Attachment 171491 Details for Bug 210325 – Patch python33 against CVE-2016-5636

[patch] Patch python33 against CVE-2016-5636

lang_python33.patch (text/plain), 1.20 KB, created by VK on 2016-06-16 18:23:17 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: VK

Created: 2016-06-16 18:23:17 UTC

Size: 1.20 KB

patch

obsolete

>Index: lang/python33/Makefile
>===================================================================
>--- lang/python33/Makefile	(revision 416953)
>+++ lang/python33/Makefile	(working copy)
>@@ -2,7 +2,7 @@
> 
> PORTNAME=	python33
> PORTVERSION=	${PYTHON_PORTVERSION}
>-PORTREVISION=	4
>+PORTREVISION=	5
> CATEGORIES=	lang python ipv6
> MASTER_SITES=	PYTHON/ftp/python/${PORTVERSION}
> DISTNAME=	Python-${PORTVERSION}
>Index: lang/python33/files/patch-Modules_zipimport-CVE-2016-5636.c
>===================================================================
>--- lang/python33/files/patch-Modules_zipimport-CVE-2016-5636.c	(nonexistent)
>+++ lang/python33/files/patch-Modules_zipimport-CVE-2016-5636.c	(working copy)
>@@ -0,0 +1,14 @@
>+--- Modules/zipimport.c.orig	2014-10-12 07:03:53 UTC
>++++ Modules/zipimport.c
>+@@ -1089,6 +1089,11 @@ get_data(PyObject *archive, PyObject *to
>+         PyMarshal_ReadShortFromFile(fp);        /* local header size */
>+     file_offset += l;           /* Start of file data */
>+ 
>++    if (data_size > LONG_MAX - 1) {
>++        fclose(fp);
>++        PyErr_NoMemory();
>++        return NULL;
>++    }
>+     bytes_size = compress == 0 ? data_size : data_size + 1;
>+     if (bytes_size == 0)
>+         bytes_size++;

Flags:

vlad-fbsd: maintainer-approval? (python)

Actions: View | Diff

Attachments on bug 210325: 171489 | 171491