Compare commits
6 Commits
Author | SHA1 | Date |
---|---|---|
Petr Písař | 9af4d4e67d | |
Petr Písař | f6e8306d5d | |
Petr Písař | 5ed2fefecd | |
Petr Písař | e9cbf44ae8 | |
Petr Písař | 13b730c551 | |
Petr Písař | d0dfd48a76 |
|
@ -1 +0,0 @@
|
|||
1
|
|
@ -4,6 +4,3 @@
|
|||
/Storable-3.06.tar.gz
|
||||
/Storable-3.09.tar.gz
|
||||
/Storable-3.11.tar.gz
|
||||
/Storable-3.11_repackaged.tar.gz
|
||||
/Storable-3.15.tar.gz
|
||||
/Storable-3.25.tar.gz
|
||||
|
|
|
@ -1,538 +0,0 @@
|
|||
From 93b4cf22054a0e3f9f5d4ae8eaec85e8ca28944c Mon Sep 17 00:00:00 2001
|
||||
From: Jitka Plesnikova <jplesnik@redhat.com>
|
||||
Date: Mon, 12 Jun 2023 16:00:23 +0200
|
||||
Subject: [PATCH] Upgrade to 3.32
|
||||
|
||||
---
|
||||
ChangeLog | 29 ++++++++++++++
|
||||
Makefile.PL | 2 +-
|
||||
Storable.pm | 30 ++++++++------
|
||||
Storable.xs | 111 ++++++++++++++++++++++++++++++++++++++++++----------
|
||||
t/blessed.t | 53 ++++++++++++++++++++++++-
|
||||
t/boolean.t | 84 +++++++++++++++++++++++++++++++++++++++
|
||||
t/malice.t | 6 +--
|
||||
7 files changed, 278 insertions(+), 37 deletions(-)
|
||||
create mode 100644 t/boolean.t
|
||||
|
||||
diff --git a/ChangeLog b/ChangeLog
|
||||
index b1f4790..6619543 100644
|
||||
--- a/ChangeLog
|
||||
+++ b/ChangeLog
|
||||
@@ -1,3 +1,32 @@
|
||||
+2023-05-26 21:36:00 demerphq
|
||||
+ version 3.32
|
||||
+ * Update security advisory to be more clear
|
||||
+
|
||||
+2023-02-26 00:31:32 demerphq
|
||||
+ version 3.31
|
||||
+ * Fixup for ppport fix in 3.30
|
||||
+
|
||||
+2023-02-22 09:56:27 leont
|
||||
+ version 3.30
|
||||
+ * Use ppport for all modules in dist.
|
||||
+
|
||||
+2023-01-04 17:33:24 iabyn
|
||||
+ version 3.29
|
||||
+ * Store code fixes identified from refcounted stack patch
|
||||
+
|
||||
+2022-11-08 10:12:46 tony
|
||||
+ version 3.28
|
||||
+ * Store hook error reporting improvements
|
||||
+ * Store hook handles regex objects properly.
|
||||
+
|
||||
+2022-06-20 20:32:29 toddr
|
||||
+ version 3.27
|
||||
+ * Use cBOOL instead of !! in xs code
|
||||
+
|
||||
+2022-04-18 17:36:00 toddr
|
||||
+ version 3.26
|
||||
+ * Conform to ppport.h 3.68 recommendations
|
||||
+
|
||||
2021-08-30 07:46:52 nwclark
|
||||
version 3.25
|
||||
* No changes from previous version
|
||||
diff --git a/Makefile.PL b/Makefile.PL
|
||||
index e03e141..b705654 100644
|
||||
--- a/Makefile.PL
|
||||
+++ b/Makefile.PL
|
||||
@@ -29,7 +29,7 @@ WriteMakefile(
|
||||
'ExtUtils::MakeMaker' => '6.31',
|
||||
},
|
||||
TEST_REQUIRES => {
|
||||
- 'Test::More' => '0.41',
|
||||
+ 'Test::More' => '0.82',
|
||||
},
|
||||
)
|
||||
: () ),
|
||||
diff --git a/Storable.pm b/Storable.pm
|
||||
index 8e6ab25..d531f2b 100644
|
||||
--- a/Storable.pm
|
||||
+++ b/Storable.pm
|
||||
@@ -28,7 +28,7 @@ our @EXPORT_OK = qw(
|
||||
our ($canonical, $forgive_me);
|
||||
|
||||
BEGIN {
|
||||
- our $VERSION = '3.25';
|
||||
+ our $VERSION = '3.32';
|
||||
}
|
||||
|
||||
our $recursion_limit;
|
||||
@@ -1197,11 +1197,16 @@ compartment:
|
||||
|
||||
=head1 SECURITY WARNING
|
||||
|
||||
-B<Do not accept Storable documents from untrusted sources!>
|
||||
+B<Do not accept Storable documents from untrusted sources!> There is
|
||||
+B<no> way to configure Storable so that it can be used safely to process
|
||||
+untrusted data. While there I<are> various options that can be used to
|
||||
+mitigate specific security issues these options do I<not> comprise a
|
||||
+complete safety net for the user, and processing untrusted data may
|
||||
+result in segmentation faults, remote code execution, or privilege
|
||||
+escalation. The following lists some known features which represent
|
||||
+security issues that should be considered by users of this module.
|
||||
|
||||
-Some features of Storable can lead to security vulnerabilities if you
|
||||
-accept Storable documents from untrusted sources with the default
|
||||
-flags. Most obviously, the optional (off by default) CODE reference
|
||||
+Most obviously, the optional (off by default) CODE reference
|
||||
serialization feature allows transfer of code to the deserializing
|
||||
process. Furthermore, any serialized object will cause Storable to
|
||||
helpfully load the module corresponding to the class of the object in
|
||||
@@ -1224,12 +1229,15 @@ With the default setting of C<$Storable::flags> = 6, creating or destroying
|
||||
random objects, even renamed objects can be controlled by an attacker.
|
||||
See CVE-2015-1592 and its metasploit module.
|
||||
|
||||
-If your application requires accepting data from untrusted sources,
|
||||
-you are best off with a less powerful and more-likely safe
|
||||
-serialization format and implementation. If your data is sufficiently
|
||||
-simple, L<Cpanel::JSON::XS>, L<Data::MessagePack> or L<Sereal> are the best
|
||||
-choices and offer maximum interoperability, but note that Sereal is
|
||||
-L<unsafe by default|Sereal::Decoder/ROBUSTNESS>.
