Fix possible crash on uninitialized object

2014-03-12 10:42:53 +01:00 · 2014-03-12 10:42:53 +01:00 · d7d25fe0ca
parent 4b6c557a95
commit d7d25fe0ca
2 changed files with 76 additions and 1 deletions
--- a/Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch
+++ b/Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch
@ -0,0 +1,68 @@
+From c898bd4f5880bd7ddbf5987024c2748eae3d88a7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Wed, 12 Mar 2014 10:17:16 +0100
+Subject: [PATCH] Check for ISA when invoking methods
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+After:
+
+use Digest::SHA;
+my $d=Digest::SHA->add(qq(a));
+
+calling $d->hashsize() and other methods resulted in crash.
+
+This is relevant patch from Digest-SHA-5.87.
+
+Perl RT#121421
+<https://bugzilla.redhat.com/show_bug.cgi?id=1075478>
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ SHA.xs | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/SHA.xs b/SHA.xs
+index 3caf8ef..69908a0 100644
+--- a/SHA.xs
+++ b/SHA.xs
+@@ -34,6 +34,8 @@ shaclose(s)
+ CODE:
+ 	RETVAL = shaclose(s);
+ 	sv_setiv(SvRV(ST(0)), 0);
+OUTPUT:
+	RETVAL
+ 
+ int
+ shadump(file, s)
+@@ -186,6 +188,8 @@ PREINIT:
+ 	SHA *state;
+ 	int result;
+ PPCODE:
+	if (!sv_isa(self, "Digest::SHA"))
+		XSRETURN_UNDEF;
+ 	state = INT2PTR(SHA *, SvIV(SvRV(SvRV(self))));
+ 	result = ix ? shaalg(state) : shadsize(state) << 3;
+ 	ST(0) = sv_2mortal(newSViv(result));
+@@ -200,6 +204,8 @@ PREINIT:
+ 	STRLEN len;
+ 	SHA *state;
+ PPCODE:
+	if (!sv_isa(self, "Digest::SHA"))
+		XSRETURN_UNDEF;
+ 	state = INT2PTR(SHA *, SvIV(SvRV(SvRV(self))));
+ 	for (i = 1; i < items; i++) {
+ 		data = (unsigned char *) (SvPVbyte(ST(i), len));
+@@ -224,6 +230,8 @@ PREINIT:
+ 	SHA *state;
+ 	char *result;
+ PPCODE:
+	if (!sv_isa(self, "Digest::SHA"))
+		XSRETURN_UNDEF;
+ 	state = INT2PTR(SHA *, SvIV(SvRV(SvRV(self))));
+ 	shafinish(state);
+ 	len = 0;
+-- 
+1.8.5.3
+
--- a/perl-Digest-SHA.spec
+++ b/perl-Digest-SHA.spec
@ -1,7 +1,7 @@
 Name:           perl-Digest-SHA
 Epoch:          1
 Version:        5.85
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Perl extension for SHA-1/224/256/384/512
 License:        GPL+ or Artistic
 Group:          Development/Libraries
@ -10,6 +10,9 @@ Source0:        http://www.cpan.org/authors/id/M/MS/MSHELOR/Digest-SHA-%{version
 # Since 5.80, upstream overrides CFLAGS because they think it improves
 # performance. Revert it.
 Patch0:         Digest-SHA-5.84-Reset-CFLAGS.patch
+# Fix possible crash on uninitialized object, fixed in 5.87, bug #1075478,
+# RT#121421
+Patch1:         Digest-SHA-5.85-Check-for-ISA-when-invoking-methods.patch
 BuildRequires:  perl
 BuildRequires:  perl(Config)
 BuildRequires:  perl(ExtUtils::MakeMaker)
@ -47,6 +50,7 @@ handle all types of input, including partial-byte data.
 %prep
 %setup -q -n Digest-SHA-%{version}
 %patch0 -p1
+%patch1 -p1
 chmod -x examples/*
 perl -MExtUtils::MakeMaker -e 'ExtUtils::MM_Unix->fixin(q{examples/dups})'

@ -72,6 +76,9 @@ make test
 %{_mandir}/man3/*

 %changelog
+* Wed Mar 12 2014 Petr Pisar <ppisar@redhat.com> - 1:5.85-2
+- Fix possible crash on uninitialized object (bug #1075478)
+
 * Fri Jun 28 2013 Petr Pisar <ppisar@redhat.com> - 1:5.85-1
 - 5.85 bump