OBS User unknown 2008-08-21 16:46:31 +00:00 committed by Git OBS Bridge
parent b77244a176
commit 5248d18bff
4 changed files with 121 additions and 17 deletions

View File

@ -0,0 +1,30 @@
A simple test case for this bug is:
touch foo # permissions 0666 & ~umask
ln -s foo bar
perl -e 'use File::Path rmtree; rmtree bar'
ls -l foo # permissions 0777
The following patch fixes that and the originally reported problem. I
believe the other chmod() calls in the _rmtree subroutine will never be
applied to a sym-link if either (1) no concurrent modifications of the
directory tree or (2) the 'safe' option is used. It would be worthwhile
for someone else to double-check that, though.
Ben.
--- lib/File/Path.pm.orig
+++ lib/File/Path.pm
@@ -351,10 +351,8 @@
}
my $nperm = $perm & 07777 | 0600;
- if ($nperm != $perm and not chmod $nperm, $root) {
- if ($Force_Writeable) {
- _error($arg, "cannot make file writeable", $canon);
- }
+ if ($Force_Writeable && $nperm != $perm and not chmod $nperm, $root) {
+ _error($arg, "cannot make file writeable", $canon);
}
print "unlink $canon\n" if $arg->{verbose};
# delete all versions under VMS

View File

@ -0,0 +1,38 @@
--- regcomp.c
+++ regcomp.c
@@ -5713,7 +5713,7 @@ S_reg(pTHX_ RExC_state_t *pRExC_state, I
ret = reganode(pRExC_state, GOSUB, num);
if (!SIZE_ONLY) {
- if (num > (I32)RExC_rx->nparens) {
+ if (num < 0 || num > (I32)RExC_rx->nparens) {
RExC_parse++;
vFAIL("Reference to nonexistent group");
}
@@ -7132,7 +7132,7 @@ tryagain:
if (num < 1)
vFAIL("Reference to nonexistent or unclosed group");
}
- if (!isg && num > 9 && num >= RExC_npar)
+ if (!isg && (num < 0 || (num > 9 && num >= RExC_npar)))
goto defchar;
else {
char * const parse_start = RExC_parse - 1; /* MJD */
@@ -7146,7 +7146,7 @@ tryagain:
RExC_parse++;
}
if (!SIZE_ONLY) {
- if (num > (I32)RExC_rx->nparens)
+ if (num < 0 || num > (I32)RExC_rx->nparens)
vFAIL("Reference to nonexistent group");
}
RExC_sawback = 1;
@@ -7323,7 +7323,7 @@ tryagain:
case '0': case '1': case '2': case '3':case '4':
case '5': case '6': case '7': case '8':case '9':
if (*p == '0' ||
- (isDIGIT(p[1]) && atoi(p) >= RExC_npar) ) {
+ (isDIGIT(p[1]) && (U32)atoi(p) >= (U32)RExC_npar) ) {
I32 flags = 0;
STRLEN numlen = 3;
ender = grok_oct(p, &numlen, &flags, NULL);

View File

@ -1,3 +1,20 @@
-------------------------------------------------------------------
Mon Jul 14 16:07:39 CEST 2008 - schwab@suse.de
- Fix another regexp backref overflow crash.
- Reenable testsuite on ppc64.
-------------------------------------------------------------------
Mon Jul 14 13:53:49 CEST 2008 - mls@suse.de
- fix regexp backref overflow crash fix
-------------------------------------------------------------------
Fri Jul 11 14:23:02 CEST 2008 - mls@suse.de
- fix bug File:Path that made synlink targets world-writable [bnc#402660]
- fix regexp backref overflow crash [bnc#372331]
-------------------------------------------------------------------
Tue May 6 21:34:57 CEST 2008 - aj@suse.de