|
||||
+If your application requires accepting data from untrusted sources, you
|
||||
+are best off with a less powerful and more-likely safe serialization
|
||||
+format and implementation. If your data is sufficiently simple,
|
||||
+L<Cpanel::JSON::XS> or L<Data::MessagePack> are fine alternatives. For
|
||||
+more complex data structures containing various Perl specific data types
|
||||
+like regular expressions or aliased data L<Sereal> is the best
|
||||
+alternative and offers maximum interoperability. Note that Sereal is
|
||||
+L<unsafe by default|Sereal::Decoder/ROBUSTNESS>, but you can configure
|
||||
+the encoder and decoder to mitigate any security issues.
|
||||
|
||||
=head1 WARNING
|
||||
|
||||
diff --git a/Storable.xs b/Storable.xs
|
||||
index 6944b76..a558dd7 100644
|
||||
--- a/Storable.xs
|
||||
+++ b/Storable.xs
|
||||
@@ -16,18 +16,13 @@
|
||||
#include <perl.h>
|
||||
#include <XSUB.h>
|
||||
|
||||
-#ifndef PERL_VERSION_LT
|
||||
-# if !defined(PERL_VERSION) || !defined(PERL_REVISION) || ( PERL_REVISION == 5 && ( PERL_VERSION < 10 || (PERL_VERSION == 10 && PERL_SUBVERSION < 1) ) )
|
||||
-# define NEED_PL_parser
|
||||
-# define NEED_sv_2pv_flags
|
||||
-# define NEED_load_module
|
||||
-# define NEED_vload_module
|
||||
-# define NEED_newCONSTSUB
|
||||
-# define NEED_newSVpvn_flags
|
||||
-# define NEED_newRV_noinc
|
||||
-# endif
|
||||
+#define NEED_sv_2pv_flags
|
||||
+#define NEED_load_module
|
||||
+#define NEED_vload_module
|
||||
+#define NEED_newCONSTSUB
|
||||
+#define NEED_newSVpvn_flags
|
||||
+#define NEED_newRV_noinc
|
||||
#include "ppport.h" /* handle old perls */
|
||||
-#endif
|
||||
|
||||
#ifdef DEBUGGING
|
||||
#define DEBUGME /* Debug mode, turns assertions on as well */
|
||||
@@ -176,7 +171,9 @@
|
||||
#define SX_SVUNDEF_ELEM C(31) /* array element set to &PL_sv_undef */
|
||||
#define SX_REGEXP C(32) /* Regexp */
|
||||
#define SX_LOBJECT C(33) /* Large object: string, array or hash (size >2G) */
|
||||
-#define SX_LAST C(34) /* invalid. marker only */
|
||||
+#define SX_BOOLEAN_TRUE C(34) /* Boolean true */
|
||||
+#define SX_BOOLEAN_FALSE C(35) /* Boolean false */
|
||||
+#define SX_LAST C(36) /* invalid. marker only */
|
||||
|
||||
/*
|
||||
* Those are only used to retrieve "old" pre-0.6 binary images.
|
||||
@@ -975,7 +972,7 @@ static const char byteorderstr_56[] = {BYTEORDER_BYTES_56, 0};
|
||||
#endif
|
||||
|
||||
#define STORABLE_BIN_MAJOR 2 /* Binary major "version" */
|
||||
-#define STORABLE_BIN_MINOR 11 /* Binary minor "version" */
|
||||
+#define STORABLE_BIN_MINOR 12 /* Binary minor "version" */
|
||||
|
||||
#if !defined (SvVOK)
|
||||
/*
|
||||
@@ -1454,6 +1451,8 @@ static const sv_retrieve_t sv_old_retrieve[] = {
|
||||
(sv_retrieve_t)retrieve_other, /* SX_SVUNDEF_ELEM not supported */
|
||||
(sv_retrieve_t)retrieve_other, /* SX_REGEXP */
|
||||
(sv_retrieve_t)retrieve_other, /* SX_LOBJECT not supported */
|
||||
+ (sv_retrieve_t)retrieve_other, /* SX_BOOLEAN_TRUE not supported */
|
||||
+ (sv_retrieve_t)retrieve_other, /* SX_BOOLEAN_FALSE not supported */
|
||||
(sv_retrieve_t)retrieve_other, /* SX_LAST */
|
||||
};
|
||||
|
||||
@@ -1477,6 +1476,8 @@ static SV *retrieve_weakoverloaded(pTHX_ stcxt_t *cxt, const char *cname);
|
||||
static SV *retrieve_vstring(pTHX_ stcxt_t *cxt, const char *cname);
|
||||
static SV *retrieve_lvstring(pTHX_ stcxt_t *cxt, const char *cname);
|
||||
static SV *retrieve_svundef_elem(pTHX_ stcxt_t *cxt, const char *cname);
|
||||
+static SV *retrieve_boolean_true(pTHX_ stcxt_t *cxt, const char *cname);
|
||||
+static SV *retrieve_boolean_false(pTHX_ stcxt_t *cxt, const char *cname);
|
||||
|
||||
static const sv_retrieve_t sv_retrieve[] = {
|
||||
0, /* SX_OBJECT -- entry unused dynamically */
|
||||
@@ -1513,6 +1514,8 @@ static const sv_retrieve_t sv_retrieve[] = {
|
||||
(sv_retrieve_t)retrieve_svundef_elem,/* SX_SVUNDEF_ELEM */
|
||||
(sv_retrieve_t)retrieve_regexp, /* SX_REGEXP */
|
||||
(sv_retrieve_t)retrieve_lobject, /* SX_LOBJECT */
|
||||
+ (sv_retrieve_t)retrieve_boolean_true, /* SX_BOOLEAN_TRUE */
|
||||
