rpms/perl/F-13 perl-5.10.1-unpack-didn-t-handle-scalar-context.patch, NONE, 1.1 perl.spec, 1.258, 1.259

Marcela Mašláňová mmaslano at fedoraproject.org
Thu Jul 15 13:31:04 UTC 2010 

Author: mmaslano

Update of /cvs/pkgs/rpms/perl/F-13
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv3087

Modified Files:
	perl.spec 
Added Files:
	perl-5.10.1-unpack-didn-t-handle-scalar-context.patch 
Log Message:
* Thu Jul 15 2010 Marcela Mašláňová <mmaslano at redhat.com> - 4:5.10.1-115
- 576824 backport unpack patch from upstream:
   http://rt.perl.org/rt3//Public/Bug/Display.html?id=73814


perl-5.10.1-unpack-didn-t-handle-scalar-context.patch:
 pp_pack.c   |   33 +++++++++++++++++++++------------
 t/op/pack.t |   11 +++++++++--
 2 files changed, 30 insertions(+), 14 deletions(-)

--- NEW FILE perl-5.10.1-unpack-didn-t-handle-scalar-context.patch ---
>From aee0279a5d6c3c12063e2c5488b35e88ccd13c54 Mon Sep 17 00:00:00 2001
From: Tony Cook <tony at develop-help.com>
Date: Fri, 23 Apr 2010 19:28:35 +1000
Subject: [PATCH] RT#73814 - unpack() didn't handle scalar context correctly for %32H and %32u

split() would crash because the third item on the stack wasn't the
regular expression it expected.  unpack("%2H", ...) would return both
the unpacked result and the checksum on the stack, similarly for
unpack("%2u", ...).
---
 pp_pack.c   |   33 +++++++++++++++++++++------------
 t/op/pack.t |   10 +++++++++-
 2 files changed, 30 insertions(+), 13 deletions(-)

diff --git a/pp_pack.c b/pp_pack.c
index 0670548..0ae8afd 100644
--- a/pp_pack.c
+++ b/pp_pack.c
@@ -1562,9 +1562,11 @@ S_unpack_rec(pTHX_ tempsym_t* symptr, const char *s, const char *strbeg, const c
 	    /* Preliminary length estimate, acceptable for utf8 too */
 	    if (howlen == e_star || len > (strend - s) * 2)
 		len = (strend - s) * 2;
-	    sv = sv_2mortal(newSV(len ? len : 1));
-	    SvPOK_on(sv);
-	    str = SvPVX(sv);
+	    if (!checksum) {
+		sv = sv_2mortal(newSV(len ? len : 1));
+		SvPOK_on(sv);
+		str = SvPVX(sv);
+	    }
 	    if (datumtype == 'h') {
 		U8 bits = 0;
 		I32 ai32 = len;
@@ -1574,7 +1576,8 @@ S_unpack_rec(pTHX_ tempsym_t* symptr, const char *s, const char *strbeg, const c
 			if (s >= strend) break;
 			bits = uni_to_byte(aTHX_ &s, strend, datumtype);
 		    } else bits = * (U8 *) s++;
-		    *str++ = PL_hexdigit[bits & 15];
+		    if (!checksum)
+			*str++ = PL_hexdigit[bits & 15];
 		}
 	    } else {
 		U8 bits = 0;
@@ -1585,12 +1588,15 @@ S_unpack_rec(pTHX_ tempsym_t* symptr, const char *s, const char *strbeg, const c
 			if (s >= strend) break;
 			bits = uni_to_byte(aTHX_ &s, strend, datumtype);
 		    } else bits = *(U8 *) s++;
-		    *str++ = PL_hexdigit[(bits >> 4) & 15];
+		    if (!checksum)
+			*str++ = PL_hexdigit[(bits >> 4) & 15];
 		}
 	    }
-	    *str = '\0';
-	    SvCUR_set(sv, str - SvPVX_const(sv));
-	    XPUSHs(sv);
+	    if (!checksum) {
+		*str = '\0';
+		SvCUR_set(sv, str - SvPVX_const(sv));
+		XPUSHs(sv);
+	    }
 	    break;
 	}
 	case 'C':
@@ -2123,7 +2129,7 @@ S_unpack_rec(pTHX_ tempsym_t* symptr, const char *s, const char *strbeg, const c
 	    break;
 #endif
 	case 'u':
-	    {
+	    if (!checksum) {
                 const STRLEN l = (STRLEN) (strend - s) * 3 / 4;
 		sv = sv_2mortal(newSV(l));
 		if (l) SvPOK_on(sv);
@@ -2141,7 +2147,8 @@ S_unpack_rec(pTHX_ tempsym_t* symptr, const char *s, const char *strbeg, const c
 			hunk[0] = (char)((a << 2) | (b >> 4));
 			hunk[1] = (char)((b << 4) | (c >> 2));
 			hunk[2] = (char)((c << 6) | d);
-			sv_catpvn(sv, hunk, (len > 3) ? 3 : len);
+			if (!checksum)
+			    sv_catpvn(sv, hunk, (len > 3) ? 3 : len);
 			len -= 3;
 		    }
 		    if (s < strend) {
@@ -2182,7 +2189,8 @@ S_unpack_rec(pTHX_ tempsym_t* symptr, const char *s, const char *strbeg, const c
 			hunk[0] = (char)((a << 2) | (b >> 4));
 			hunk[1] = (char)((b << 4) | (c >> 2));
 			hunk[2] = (char)((c << 6) | d);
-			sv_catpvn(sv, hunk, (len > 3) ? 3 : len);
+			if (!checksum)
+			    sv_catpvn(sv, hunk, (len > 3) ? 3 : len);
 			len -= 3;
 		    }
 		    if (*s == '\n')
@@ -2192,7 +2200,8 @@ S_unpack_rec(pTHX_ tempsym_t* symptr, const char *s, const char *strbeg, const c
 			    s += 2;
 		}
 	    }
-	    XPUSHs(sv);
+	    if (!checksum)
+		XPUSHs(sv);
 	    break;
 	}
 
