[pyfribidi] - Update to 0.10.0 (rhbz#539493) - Fix CVE-2010-3444: buffer overflow when processing Arabic UTF-8

Hans de Goede jwrdegoede at fedoraproject.org
Fri Dec 31 16:01:37 UTC 2010 

commit 1a5c574ca64fd7d75d4ec594b3d92d5ae34f25d5
Author: Hans de Goede <hdegoede at redhat.com>
Date:   Fri Dec 31 17:08:07 2010 +0100

    - Update to 0.10.0 (rhbz#539493)
    - Fix CVE-2010-3444: buffer overflow when processing Arabic UTF-8
      strings (rhbz#565997, rhbz#565998)
    - Run the included tests

 .gitignore           |    1 +
 buffer_overflow.diff |   15 +++++++++++++++
 pyfribidi.spec       |   22 +++++++++++++++++++---
 sources              |    2 +-
 testbigString.diff   |   38 ++++++++++++++++++++++++++++++++++++++
 5 files changed, 74 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index ea39454..8a3de7f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 pyfribidi-0.6.0.tar.gz
+/pyfribidi-0.10.0.tar.bz2
diff --git a/buffer_overflow.diff b/buffer_overflow.diff
new file mode 100644
index 0000000..5ea93df
--- /dev/null
+++ b/buffer_overflow.diff
@@ -0,0 +1,15 @@
+Descripton: Create an output buffer that assumes 4-byte sequences for all
+ Unicode characters
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570068
+Origin: http://sourceforge.net/tracker/?func=detail&aid=2676136&group_id=158366&atid=807545
+--- a/pyfribidi.c
++++ b/pyfribidi.c
+@@ -230,7 +230,7 @@
+ 
+ 	/* Allocate fribidi UTF-8 buffer */
+ 
+-	visual_utf8 = PyMem_New(char, MAX_STR_LEN);
++	visual_utf8 = PyMem_New(char, (unicode_length * 4)+1);
+ 	if (visual_utf8 == NULL)
+ 	{
+ 		PyErr_SetString (PyExc_MemoryError,
diff --git a/pyfribidi.spec b/pyfribidi.spec
index e7fd033..3cac865 100644
--- a/pyfribidi.spec
+++ b/pyfribidi.spec
@@ -1,14 +1,17 @@
 %{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
 
 Name:           pyfribidi
-Version:        0.6.0
-Release:        9%{?dist}
+Version:        0.10.0
+Release:        1%{?dist}
 Summary:        A Python binding for GNU FriBidi
 
 Group:          Development/Languages
 License:        GPLv2+
 URL:            http://pyfribidi.sourceforge.net/
-Source0:        http://dl.sourceforge.net/sourceforge/pyfribidi/pyfribidi-%{version}.tar.gz
+Source0:        http://downloads.sourceforge.net/pyfribidi/pyfribidi-%{version}.tar.bz2
+# Patches courtsey of Debian
+Patch0:         buffer_overflow.diff
+Patch1:         testbigString.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  python-devel
@@ -22,6 +25,8 @@ implementation of The Unicode Bidirectional Algorithm in Python.
 
 %prep
 %setup -q
+%patch0 -p1
+%patch1 -p1
 
 
 %build
@@ -32,6 +37,11 @@ CFLAGS="$RPM_OPT_FLAGS" %{__python} setup.py build
 rm -rf $RPM_BUILD_ROOT
 %{__python} setup.py install -O1 --skip-build --root $RPM_BUILD_ROOT
 
+
+%check
+ln -s build/lib.linux-*/pyfribidi.so .
+python test_pyfribidi.py
+
  
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -44,6 +54,12 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Fri Dec 31 2010 Hans de Goede <hdegoede at redhat.com> - 0.10.0-1
+- Update to 0.10.0 (rhbz#539493)
+- Fix CVE-2010-3444: buffer overflow when processing Arabic UTF-8
+  strings (rhbz#565997, rhbz#565998)
+- Run the included tests
+
 * Wed Jul 21 2010 David Malcolm <dmalcolm at redhat.com> - 0.6.0-9
 - Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
 
diff --git a/sources b/sources
index 3335653..ffffc3a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-57766e3bd05a2044397e98b4f90125c2  pyfribidi-0.6.0.tar.gz
+787e6fe851e8be43fe97008beb150705  pyfribidi-0.10.0.tar.bz2
diff --git a/testbigString.diff b/testbigString.diff
new file mode 100644
index 0000000..2d883d4
--- /dev/null
+++ b/testbigString.diff
@@ -0,0 +1,38 @@
+Description: Resurrected bigString test that was removed in upstream release
+ 0.8
+--- a/test_pyfribidi.py
++++ b/test_pyfribidi.py
+@@ -48,6 +48,16 @@
+         """ unicode: empty string """
+         self.assertEqual(pyfribidi.log2vis(u''), u'')
+ 
++    def testBigString(self):
++        """ unicode: big string
++
++        It does not make sense to order such big strings, this just
++        checks that there are no size limits in pyfribidi.
++        """
++        # About 2MB string for default python build (ucs2)
++        big = (u'א' * 1024) * 1024
++        self.assertEqual(pyfribidi.log2vis(big), big)
++
+     def testDefaultDirection(self):
+         """ unicode: use RTL default """
+         self.assertEqual(pyfribidi.log2vis(u"hello - שלום"),
+@@ -81,6 +91,16 @@
+         """ utf8: empty string """
+         self.assertEqual(pyfribidi.log2vis(''), '')
+ 
++    def testBigString(self):
++        """ utf8: big string
++
++        It does not make sense to order such big strings, this just
++        checks that there are no size limits in pyfribidi.
++        """
++        # About 2MB string
++        big = ('א' * 1024) * 1024
++        self.assertEqual(pyfribidi.log2vis(big), big)
++
+     def testDefaultDirection(self):
+         """ utf8: use RTL default """
+         self.assertEqual(pyfribidi.log2vis("hello - שלום"),

More information about the scm-commits mailing list