+ (sv_retrieve_t)retrieve_boolean_false, /* SX_BOOLEAN_FALSE */
|
||||
(sv_retrieve_t)retrieve_other, /* SX_LAST */
|
||||
};
|
||||
|
||||
@@ -2187,7 +2190,7 @@ static AV *array_call(pTHX_
|
||||
XPUSHs(sv_2mortal(newSViv(cloning))); /* Cloning flag */
|
||||
PUTBACK;
|
||||
|
||||
- count = call_sv(hook, G_ARRAY); /* Go back to Perl code */
|
||||
+ count = call_sv(hook, G_LIST); /* Go back to Perl code */
|
||||
|
||||
SPAGAIN;
|
||||
|
||||
@@ -2454,6 +2457,16 @@ static int store_scalar(pTHX_ stcxt_t *cxt, SV *sv)
|
||||
pv = SvPV(sv, len); /* We know it's SvPOK */
|
||||
goto string; /* Share code below */
|
||||
}
|
||||
+#ifdef SvIsBOOL
|
||||
+ } else if (SvIsBOOL(sv)) {
|
||||
+ TRACEME(("mortal boolean"));
|
||||
+ if (SvTRUE_nomg_NN(sv)) {
|
||||
+ PUTMARK(SX_BOOLEAN_TRUE);
|
||||
+ }
|
||||
+ else {
|
||||
+ PUTMARK(SX_BOOLEAN_FALSE);
|
||||
+ }
|
||||
+#endif
|
||||
} else if (flags & SVf_POK) {
|
||||
/* public string - go direct to string read. */
|
||||
goto string_readlen;
|
||||
@@ -3250,6 +3263,7 @@ static int store_code(pTHX_ stcxt_t *cxt, CV *cv)
|
||||
CROAK(("Unexpected return value from B::Deparse::coderef2text\n"));
|
||||
|
||||
text = POPs;
|
||||
+ PUTBACK;
|
||||
len = SvCUR(text);
|
||||
reallen = strlen(SvPV_nolen(text));
|
||||
|
||||
@@ -3318,7 +3332,7 @@ static int get_regexp(pTHX_ stcxt_t *cxt, SV* sv, SV **re, SV **flags) {
|
||||
XPUSHs(rv);
|
||||
PUTBACK;
|
||||
/* optimize to call the XS directly later */
|
||||
- count = call_sv((SV*)cv, G_ARRAY);
|
||||
+ count = call_sv((SV*)cv, G_LIST);
|
||||
SPAGAIN;
|
||||
if (count < 2)
|
||||
CROAK(("re::regexp_pattern returned only %d results", (int)count));
|
||||
@@ -3567,7 +3581,10 @@ static int store_hook(
|
||||
int need_large_oids = 0;
|
||||
#endif
|
||||
|
||||
- TRACEME(("store_hook, classname \"%s\", tagged #%d", HvNAME_get(pkg), (int)cxt->tagnum));
|
||||
+ classname = HvNAME_get(pkg);
|
||||
+ len = strlen(classname);
|
||||
+
|
||||
+ TRACEME(("store_hook, classname \"%s\", tagged #%d", classname, (int)cxt->tagnum));
|
||||
|
||||
/*
|
||||
* Determine object type on 2 bits.
|
||||
@@ -3576,6 +3593,7 @@ static int store_hook(
|
||||
switch (type) {
|
||||
case svis_REF:
|
||||
case svis_SCALAR:
|
||||
+ case svis_REGEXP:
|
||||
obj_type = SHT_SCALAR;
|
||||
break;
|
||||
case svis_ARRAY:
|
||||
@@ -3615,13 +3633,20 @@ static int store_hook(
|
||||
}
|
||||
break;
|
||||
default:
|
||||
- CROAK(("Unexpected object type (%d) in store_hook()", type));
|
||||
+ {
|
||||
+ /* pkg_can() always returns a ref to a CV on success */
|
||||
+ CV *cv = (CV*)SvRV(hook);
|
||||
+ const GV * const gv = CvGV(cv);
|
||||
+ const char *gvname = GvNAME(gv);
|
||||
+ const HV * const stash = GvSTASH(gv);
|
||||
+ const char *hvname = stash ? HvNAME(stash) : NULL;
|
||||
+
|
||||
+ CROAK(("Unexpected object type (%s) of class '%s' in store_hook() calling %s::%s",
|
||||
+ sv_reftype(sv, FALSE), classname, hvname, gvname));
|
||||
+ }
|
||||
}
|
||||
flags = SHF_NEED_RECURSE | obj_type;
|
||||
|
||||
- classname = HvNAME_get(pkg);
|
||||
- len = strlen(classname);
|
||||
-
|
||||
/*
|
||||
* To call the hook, we need to fake a call like:
|
||||
*
|
||||
@@ -5882,6 +5907,50 @@ static SV *retrieve_integer(pTHX_ stcxt_t *cxt, const char *cname)
|
||||
return sv;
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * retrieve_boolean_true
|
||||
+ *
|
||||
+ * Retrieve boolean true copy.
|
||||
+ */
|
||||
+static SV *retrieve_boolean_true(pTHX_ stcxt_t *cxt, const char *cname)
|
||||
+{
|
||||
+ SV *sv;
|
||||
+ HV *stash;
|
||||
+
|
||||
+ TRACEME(("retrieve_boolean_true (#%d)", (int)cxt->tagnum));
|
||||
+
|
||||
+ sv = newSVsv(&PL_sv_yes);
|
||||
+ stash = cname ? gv_stashpv(cname, GV_ADD) : 0;
|
||||
+ SEEN_NN(sv, stash, 0); /* Associate this new scalar with tag "tagnum" */
|
||||
+
|
||||
+ TRACEME(("boolean true"));
|
||||
+ TRACEME(("ok (retrieve_boolean_true at 0x%" UVxf ")", PTR2UV(sv)));
|
||||
+
|
||||
+ return sv;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * retrieve_boolean_false
|
||||
+ *
|
||||
+ * Retrieve boolean false copy.
