[perl/f17] Fix RT#82655

Fri Feb 1 12:13:18 UTC 2013

commit 9b4ad4ee45345b13778cd61edcf41f76f07d4e8d
Author: Jitka Plesnikova <jplesnik at redhat.com>
Date:   Fri Feb 1 13:12:04 2013 +0100

    Fix RT#82655

 ...82655-fix-double-free-when-loading-object.patch |   46 ++++++++++++++++++++
 perl.spec                                          |   10 ++++-
 2 files changed, 55 insertions(+), 1 deletions(-)
---

diff --git a/perl-5.14.3-RT-82655-fix-double-free-when-loading-object.patch b/perl-5.14.3-RT-82655-fix-double-free-when-loading-object.patch
new file mode 100644
index 0000000..7ff2f92
--- /dev/null
+++ b/perl-5.14.3-RT-82655-fix-double-free-when-loading-object.patch
@@ -0,0 +1,46 @@
+--- perl-5.14.3/cpan/Digest-SHA/lib/Digest/SHA.pm.orig	2013-01-15 16:42:52.009444910 +0100
++++ perl-5.14.3/cpan/Digest-SHA/lib/Digest/SHA.pm	2013-01-15 16:59:34.273586286 +0100
+@@ -54,6 +54,7 @@
+ 		}
+ 		shaclose($$class) if $$class;
+ 		$$class = shaopen($alg) || return;
++		return unless $$class = shaopen($alg);
+ 		return($class);
+ 	}
+ 	$alg = 1 unless defined $alg;
+@@ -153,18 +154,21 @@
+ 
+ sub dump {
+ 	my $self = shift;
+-	my $file = shift || "";
++	my $file = shift;
+ 
++	$file = "" unless defined $file;;
+ 	shadump($file, $$self) || return;
+ 	return($self);
+ }
+ 
+ sub load {
+ 	my $class = shift;
+-	my $file = shift || "";
++	my $file = shift;
++
++	$file = "" unless defined $file;;
+ 	if (ref($class)) {	# instance method
+ 		shaclose($$class) if $$class;
+-		$$class = shaload($file) || return;
++		return unless $$class = shaload($file);
+ 		return($class);
+ 	}
+ 	my $state = shaload($file) || return;
+--- perl-5.14.3/cpan/Digest-SHA/src/sha.c.orig	2013-01-15 17:05:04.679958221 +0100
++++ perl-5.14.3/cpan/Digest-SHA/src/sha.c	2013-01-15 17:03:20.337216113 +0100
+@@ -272,7 +272,7 @@
+ /* shaopen: creates a new digest object */
+ SHA *shaopen(int alg)
+ {
+-	SHA *s;
++	SHA *s = NULL;
+ 
+ 	if (alg != SHA1 && alg != SHA224 && alg != SHA256 &&
+ 		alg != SHA384    && alg != SHA512 &&
diff --git a/perl.spec b/perl.spec
index 6608277..5df1a90 100644
--- a/perl.spec
+++ b/perl.spec
@@ -27,7 +27,7 @@
 Name:           perl
 Version:        %{perl_version}
 # release number must be even higher, because dual-lived modules will be broken otherwise
-Release:        220%{?dist}
+Release:        221%{?dist}
 Epoch:          %{perl_epoch}
 Summary:        Practical Extraction and Report Language
 Group:          Development/Languages
@@ -117,6 +117,9 @@ Patch21:        perl-5.14.2-Override-the-Pod-Simple-parse_file.patch
 # Fix CVE-2012-6329, rhbz#884354
 Patch22:        perl-5.17.6-Fix-misparsing-of-maketext-strings.patch
 
+# Fix double-free when loading Digest::SHA object, rhbz#895543, RT#82655
+Patch23:        perl-5.14.3-RT-82655-fix-double-free-when-loading-object.patch
+
 # Update some of the bundled modules
 # see http://fedoraproject.org/wiki/Perl/perl.spec for instructions
 
@@ -1293,6 +1296,7 @@ tarball from perl.org.
 %patch20 -p1
 %patch21 -p1
 %patch22 -p1
+%patch23 -p1
 
 #copy the example script
 cp -a %{SOURCE5} .
@@ -1504,6 +1508,7 @@ pushd %{build_archlib}/CORE/
     'Fedora Patch20: Free hash entries before values on delete (RT#100340)' \
     'Fedora Patch21: Override the Pod::Simple::parse_file (CPANRT#77530)' \
     'Fedora Patch22: Fix misparsing of maketext strings (CVE-2012-6329)' \
+    'Fedora Patch23: Fix double-free when loading Digest::SHA object' \
     %{nil}
 
 rm patchlevel.bak
@@ -2457,6 +2462,9 @@ sed \
 
 # Old changelog entries are preserved in CVS.
 %changelog
+* Wed Jan 30 2013 Jitka Plesnikova <jplesnik at redhat.com> - 4:5.14.3-221
+- Fix RT#82655- Double-free when loading Digest::SHA object
+
 * Fri Jan 11 2013 Petr Pisar <ppisar at redhat.com> - 4:5.14.3-220
 - Fix CVE-2012-6329 (misparsing of maketext strings) (bug #884354)
 