diff --git a/t/op/pack.t b/t/op/pack.t
index 4b5f9a5..5775caf 100644
--- a/t/op/pack.t
+++ b/t/op/pack.t
@@ -12,7 +12,7 @@ my $no_endianness = $] > 5.009 ? '' :
 my $no_signedness = $] > 5.009 ? '' :
   "Signed/unsigned pack modifiers not available on this perl";
 
-plan tests => 14697;
+plan tests => 14699;
 
 use strict;
 use warnings qw(FATAL all);
@@ -1985,3 +1985,11 @@ is(unpack('c'), 65, "one-arg unpack (change #18751)"); # defaulting to $_
     my ($v) = split //, unpack ('(B)*', 'ab');
     is($v, 0); # Doesn't SEGV :-)
 }
+{
+    #73814
+    my $x = runperl( prog => 'print split( /,/, unpack(q(%2H*), q(hello world))), qq(\n)' );
+    is($x, "0\n", "split /a/, unpack('%2H*'...) didn't crash");
+
+    my $y = runperl( prog => 'print split( /,/, unpack(q(%32u*), q(#,3,Q)), qq(\n)), qq(\n)' );
+    is($y, "0\n", "split /a/, unpack('%32u*'...) didn't crash");
+}
-- 
1.5.6.5



Index: perl.spec
===================================================================
RCS file: /cvs/pkgs/rpms/perl/F-13/perl.spec,v
retrieving revision 1.258
retrieving revision 1.259
diff -u -p -r1.258 -r1.259
--- perl.spec	9 Jul 2010 09:13:00 -0000	1.258
+++ perl.spec	15 Jul 2010 13:31:04 -0000	1.259
@@ -7,7 +7,7 @@
 
 Name:           perl
 Version:        %{perl_version}
-Release:        114%{?dist}
+Release:        115%{?dist}
 Epoch:          %{perl_epoch}
 Summary:        Practical Extraction and Report Language
 Group:          Development/Languages
@@ -75,6 +75,9 @@ Patch12:        perl-add-symbols.patch
 # CVE_2009_3626 rhbz#547656 
 Patch13:        perl-5.10.1-CVE_2009_3626.patch
 
+# http://rt.perl.org/rt3//Public/Bug/Display.html?id=73814
+Patch14:        perl-5.10.1-unpack-didn-t-handle-scalar-context.patch
+
 # Version macros for some of the modules.
 # If comment starts with module name, distributed module is part of
 # perl bundle. Otherwise it belongs to module version macro
@@ -901,6 +904,7 @@ upstream tarball from perl.org.
 %patch11 -p1
 %patch12 -p1
 %patch13 -p1
+%patch14 -p1
 
 %patch101 -p1
 %patch102 -p1
@@ -1133,7 +1137,8 @@ pushd %{build_archlib}/CORE/
 	'Fedora Patch10: fix RT 39060, errno incorrectly set in perlio' \
 	'Fedora Patch11: much better swap logic to support reentrancy and fix assert failure' \
 	'Fedora Patch12: backward compatibility for the trasition' \
-        'Fedora Patch13: CVE_2009_3626' \
+    'Fedora Patch13: CVE_2009_3626' \
+    'Fedora Patch14: unpack RT 73814' \
 	'Fedora Patch101: Update ExtUtils::CBuilder to %{ExtUtils_CBuilder_version}' \
 	'Fedora Patch102: Update File::Path to %{File_Path_version}' \
 	'Fedora Patch103: Update Module::Build to %{Module_Build_version}' \
@@ -1796,6 +1801,10 @@ make test
 
 # Old changelog entries are preserved in CVS.
 %changelog
+* Thu Jul 15 2010 Marcela Mašláňová <mmaslano at redhat.com> - 4:5.10.1-115
+- 576824 backport unpack patch from upstream:
+   http://rt.perl.org/rt3//Public/Bug/Display.html?id=73814
+
 * Fri Jul 09 2010 Petr Pisar <ppisar at redhat.com> - 4:5.10.1-114
 - Add Digest::SHA requirement to perl-CPAN and perl-CPANPLUS (bug #612563)

More information about the scm-commits mailing list