|
||||
+ */
|
||||
+static SV *retrieve_boolean_false(pTHX_ stcxt_t *cxt, const char *cname)
|
||||
+{
|
||||
+ SV *sv;
|
||||
+ HV *stash;
|
||||
+
|
||||
+ TRACEME(("retrieve_boolean_false (#%d)", (int)cxt->tagnum));
|
||||
+
|
||||
+ sv = newSVsv(&PL_sv_no);
|
||||
+ stash = cname ? gv_stashpv(cname, GV_ADD) : 0;
|
||||
+ SEEN_NN(sv, stash, 0); /* Associate this new scalar with tag "tagnum" */
|
||||
+
|
||||
+ TRACEME(("boolean false"));
|
||||
+ TRACEME(("ok (retrieve_boolean_false at 0x%" UVxf ")", PTR2UV(sv)));
|
||||
+
|
||||
+ return sv;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* retrieve_lobject
|
||||
*
|
||||
@@ -7774,7 +7843,7 @@ CODE:
|
||||
assert(cxt);
|
||||
result = cxt->entry && (cxt->optype & ix) ? TRUE : FALSE;
|
||||
} else {
|
||||
- result = !!last_op_in_netorder(aTHX);
|
||||
+ result = cBOOL(last_op_in_netorder(aTHX));
|
||||
}
|
||||
ST(0) = boolSV(result);
|
||||
|
||||
diff --git a/t/blessed.t b/t/blessed.t
|
||||
index d9a77b3..dea569b 100644
|
||||
--- a/t/blessed.t
|
||||
+++ b/t/blessed.t
|
||||
@@ -44,7 +44,7 @@ use Storable qw(freeze thaw store retrieve fd_retrieve);
|
||||
'long VSTRING' => \(my $lvstring = eval "v" . 0 x 300),
|
||||
LVALUE => \(my $substr = substr((my $str = "foo"), 0, 3)));
|
||||
|
||||
-my $test = 13;
|
||||
+my $test = 18;
|
||||
my $tests = $test + 41 + (2 * 6 * keys %::immortals) + (3 * keys %::weird_refs);
|
||||
plan(tests => $tests);
|
||||
|
||||
@@ -414,3 +414,54 @@ is(ref $t, 'STRESS_THE_STACK');
|
||||
|
||||
unlink("store$$");
|
||||
}
|
||||
+
|
||||
+{
|
||||
+ # trying to freeze a glob via STORABLE_freeze
|
||||
+ {
|
||||
+ package GlobHookedBase;
|
||||
+
|
||||
+ sub STORABLE_freeze {
|
||||
+ return \1;
|
||||
+ }
|
||||
+
|
||||
+ package GlobHooked;
|
||||
+ our @ISA = "GlobHookedBase";
|
||||
+ }
|
||||
+ use Symbol ();
|
||||
+ my $glob = bless Symbol::gensym(), "GlobHooked";
|
||||
+ eval {
|
||||
+ my $data = freeze($glob);
|
||||
+ };
|
||||
+ my $msg = $@;
|
||||
+ like($msg, qr/Unexpected object type \(GLOB\) of class 'GlobHooked' in store_hook\(\) calling GlobHookedBase::STORABLE_freeze/,
|
||||
+ "check we get the verbose message");
|
||||
+}
|
||||
+
|
||||
+SKIP:
|
||||
+{
|
||||
+ $] < 5.012
|
||||
+ and skip "Can't assign regexps directly before 5.12", 4;
|
||||
+ my $hook_called;
|
||||
+ # store regexp via hook
|
||||
+ {
|
||||
+ package RegexpHooked;
|
||||
+ sub STORABLE_freeze {
|
||||
+ ++$hook_called;
|
||||
+ "$_[0]";
|
||||
+ }
|
||||
+ sub STORABLE_thaw {
|
||||
+ my ($obj, $cloning, $serialized) = @_;
|
||||
+ ++$hook_called;
|
||||
+ $$obj = ${ qr/$serialized/ };
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ my $obj = bless qr/abc/, "RegexpHooked";
|
||||
+ my $data = freeze($obj);
|
||||
+ ok($data, "froze regexp blessed into hooked class");
|
||||
+ ok($hook_called, "and the hook was actually called");
|
||||
+ $hook_called = 0;
|
||||
+ my $obj_thawed = thaw($data);
|
||||
+ ok($hook_called, "hook called for thaw");
|
||||
+ like("abc", $obj_thawed, "check the regexp");
|
||||
+}
|
||||
diff --git a/t/boolean.t b/t/boolean.t
|
||||
new file mode 100644
|
||||
index 0000000..9ba19c0
|
||||
--- /dev/null
|
||||
+++ b/t/boolean.t
|
||||
@@ -0,0 +1,84 @@
|
||||
+use strict;
|
||||
+use warnings;
|
||||
+
|
||||
+my $true_ref;
|
||||
+my $false_ref;
|
||||
+BEGIN {
|
||||
+ $true_ref = \!!1;
|
||||
+ $false_ref = \!!0;
|
||||
+}
|
||||
+
|
||||
+BEGIN {
|
||||
+ unshift @INC, 't';
|
||||
+ unshift @INC, 't/compat' if $] < 5.006002;
|
||||
+ require Config;
|
||||
+ if ($ENV{PERL_CORE} and $Config::Config{'extensions'} !~ /\bStorable\b/) {
|
||||
+ print "1..0 # Skip: Storable was not built\n";
|
||||
+ exit 0;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+use Test::More tests => 12;
|
||||
+use Storable qw(thaw freeze);
|
||||
+
|
||||
+use constant CORE_BOOLS => defined &builtin::is_bool;
|
||||
+
|
||||
+{
|
||||
+ my $x = $true_ref;
|
||||
+ my $y = ${thaw freeze \$x};
|
||||
+ is($y, $x);
|
||||
+ eval {
|
||||
+ $$y = 2;
|
||||
+ };
|
||||
+ isnt $@, '',
|
||||
+ 'immortal true maintained as immortal';
|
||||
+}
|
||||
+
|
||||
+{
|
||||
+ my $x = $false_ref;
|
||||
+ my $y = ${thaw freeze \$x};
|
||||
+ is($y, $x);
|
||||
+ eval {
|
||||
+ $$y = 2;
|
||||
+ };
|
||||
+ isnt $@, '',
|
||||
+ 'immortal false maintained as immortal';
|
||||
+}
|
||||
+
|
||||
+{
|
||||
+ my $true = $$true_ref;
|
||||
+ my $x = \$true;
|
||||
+ my $y = ${thaw freeze \$x};
|
||||
+ is($$y, $$x);
|
||||
+ is($$y, '1');
|
||||
+ SKIP: {
|
||||
+ skip "perl $] does not support tracking boolean values", 1
|
||||
+ unless CORE_BOOLS;
|
||||
+ BEGIN { CORE_BOOLS and warnings->unimport('experimental::builtin') }
|
||||
+ ok builtin::is_bool($$y);
|
||||
+ }
|
||||
+ eval {
|
||||
+ $$y = 2;
|
||||
+ };
|
||||
+ is $@, '',
|
||||
+ 'mortal true maintained as mortal';
|
||||
+}
|
||||
+
|
||||
+{
|
||||
+ my $false = $$false_ref;
|
||||
+ my $x = \$false;
|
||||
+ my $y = ${thaw freeze \$x};
|
||||
+ is($$y, $$x);
|
||||
+ is($$y, '');
|
||||
+ SKIP: {
|
||||
+ skip "perl $] does not support tracking boolean values", 1
|
||||
+ unless CORE_BOOLS;
|
||||
+ BEGIN { CORE_BOOLS and warnings->unimport('experimental::builtin') }
|
||||
+ ok builtin::is_bool($$y);
|
||||
+ }
|
||||
+ eval {
|
||||
+ $$y = 2;
|
||||
+ };
|
||||
+ is $@, '',
|
||||
+ 'mortal true maintained as mortal';
|
||||
+}
|
||||
diff --git a/t/malice.t b/t/malice.t
|
||||
index 8adae95..7b92d3d 100644
|
||||
--- a/t/malice.t
|
||||
+++ b/t/malice.t
|
||||
@@ -32,7 +32,7 @@ our $file_magic_str = 'pst0';
|
||||
