upstream/oracle/userland-gate: changeset 600:5828c439789b

--- a/components/perl512/Makefile	Mon Nov 28 02:12:26 2011 -0800
+++ b/components/perl512/Makefile	Thu Nov 17 08:23:20 2011 -0800
@@ -117,6 +117,10 @@
 	# 2 expected failures because of the use of cloney in this build.
 	# Without cloney all tests pass.
 	#
+	# Failed 2 tests out of 1697, 99.88% okay.
+	# 	../cpan/Archive-Tar/t/02_methods.t
+	# 	../lib/File/stat.t
+	#
 
 BUILD_PKG_DEPENDENCIES =	$(BUILD_TOOLS)

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/perl512/patches/CVE-2011-2728.patch	Thu Nov 17 08:23:20 2011 -0800
@@ -0,0 +1,57 @@
+#
+# CVE-2011-2728
+# http://perl5.git.perl.org/perl.git/commit/1af4051e077438976a4c12a0622feaf6715bec77
+# https://bugzilla.redhat.com/show_bug.cgi?id=742236
+#
+diff -urN perl-5.12.3/ext/File-Glob/Glob.xs p/ext/File-Glob/Glob.xs
+--- perl-5.12.3/ext/File-Glob/Glob.xs   2011-01-09 12:20:55.000000000 -0800
++++ perl-5.12.3/ext/File-Glob/Glob.xs     2011-11-28 00:46:10.593556922 -0800
+@@ -1,6 +1,7 @@
+ #include "EXTERN.h"
+ #include "perl.h"
+ #include "XSUB.h"
++#include "strings.h"
+ 
+ #include "bsd_glob.h"
+ 
+@@ -49,9 +50,12 @@
+ 	/* allow for optional flags argument */
+ 	if (items > 1) {
+ 	    flags = (int) SvIV(ST(1));
++	    /* remove unsupported flags */
++	    flags &= ~(GLOB_APPEND | GLOB_DOOFFS | GLOB_ALTDIRFUNC | GLOB_MAGCHAR);
+ 	}
+ 
+ 	/* call glob */
++	bzero(&pglob, sizeof(glob_t));
+ 	retval = bsd_glob(pattern, flags, errfunc, &pglob);
+ 	GLOB_ERROR = retval;
+ 
+--- perl-5.12.3/ext/File-Glob/t/basic.t.orig  út lis 15 13:22:27 2011
++++ perl-5.12.3/ext/File-Glob/t/basic.t       út lis 15 13:22:54 2011
+@@ -15,7 +15,7 @@
+     }
+ }
+ use strict;
+-use Test::More tests => 14;
++use Test::More tests => 15;
+ BEGIN {use_ok('File::Glob', ':glob')};
+ use Cwd ();
+
+@@ -195,3 +195,7 @@
+     local $TODO = "home-made glob doesn't do regexes" if $^O eq 'VMS';
+     is_deeply(\@glob_files, ['a_dej']);
+ }
++
++# This used to segfault.
++my $i = bsd_glob('*', GLOB_ALTDIRFUNC);
++is(&File::Glob::GLOB_ERROR, 0, "Successfuly ignored unsupported flag");
+--- perl-5.12.3/patchlevel.h.orig     út lis 15 13:26:11 2011
++++ perl-5.12.3/patchlevel.h  út lis 15 13:26:17 2011
+@@ -131,6 +131,7 @@
+ 	,"uncommitted-changes"
+ #endif
+ 	PERL_GIT_UNPUSHED_COMMITS    	/* do not remove this line */
++	,"7111771 Problem with utility/perl"
+ 	,NULL
+ };

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/perl512/patches/CVE-2011-2939.patch	Thu Nov 17 08:23:20 2011 -0800
@@ -0,0 +1,19 @@
+#
+# CVE-2011-2939
+# http://perl5.git.perl.org/perl.git/commitdiff/e46d973584785af1f445c4dedbee4243419cb860#patch5
+# https://bugzilla.redhat.com/show_bug.cgi?id=731246
+#
+--- perl-5.12.3/cpan/Encode/Unicode/Unicode.xs.old	2011-11-15 22:37:18.836023493 -0800
++++ perl-5.12.3/cpan/Encode/Unicode/Unicode.xs	2011-11-15 22:40:56.191609987 -0800
+@@ -246,7 +246,10 @@
+ 	       This prevents allocating too much in the rogue case of a large
+ 	       input consisting initially of long sequence uft8-byte unicode
+ 	       chars followed by single utf8-byte chars. */
+-	    STRLEN remaining = (e - s)/usize;
++	    /* +1 
++	       fixes  Unicode.xs!decode_xs n-byte heap-overflow
++	      */
++	    STRLEN remaining = (e - s)/usize + 1; /* +1 to avoid the leak */
+ 	    STRLEN max_alloc = remaining + (8*1024*1024);
+ 	    STRLEN est_alloc = remaining * UTF8_MAXLEN;
+ 	    STRLEN newlen = SvLEN(result) + /* min(max_alloc, est_alloc) */

author	Vladimir Marek <Vladimir.Marek@oracle.com>
	Thu, 17 Nov 2011 08:23:20 -0800
changeset 600	5828c439789b
parent 599	3493d2848bde
child 601	5502502b0840

components/perl512/Makefile		file \| annotate \| diff \| comparison \| revisions
components/perl512/patches/CVE-2011-2728.patch		file \| annotate \| diff \| comparison \| revisions
components/perl512/patches/CVE-2011-2939.patch		file \| annotate \| diff \| comparison \| revisions