mar 12 10:42:53 2014 +0100
Fix possible crash on uninitialized object
...-5.85-Check-for-ISA-when-invoking-methods.patch | 68 ++++++++++++++++++++
perl-Digest-SHA.spec | 9 ++-
2 files changed, 76 insertions(+), 1 deletions(-)
---
diff --git a/Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch b/Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch
new file mode 100644
index 0000000..94749b4
--- /dev/null
+++ b/Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch
@@ -0,0 +1,68 @@
+From c898bd4f5880bd7ddbf5987024c2748eae3d88a7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar at redhat.com>
+Date: Wed, 12 Mar 2014 10:17:16 +0100
+Subject: [PATCH] Check for ISA when invoking methods
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+After:
+
+use Digest::SHA;
+my $d=Digest::SHA->add(qq(a));
+
+calling $d->hashsize() and other methods resulted in crash.
+
+This is relevant patch from Digest-SHA-5.87.
+
+Perl RT#121421
+<https://bugzilla.redhat.com/show_bug.cgi?id=1075478>
+
+Signed-off-by: Petr Písař <ppisar at redhat.com>
+---
+ SHA.xs | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/SHA.xs b/SHA.xs
+index 3caf8ef..69908a0 100644
+--- a/SHA.xs
++++ b/SHA.xs
+@@ -34,6 +34,8 @@ shaclose(s)
+ CODE:
+ RETVAL = shaclose(s);
+ sv_setiv(SvRV(ST(0)), 0);
++OUTPUT:
++ RETVAL
+
+ int
+ shadump(file, s)
+@@ -186,6 +188,8 @@ PREINIT:
+ SHA *state;
+ int result;
+ PPCODE:
++ if (!sv_isa(self, "Digest::SHA"))
++ XSRETURN_UNDEF;
+ state = INT2PTR(SHA *, SvIV(SvRV(SvRV(self))));
+ result = ix ? shaalg(state) : shadsize(state) << 3;
+ ST(0) = sv_2mortal(newSViv(result));
+@@ -200,6 +204,8 @@ PREINIT:
+ STRLEN len;
+ SHA *state;
+ PPCODE:
++ if (!sv_isa(self, "Digest::SHA"))
++ XSRETURN_UNDEF;
+ state = INT2PTR(SHA *, SvIV(SvRV(SvRV(self))));
+ for (i = 1; i < items; i++) {
+ data = (unsigned char *) (SvPVbyte(ST(i), len));
+@@ -224,6 +230,8 @@ PREINIT:
+ SHA *state;
+ char *result;
+ PPCODE:
++ if (!sv_isa(self, "Digest::SHA"))
++ XSRETURN_UNDEF;
+ state = INT2PTR(SHA *, SvIV(SvRV(SvRV(self))));
+ shafinish(state);
+ len = 0;
+--
+1.8.5.3
+
diff --git a/perl-Digest-SHA.spec b/perl-Digest-SHA.spec
index 403feae..e68fdd4 100644
--- a/perl-Digest-SHA.spec
+++ b/perl-Digest-SHA.spec
@@ -1,7 +1,7 @@
Name: perl-Digest-SHA
Epoch: 1
Version: 5.85
-Release: 4%{?dist}
+Release: 5%{?dist}
Summary: Perl extension for SHA-1/224/256/384/512
License: GPL+ or Artistic
Group: Development/Libraries
@@ -10,6 +10,9 @@ Source0: http://www.cpan.org/authors/id/M/MS/MSHELOR/Digest-SHA-%{version
# Since 5.80, upstream overrides CFLAGS because they think it improves
# performance. Revert it.
Patch0: Digest-SHA-5.84-Reset-CFLAGS.patch
+# Fix possible crash on uninitialized object, fixed in 5.87, bug #1075478,
+# RT#121421
+Patch1: Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch
BuildRequires: perl
BuildRequires: perl(Config)
BuildRequires: perl(ExtUtils::MakeMaker)
@@ -47,6 +50,7 @@ handle all types of input, including partial-byte data.
%prep
%setup -q -n Digest-SHA-%{version}
%patch0 -p1
+%patch1 -p1
chmod -x examples/*
perl -MExtUtils::MakeMaker -e 'ExtUtils::MM_Unix->fixin(q{examples/dups})'
@@ -72,6 +76,9 @@ make test
%{_mandir}/man3/*
%changelog
+* Wed Mar 12 2014 Petr Pisar <ppisar at redhat.com> - 1:5.85-5
+- Fix possible crash on uninitialized object (bug #1075478)
+
* Wed Aug 14 2013 Jitka Plesnikova <jplesnik at redhat.com> - 1:5.85-4
- Perl 5.18 re-rebuild of bootstrapped packages
More information about the perl-devel
mailing list