our $other_magic = 7 + length $byteorder;
|
||||
our $network_magic = 2;
|
||||
our $major = 2;
|
||||
-our $minor = 11;
|
||||
+our $minor = 12;
|
||||
our $minor_write = $] >= 5.019 ? 11 : $] > 5.008 ? 9 : $] > 5.005_50 ? 8 : 4;
|
||||
|
||||
use Test::More;
|
||||
@@ -206,7 +206,7 @@ sub test_things {
|
||||
$where = $file_magic + $network_magic;
|
||||
}
|
||||
|
||||
- # Just the header and a tag 255. As 33 is currently the highest tag, this
|
||||
+ # Just the header and a tag 255. As 34 is currently the highest tag, this
|
||||
# is "unexpected"
|
||||
$copy = substr ($contents, 0, $where) . chr 255;
|
||||
|
||||
@@ -226,7 +226,7 @@ sub test_things {
|
||||
# local $Storable::DEBUGME = 1;
|
||||
# This is the delayed croak
|
||||
test_corrupt ($copy, $sub,
|
||||
- "/^Storable binary image v$header->{major}.$minor6 contains data of type 255. This Storable is v$header->{major}.$minor and can only handle data types up to 33/",
|
||||
+ "/^Storable binary image v$header->{major}.$minor6 contains data of type 255. This Storable is v$header->{major}.$minor and can only handle data types up to 35/",
|
||||
"bogus tag, minor plus 4");
|
||||
# And check again that this croak is not delayed:
|
||||
{
|
||||
--
|
||||
2.40.1
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_stable
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
|
@ -0,0 +1,295 @@
|
|||
From 120060c86e233cb9f588314214137f3ed1b48e2a Mon Sep 17 00:00:00 2001
|
||||
From: Tony Cook <tony@develop-help.com>
|
||||
Date: Tue, 7 Aug 2018 15:34:06 +1000
|
||||
Subject: [PATCH] (perl #133326) fix and clarify handling of recurs_sv.
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
There were a few problems:
|
||||
|
||||
- the purpose of recur_sv wasn't clear, I believe I understand it
|
||||
now from looking at where recur_sv was actually being used.
|
||||
Frankly the logic of the code itself was hard to follow, apparently
|
||||
only counting a level if the recur_sv was equal to the current
|
||||
SV.
|
||||
|
||||
Fixed by adding some documentation to recur_sv in the context
|
||||
structure. The logic has been re-worked (see below) to hopefully
|
||||
make it more understandable.
|
||||
|
||||
- the conditional checks for inc/decrementing recur_depth didn't
|
||||
match between the beginnings and ends of the store_array() and
|
||||
store_hash() handlers didn't match, since recur_sv was both
|
||||
explicitly modified by those functions and implicitly modified
|
||||
in their recursive calls to process elements.
|
||||
|
||||
Fixing by storing the starting value of cxt->recur_sv locally
|
||||
testing against that instead of against the value that might be
|
||||
modified recursively.
|
||||
|
||||
- the checks in store_ref(), store_array(), store_l?hash() were
|
||||
over complex, obscuring their purpose.
|
||||
|
||||
Fixed by:
|
||||
- always count a recursion level in store_ref() and store the
|
||||
RV in recur_sv
|
||||
- only count a recursion level in the array/hash handlers if
|
||||
the SV didn't match.
|
||||
- skip the check against cxt->entry, if we're in this code
|
||||
we could be recursing, so we want to detect it.
|
||||
|
||||
- (after the other changes) the recursion checks in store_hash()/
|
||||
store_lhash() only checked the limit if the SV didn't match the
|
||||
recur_sv, which horribly broke things.
|
||||
|
||||
Fixed by:
|
||||
- Now only make the depth increment conditional, and always
|
||||
check against the limit if one is set.
|
||||
|
||||
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||
---
|
||||
dist/Storable/Storable.xs | 98 ++++++++++++++++++++++++++++++-----------------
|
||||
dist/Storable/t/recurse.t | 16 +++++++-
|
||||
2 files changed, 77 insertions(+), 37 deletions(-)
|
||||
|
||||
diff --git a/dist/Storable/Storable.xs b/dist/Storable/Storable.xs
|
||||
index 6a90e24814..f6df32b121 100644
|
||||
--- a/dist/Storable/Storable.xs
|
||||
+++ b/dist/Storable/Storable.xs
|
||||
@@ -418,6 +418,24 @@ typedef struct stcxt {
|
||||
SV *(**retrieve_vtbl)(pTHX_ struct stcxt *, const char *); /* retrieve dispatch table */
|
||||
SV *prev; /* contexts chained backwards in real recursion */
|
||||
SV *my_sv; /* the blessed scalar who's SvPVX() I am */
|
||||
+
|
||||
+ /* recur_sv:
|
||||
+
|
||||
+ A hashref of hashrefs or arrayref of arrayrefs is actually a
|
||||
+ chain of four SVs, eg for an array ref containing an array ref:
|
||||
+
|
||||
+ RV -> AV (element) -> RV -> AV
|
||||
+
|
||||
+ To make this depth appear natural from a perl level we only
|
||||
+ want to count this as two levels, so store_ref() stores it's RV
|
||||
+ into recur_sv and store_array()/store_hash() will only count
|
||||
+ that level if the AV/HV *isn't* recur_sv.
|
||||
+
|
||||
+ We can't just have store_hash()/store_array() not count that
|
||||
+ level, since it's possible for XS code to store an AV or HV
|
||||
+ directly as an element (though perl code trying to access such
|
||||
+ an object will generally croak.)
|
||||
+ */
|
||||
SV *recur_sv; /* check only one recursive SV */
|
||||
int in_retrieve_overloaded; /* performance hack for retrieving overloaded objects */
|
||||
int flags; /* controls whether to bless or tie objects */
|
||||
@@ -431,8 +449,13 @@ typedef struct stcxt {
|
||||
|
||||
#define RECURSION_TOO_DEEP() \
|
||||
(cxt->max_recur_depth != -1 && ++cxt->recur_depth > cxt->max_recur_depth)
|
||||
+
|
||||
+/* There's cases where we need to check whether the hash recursion
|
||||
+ limit has been reached without bumping the recursion levels, so the
|
||||
+ hash check doesn't bump the depth.
