public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

python: 2.7.6 -> 2.7.7

Browse Source
This commit is contained in:
Domen Kožar 2014-06-04 14:11:21 +02:00
parent 638132b64c
commit 73169b3a37
2 changed files with 2 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
pkgs/development/interpreters/python/2.7/CVE-2014-1912.patch
View File

@ -1,57 +0,0 @@
# Edited from Mercurial patch: deleted the NEWS hunk, since it didn't apply cleanly.
# It added the following line to NEWS:
# - Issue #20246: Fix buffer overflow in socket.recvfrom_into.
# HG changeset patch
# User Benjamin Peterson <benjamin@python.org>
# Date 1389671978 18000
# Node ID 87673659d8f7ba1623cd4914f09ad3d2ade034e9
# Parent 2631d33ee7fbd5f0288931ef37872218d511d2e8
complain when nbytes > buflen to fix possible buffer overflow (closes #20246)
diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py
--- a/Lib/test/test_socket.py
+++ b/Lib/test/test_socket.py
@@ -1620,6 +1620,16 @@ class BufferIOTest(SocketConnectedTest):
_testRecvFromIntoMemoryview = _testRecvFromIntoArray
+ def testRecvFromIntoSmallBuffer(self):
+ # See issue #20246.
+ buf = bytearray(8)
+ self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024)
+
+ def _testRecvFromIntoSmallBuffer(self):
+ with test_support.check_py3k_warnings():
+ buf = buffer(MSG*2048)
+ self.serv_conn.send(buf)
+
TIPC_STYPE = 2000
TIPC_LOWER = 200
diff --git a/Misc/ACKS b/Misc/ACKS
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -979,6 +979,7 @@ Eric V. Smith
Christopher Smith
Gregory P. Smith
Roy Smith
+Ryan Smith-Roberts
Rafal Smotrzyk
Dirk Soede
Paul Sokolovsky
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Modules/socketmodule.c
+++ b/Modules/socketmodule.c
@@ -2742,6 +2742,10 @@ sock_recvfrom_into(PySocketSockObject *s
if (recvlen == 0) {
/* If nbytes was not specified, use the buffer's length */
recvlen = buflen;
+ } else if (recvlen > buflen) {
+ PyErr_SetString(PyExc_ValueError,
+ "nbytes is greater than the length of the buffer");
+ goto error;
}
readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr);

8
pkgs/development/interpreters/python/2.7/default.nix
View File

@ -8,11 +8,11 @@ with stdenv.lib;
let let
majorVersion = "2.7"; majorVersion = "2.7";
version = "${majorVersion}.6"; version = "${majorVersion}.7";
src = fetchurl { src = fetchurl {
url = "http://www.python.org/ftp/python/${version}/Python-${version}.tar.xz"; url = "http://www.python.org/ftp/python/${version}/Python-${version}.tar.xz";
sha256 = "18gnpyh071dxa0rv3silrz92jw9qpblswzwv4gzqcwxzz20qxmhz"; sha256 = "0y6s12rdi89k24p8zarhy9fqmyy459yg0d125c7cac4v136y70r9";
}; };
patches = patches =
@ -28,10 +28,6 @@ let
# patch python to put zero timestamp into pyc # patch python to put zero timestamp into pyc
# if DETERMINISTIC_BUILD env var is set # if DETERMINISTIC_BUILD env var is set
./deterministic-build.patch ./deterministic-build.patch
# See http://bugs.python.org/issue20246
# This will be fixed in 2.7.7.
./CVE-2014-1912.patch
]; ];
postPatch = stdenv.lib.optionalString (stdenv.gcc.libc != null) '' postPatch = stdenv.lib.optionalString (stdenv.gcc.libc != null) ''