Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/perl512/patches/CVE-2011-2939.patch
author Mike Sullivan <Mike.Sullivan@Oracle.COM>
Wed, 29 Aug 2012 11:05:56 -0700
changeset 957 255465c5756f
parent 600 5828c439789b
permissions -rw-r--r--
Close of build 04.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
600
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     1
 
#
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     2
 
# CVE-2011-2939
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     3
 
# http://perl5.git.perl.org/perl.git/commitdiff/e46d973584785af1f445c4dedbee4243419cb860#patch5
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     4
 
# https://bugzilla.redhat.com/show_bug.cgi?id=731246
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     5
 
#
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     6
 
--- perl-5.12.3/cpan/Encode/Unicode/Unicode.xs.old	2011-11-15 22:37:18.836023493 -0800
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     7
 
+++ perl-5.12.3/cpan/Encode/Unicode/Unicode.xs	2011-11-15 22:40:56.191609987 -0800
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     8
 
@@ -246,7 +246,10 @@
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     9
 
 	       This prevents allocating too much in the rogue case of a large
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    10
 
 	       input consisting initially of long sequence uft8-byte unicode
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    11
 
 	       chars followed by single utf8-byte chars. */
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    12
 
-	    STRLEN remaining = (e - s)/usize;
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    13
 
+	    /* +1
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    14
 
+	       fixes  Unicode.xs!decode_xs n-byte heap-overflow
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    15
 
+	      */
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    16
 
+	    STRLEN remaining = (e - s)/usize + 1; /* +1 to avoid the leak */
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    17
 
 	    STRLEN max_alloc = remaining + (8*1024*1024);
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    18
 
 	    STRLEN est_alloc = remaining * UTF8_MAXLEN;
5828c439789b 7111771 Problem with utility/perl
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    19
 
 	    STRLEN newlen = SvLEN(result) + /* min(max_alloc, est_alloc) */
upstream/oracle/userland-gate