|
||||
+*/
|
||||
#define RECURSION_TOO_DEEP_HASH() \
|
||||
- (cxt->max_recur_depth_hash != -1 && ++cxt->recur_depth > cxt->max_recur_depth_hash)
|
||||
+ (cxt->max_recur_depth_hash != -1 && cxt->recur_depth > cxt->max_recur_depth_hash)
|
||||
#define MAX_DEPTH_ERROR "Max. recursion depth with nested structures exceeded"
|
||||
|
||||
static int storable_free(pTHX_ SV *sv, MAGIC* mg);
|
||||
@@ -2360,21 +2383,20 @@ static int store_ref(pTHX_ stcxt_t *cxt, SV *sv)
|
||||
} else
|
||||
PUTMARK(is_weak ? SX_WEAKREF : SX_REF);
|
||||
|
||||
- TRACEME(("recur_depth %" IVdf ", recur_sv (0x%" UVxf ")", cxt->recur_depth,
|
||||
- PTR2UV(cxt->recur_sv)));
|
||||
- if (cxt->entry && cxt->recur_sv == sv) {
|
||||
- if (RECURSION_TOO_DEEP()) {
|
||||
+ cxt->recur_sv = sv;
|
||||
+
|
||||
+ TRACEME((">ref recur_depth %" IVdf ", recur_sv (0x%" UVxf ") max %" IVdf, cxt->recur_depth,
|
||||
+ PTR2UV(cxt->recur_sv), cxt->max_recur_depth));
|
||||
+ if (RECURSION_TOO_DEEP()) {
|
||||
#if PERL_VERSION < 15
|
||||
- cleanup_recursive_data(aTHX_ (SV*)sv);
|
||||
+ cleanup_recursive_data(aTHX_ (SV*)sv);
|
||||
#endif
|
||||
- CROAK((MAX_DEPTH_ERROR));
|
||||
- }
|
||||
+ CROAK((MAX_DEPTH_ERROR));
|
||||
}
|
||||
- cxt->recur_sv = sv;
|
||||
|
||||
retval = store(aTHX_ cxt, sv);
|
||||
- if (cxt->entry && cxt->recur_sv == sv && cxt->recur_depth > 0) {
|
||||
- TRACEME(("recur_depth --%" IVdf, cxt->recur_depth));
|
||||
+ if (cxt->max_recur_depth != -1 && cxt->recur_depth > 0) {
|
||||
+ TRACEME(("<ref recur_depth --%" IVdf, cxt->recur_depth));
|
||||
--cxt->recur_depth;
|
||||
}
|
||||
return retval;
|
||||
@@ -2635,6 +2657,7 @@ static int store_array(pTHX_ stcxt_t *cxt, AV *av)
|
||||
UV len = av_len(av) + 1;
|
||||
UV i;
|
||||
int ret;
|
||||
+ SV *const recur_sv = cxt->recur_sv;
|
||||
|
||||
TRACEME(("store_array (0x%" UVxf ")", PTR2UV(av)));
|
||||
|
||||
@@ -2659,9 +2682,9 @@ static int store_array(pTHX_ stcxt_t *cxt, AV *av)
|
||||
TRACEME(("size = %d", (int)l));
|
||||
}
|
||||
|
||||
- TRACEME(("recur_depth %" IVdf ", recur_sv (0x%" UVxf ")", cxt->recur_depth,
|
||||
- PTR2UV(cxt->recur_sv)));
|
||||
- if (cxt->entry && cxt->recur_sv == (SV*)av) {
|
||||
+ TRACEME((">array recur_depth %" IVdf ", recur_sv (0x%" UVxf ") max %" IVdf, cxt->recur_depth,
|
||||
+ PTR2UV(cxt->recur_sv), cxt->max_recur_depth));
|
||||
+ if (recur_sv != (SV*)av) {
|
||||
if (RECURSION_TOO_DEEP()) {
|
||||
/* with <= 5.14 it recurses in the cleanup also, needing 2x stack size */
|
||||
#if PERL_VERSION < 15
|
||||
@@ -2670,7 +2693,6 @@ static int store_array(pTHX_ stcxt_t *cxt, AV *av)
|
||||
CROAK((MAX_DEPTH_ERROR));
|
||||
}
|
||||
}
|
||||
- cxt->recur_sv = (SV*)av;
|
||||
|
||||
/*
|
||||
* Now store each item recursively.
|
||||
@@ -2701,9 +2723,12 @@ static int store_array(pTHX_ stcxt_t *cxt, AV *av)
|
||||
return ret;
|
||||
}
|
||||
|
||||
- if (cxt->entry && cxt->recur_sv == (SV*)av && cxt->recur_depth > 0) {
|
||||
- TRACEME(("recur_depth --%" IVdf, cxt->recur_depth));
|
||||
- --cxt->recur_depth;
|
||||
+ if (recur_sv != (SV*)av) {
|
||||
+ assert(cxt->max_recur_depth == -1 || cxt->recur_depth > 0);
|
||||
+ if (cxt->max_recur_depth != -1 && cxt->recur_depth > 0) {
|
||||
+ TRACEME(("<array recur_depth --%" IVdf, cxt->recur_depth));
|
||||
+ --cxt->recur_depth;
|
||||
+ }
|
||||
}
|
||||
TRACEME(("ok (array)"));
|
||||
|
||||
@@ -2766,6 +2791,7 @@ static int store_hash(pTHX_ stcxt_t *cxt, HV *hv)
|
||||
#endif
|
||||
) ? 1 : 0);
|
||||
unsigned char hash_flags = (SvREADONLY(hv) ? SHV_RESTRICTED : 0);
|
||||
+ SV * const recur_sv = cxt->recur_sv;
|
||||
|
||||
/*
|
||||
* Signal hash by emitting SX_HASH, followed by the table length.
|
||||
@@ -2817,17 +2843,17 @@ static int store_hash(pTHX_ stcxt_t *cxt, HV *hv)
|
||||
TRACEME(("size = %d, used = %d", (int)l, (int)HvUSEDKEYS(hv)));
|
||||
}
|
||||
|
||||
- TRACEME(("recur_depth %" IVdf ", recur_sv (0x%" UVxf ")", cxt->recur_depth,
|
||||
- PTR2UV(cxt->recur_sv)));
|
||||
- if (cxt->entry && cxt->recur_sv == (SV*)hv) {
|
||||
- if (RECURSION_TOO_DEEP_HASH()) {
|
||||
+ TRACEME((">hash recur_depth %" IVdf ", recur_sv (0x%" UVxf ") max %" IVdf, cxt->recur_depth,
|
||||
+ PTR2UV(cxt->recur_sv), cxt->max_recur_depth_hash));
|
||||
+ if (recur_sv != (SV*)hv && cxt->max_recur_depth_hash != -1) {
|
||||
+ ++cxt->recur_depth;
|
||||
+ }
|
||||
+ if (RECURSION_TOO_DEEP_HASH()) {
|
||||
#if PERL_VERSION < 15
|
||||
- cleanup_recursive_data(aTHX_ (SV*)hv);
|
||||
+ cleanup_recursive_data(aTHX_ (SV*)hv);
|
||||
#endif
|
||||
- CROAK((MAX_DEPTH_ERROR));
|
||||
- }
|
||||
+ CROAK((MAX_DEPTH_ERROR));
|
||||
}
|
||||
- cxt->recur_sv = (SV*)hv;
|
||||
|
||||
/*
|
||||
* Save possible iteration state via each() on that table.
