Attachment #171491 for bug #210325

Lines 2-8 Link Here

(-)lang/python33/Makefile (-1 / +1 lines)
2		2
3	PORTNAME= python33	3	PORTNAME= python33
4	PORTVERSION= ${PYTHON_PORTVERSION}	4	PORTVERSION= ${PYTHON_PORTVERSION}
5	PORTREVISION= 4	5	PORTREVISION= 5
6	CATEGORIES= lang python ipv6	6	CATEGORIES= lang python ipv6
7	MASTER_SITES= PYTHON/ftp/python/${PORTVERSION}	7	MASTER_SITES= PYTHON/ftp/python/${PORTVERSION}
8	DISTNAME= Python-${PORTVERSION}	8	DISTNAME= Python-${PORTVERSION}




--- Modules/zipimport.c.orig	2014-10-12 07:03:53 UTC
+++ Modules/zipimport.c
@@ -1089,6 +1089,11 @@ get_data(PyObject *archive, PyObject *to
         PyMarshal_ReadShortFromFile(fp);        /* local header size */
     file_offset += l;           /* Start of file data */
 
+    if (data_size > LONG_MAX - 1) {
+        fclose(fp);
+        PyErr_NoMemory();
+        return NULL;
+    }
     bytes_size = compress == 0 ? data_size : data_size + 1;
     if (bytes_size == 0)
         bytes_size++;

Return to bug 210325

Line 0 Link Here

(-)lang/python33/files/patch-Modules_zipimport-CVE-2016-5636.c (+14 lines)
	1	--- Modules/zipimport.c.orig 2014-10-12 07:03:53 UTC
	2	+++ Modules/zipimport.c
	3	@@ -1089,6 +1089,11 @@ get_data(PyObject archive, PyObject to
	4	PyMarshal_ReadShortFromFile(fp); /* local header size */
	5	file_offset += l; /* Start of file data */
	6
	7	+ if (data_size > LONG_MAX - 1) {
	8	+ fclose(fp);
	9	+ PyErr_NoMemory();
	10	+ return NULL;
	11	+ }
	12	bytes_size = compress == 0 ? data_size : data_size + 1;
	13	if (bytes_size == 0)
	14	bytes_size++;