View File

@ -2,13 +2,19 @@
# spec file for package perl (Version 5.10.0)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
# icecream 0
@ -16,7 +22,7 @@ Name: perl
Url: http://www.perl.org/
BuildRequires: db-devel gdbm-devel ncurses-devel zlib-devel
Version: 5.10.0
Release: 32
Release: 50
Summary: The Perl interpreter
License: Artistic License; GPL v2 or later
Group: Development/Languages/Perl
@ -39,6 +45,8 @@ Patch1: perl-gracefull-net-ftp.diff
Patch2: perl-5.10.0-regexp.diff
Patch3: perl-fix_dbmclose_call.patch
Patch4: perl-5.10.0-warn.diff
Patch5: perl-regexp-refoverflow.diff
Patch6: perl-file_path_rmtree_chmod.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@ -107,6 +115,8 @@ Authors:
%patch2
%patch3
%patch4
%patch5
%patch6
%build
options="-Doptimize='$RPM_OPT_FLAGS -Wall -pipe'"
@ -128,7 +138,7 @@ mv lib/Config_heavy.pl saveConfig_heavy.pl
make clobber
./configure.gnu --prefix=/usr -Dvendorprefix=/usr -Dinstallusrbinperl -Dusethreads -Di_db -Di_dbm -Di_ndbm -Di_gdbm $options
make
%ifnarch ppc64 %arm
%ifnarch %arm
%check
# delete broken File::Find test
@ -174,6 +184,8 @@ rm $RPM_BUILD_ROOT/usr/lib/perl5/*/*/CORE/libperl.a
#touch $cpa/perllocal.pod
# test CVE-2007-5116
$RPM_BUILD_ROOT/usr/bin/perl -e '$r=chr(128)."\\x{100}";/$r/'
# test perl-regexp-refoverflow.diff
$RPM_BUILD_ROOT/usr/bin/perl -e '/\6666666666/'
%if 1
# remove unrelated target/os manpages
rm $RPM_BUILD_ROOT/usr/share/man/man1/perlaix.1*
@ -284,18 +296,17 @@ cat << EOF > perl-base-filelist
/usr/lib/perl5/%version/*-linux-thread-multi*/lib.pm
/usr/lib/perl5/%version/*-linux-thread-multi*/re.pm
EOF
cat perl-base-filelist | sed -e 's/^/%exclude /g' > perl-base-excludes
: > perl-pod-excludes
for i in $RPM_BUILD_ROOT/usr/lib/perl5/*/pod/*; do
echo "%exclude $i" >> perl-pod-excludes
done
grep -v perldiag.pod perl-pod-excludes > perl-pod-excludes.new
mv perl-pod-excludes.new perl-pod-excludes
sed -i -e "s,$RPM_BUILD_ROOT,," perl-pod-excludes
# can %files take two file lists?
cat perl-pod-excludes >> perl-base-excludes
#%post
#%{fillup_only -an suseconfig}
{
sed -e 's/^/%%exclude /' perl-base-filelist
(cd $RPM_BUILD_ROOT
for i in usr/lib/perl5/*/pod/*; do
case $i in */perldiag.pod) ;;
*) echo "%%exclude /$i" ;;
esac
done)
} > perl-base-excludes
#%%post
#%%{fillup_only -an suseconfig}
%files base -f perl-base-filelist
%defattr(-,root,root)
@ -335,6 +346,14 @@ cat perl-pod-excludes >> perl-base-excludes
%doc /usr/lib/perl5/*/unicore/*.txt
%changelog
* Mon Jul 14 2008 schwab@suse.de
- Fix another regexp backref overflow crash.
- Reenable testsuite on ppc64.
* Mon Jul 14 2008 mls@suse.de
- fix regexp backref overflow crash fix
* Fri Jul 11 2008 mls@suse.de
- fix bug File:Path that made synlink targets world-writable [bnc#402660]
- fix regexp backref overflow crash [bnc#372331]
* Tue May 06 2008 aj@suse.de
- Fix missing return value in configure script to silence rpmlint
checks.