|
||||
@@ -3107,8 +3133,9 @@ static int store_hash(pTHX_ stcxt_t *cxt, HV *hv)
|
||||
TRACEME(("ok (hash 0x%" UVxf ")", PTR2UV(hv)));
|
||||
|
||||
out:
|
||||
- if (cxt->entry && cxt->recur_sv == (SV*)hv && cxt->recur_depth > 0) {
|
||||
- TRACEME(("recur_depth --%" IVdf , cxt->recur_depth));
|
||||
+ assert(cxt->max_recur_depth_hash != -1 && cxt->recur_depth > 0);
|
||||
+ TRACEME(("<hash recur_depth --%" IVdf , cxt->recur_depth));
|
||||
+ if (cxt->max_recur_depth_hash != -1 && recur_sv != (SV*)hv && cxt->recur_depth > 0) {
|
||||
--cxt->recur_depth;
|
||||
}
|
||||
HvRITER_set(hv, riter); /* Restore hash iterator state */
|
||||
@@ -3221,6 +3248,7 @@ static int store_lhash(pTHX_ stcxt_t *cxt, HV *hv, unsigned char hash_flags)
|
||||
#ifdef DEBUGME
|
||||
UV len = (UV)HvTOTALKEYS(hv);
|
||||
#endif
|
||||
+ SV * const recur_sv = cxt->recur_sv;
|
||||
if (hash_flags) {
|
||||
TRACEME(("store_lhash (0x%" UVxf ") (flags %x)", PTR2UV(hv),
|
||||
(int) hash_flags));
|
||||
@@ -3231,15 +3259,15 @@ static int store_lhash(pTHX_ stcxt_t *cxt, HV *hv, unsigned char hash_flags)
|
||||
|
||||
TRACEME(("recur_depth %" IVdf ", recur_sv (0x%" UVxf ")", cxt->recur_depth,
|
||||
PTR2UV(cxt->recur_sv)));
|
||||
- if (cxt->entry && cxt->recur_sv == (SV*)hv) {
|
||||
- if (RECURSION_TOO_DEEP_HASH()) {
|
||||
+ if (recur_sv != (SV*)hv && cxt->max_recur_depth_hash != -1) {
|
||||
+ ++cxt->recur_depth;
|
||||
+ }
|
||||
+ if (RECURSION_TOO_DEEP_HASH()) {
|
||||
#if PERL_VERSION < 15
|
||||
- cleanup_recursive_data(aTHX_ (SV*)hv);
|
||||
+ cleanup_recursive_data(aTHX_ (SV*)hv);
|
||||
#endif
|
||||
- CROAK((MAX_DEPTH_ERROR));
|
||||
- }
|
||||
+ CROAK((MAX_DEPTH_ERROR));
|
||||
}
|
||||
- cxt->recur_sv = (SV*)hv;
|
||||
|
||||
array = HvARRAY(hv);
|
||||
for (i = 0; i <= (Size_t)HvMAX(hv); i++) {
|
||||
@@ -3252,7 +3280,7 @@ static int store_lhash(pTHX_ stcxt_t *cxt, HV *hv, unsigned char hash_flags)
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
- if (cxt->entry && cxt->recur_sv == (SV*)hv && cxt->recur_depth > 0) {
|
||||
+ if (recur_sv == (SV*)hv && cxt->max_recur_depth_hash != -1 && cxt->recur_depth > 0) {
|
||||
TRACEME(("recur_depth --%" IVdf, cxt->recur_depth));
|
||||
--cxt->recur_depth;
|
||||
}
|
||||
diff --git a/dist/Storable/t/recurse.t b/dist/Storable/t/recurse.t
|
||||
index fa8be0b374..63fde90fdf 100644
|
||||
--- a/dist/Storable/t/recurse.t
|
||||
+++ b/dist/Storable/t/recurse.t
|
||||
@@ -20,7 +20,7 @@ use Storable qw(freeze thaw dclone);
|
||||
|
||||
$Storable::flags = Storable::FLAGS_COMPAT;
|
||||
|
||||
-use Test::More tests => 38;
|
||||
+use Test::More tests => 39;
|
||||
|
||||
package OBJ_REAL;
|
||||
|
||||
@@ -364,5 +364,17 @@ else {
|
||||
dclone $t;
|
||||
};
|
||||
like $@, qr/Max\. recursion depth with nested structures exceeded/,
|
||||
- 'Caught href stack overflow '.MAX_DEPTH*2;
|
||||
+ 'Caught href stack overflow '.MAX_DEPTH_HASH*2;
|
||||
+}
|
||||
+
|
||||
+{
|
||||
+ # perl #133326
|
||||
+ my @tt;
|
||||
+ #$Storable::DEBUGME=1;
|
||||
+ for (1..16000) {
|
||||
+ my $t = [[[]]];
|
||||
+ push @tt, $t;
|
||||
+ }
|
||||
+ ok(eval { dclone \@tt; 1 },
|
||||
+ "low depth structure shouldn't be treated as nested");
|
||||
}
|
||||
--
|
||||
2.14.4
|
||||
|
|
@ -1,16 +1,18 @@
|
|||
%global base_version 3.25
|
||||
Name: perl-Storable
|
||||
Epoch: 1
|
||||
Version: 3.32
|
||||
Release: 502%{?dist}
|
||||
Version: 3.11
|
||||
Release: 3%{?dist}
|
||||
Summary: Persistence for Perl data structures
|
||||
# Storable.pm: GPL+ or Artistic
|
||||
License: GPL-1.0-or-later OR Artistic-1.0-Perl
|
||||
# __Storable__.pm: GPL+ or Artistic
|
||||
## Not in the binary packages
|
||||
# t/CVE-2015-1592.inc: BSD (same as Metasploit Framwork)
|
||||
License: GPL+ or Artistic
|
||||
URL: https://metacpan.org/release/Storable
|
||||
Source0: https://cpan.metacpan.org/authors/id/N/NW/NWCLARK/Storable-%{base_version}.tar.gz
|
||||
# Unbundled from perl 5.37.12
|
||||
Patch0: Storable-3.25-Upgrade-to-3.32.patch
|
||||
BuildRequires: coreutils
|
||||
Source0: https://cpan.metacpan.org/authors/id/X/XS/XSAWYERX/Storable-%{version}.tar.gz
|
||||
# Fix recursion check, RT#133326
|
||||
Patch0: perl-5.29.2-perl-133326-fix-and-clarify-handling-of-recurs_sv.patch
|
||||
# bash for stacksize script (ulimit) that is executed at build time
|
||||
BuildRequires: bash
|
||||
BuildRequires: gcc
|
||||
BuildRequires: make
|
||||
BuildRequires: perl-devel
|
||||
|
@ -26,6 +28,7 @@ BuildRequires: perl(warnings)
|
|||
# Win32 not used on Linux
|
||||
# Win32API::File not used on Linux
|
||||
# Run-time:
|
||||
# Carp substitutes missing Log::Agent
|
||||
BuildRequires: perl(Carp)
|
||||
BuildRequires: perl(Exporter)
|
||||
# Fcntl is optional, but locking is good
|
||||
|
@ -36,7 +39,6 @@ BuildRequires: perl(XSLoader)
|
|||
# Tests:
|
||||
BuildRequires: perl(base)
|
||||
BuildRequires: perl(bytes)
|
||||
BuildRequires: perl(constant)
|
||||
BuildRequires: perl(File::Temp)
|
||||
BuildRequires: perl(integer)
|
||||
BuildRequires: perl(overload)
|
||||
|
@ -45,7 +47,6 @@ BuildRequires: perl(Test::More)
|
|||
BuildRequires: perl(threads)
|
||||
BuildRequires: perl(Safe)
|
||||
BuildRequires: perl(Scalar::Util)
|
||||
BuildRequires: perl(Symbol)
|
||||
BuildRequires: perl(Tie::Array)
|
||||
# Optional tests:
|
||||
# gzip not used
|
||||
|
@ -57,6 +58,9 @@ BuildRequires: perl(Hash::Util)
|
|||
# Test::LeakTrace omitted because it's not a core module requried for building
|
||||
# core Storable.
|
||||
BuildRequires: perl(Tie::Hash)
|
||||
Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version))
|
||||
# Carp substitutes missing Log::Agent
|
||||
Requires: perl(Carp)
|
||||
Requires: perl(Config)
|
||||
# Fcntl is optional, but locking is good
|
||||
Requires: perl(Fcntl)
|
||||
|
@ -64,165 +68,39 @@ Requires: perl(IO::File)
|
|||
|
||||
%{?perl_default_filter}
|
||||
|
||||
# Filter modules bundled for tests
|
||||
%global __provides_exclude_from %{?__provides_exclude_from:%__provides_exclude_from|}^%{_libexecdir}
|
||||
%global __requires_exclude %{?__requires_exclude:%__requires_exclude|}^perl\\(HAS_OVERLOAD\\)
|
||||
%global __requires_exclude %{__requires_exclude}|^perl\\(testlib.pl\\)
|
||||
|
||||
%description
|
||||
The Storable package brings persistence to your Perl data structures
|
||||
containing scalar, array, hash or reference objects, i.e. anything that
|
||||
can be conveniently stored to disk and retrieved at a later time.
|
||||
|
||||
%package tests
|
||||
Summary: Tests for %{name}
|
||||
Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
Requires: perl-Test-Harness
|
||||
Requires: perl(B::Deparse) >= 0.61
|
||||
Requires: perl(Digest::MD5)
|
||||
|
||||
%description tests
|
||||
Tests from %{name}. Execute them
|
||||
with "%{_libexecdir}/%{name}/test".
|
||||
|
||||
%prep
|
||||
%autosetup -p1 -n Storable-%{base_version}
|
||||
|
||||
# Help generators to recognize Perl scripts
|
||||
for F in t/*.t t/*.pl; do
|
||||
perl -i -MConfig -ple 'print $Config{startperl} if $. == 1 && !s{\A#!.*perl\b}{$Config{startperl}}' "$F"
|
||||
chmod +x "$F"
|
||||
done
|
||||
%setup -q -n Storable-%{version}
|
||||
%patch0 -p3
|
||||
|
||||
%build
|
||||
perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 OPTIMIZE="%{optflags}"
|
||||
%{make_build}
|
||||
perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 OPTIMIZE="$RPM_OPT_FLAGS"
|
||||
make %{?_smp_mflags}
|
||||
|
||||
%install
|
||||
%{make_install}
|
||||
find %{buildroot} -type f -name '*.bs' -size 0 -delete
|
||||
find %{buildroot} -type f -name '*.3pm' -size 0 -delete
|
||||
%{_fixperms} %{buildroot}/*
|
||||
|
||||
# Install tests
|
||||
mkdir -p %{buildroot}/%{_libexecdir}/%{name}
|
||||
cp -a t %{buildroot}/%{_libexecdir}/%{name}
|
||||
cat > %{buildroot}/%{_libexecdir}/%{name}/test << 'EOF'
|
||||
#!/bin/bash
|
||||
set -e
|
||||
# Some tests write into temporary files/directories. The easiest solution
|
||||
# is to copy the tests into a writable directory and execute them from there.
|
||||
DIR=$(mktemp -d)
|
||||
pushd "$DIR"
|
||||
cp -a %{_libexecdir}/%{name}/* ./
|
||||
prove -I . -j "$(getconf _NPROCESSORS_ONLN)"
|
||||
popd
|
||||
rm -rf "$DIR"
|
||||
EOF
|
||||
chmod +x %{buildroot}/%{_libexecdir}/%{name}/test
|
||||
make pure_install DESTDIR=$RPM_BUILD_ROOT
|
||||
find $RPM_BUILD_ROOT -type f -name '*.bs' -size 0 -delete
|
||||
find $RPM_BUILD_ROOT -type f -name '*.3pm' -size 0 -delete
|
||||
%{_fixperms} $RPM_BUILD_ROOT/*
|
||||
|
||||
%check
|
||||
export HARNESS_OPTIONS=j$(perl -e 'if ($ARGV[0] =~ /.*-j([0-9][0-9]*).*/) {print $1} else {print 1}' -- '%{?_smp_mflags}')
|
||||
unset PERL_CORE PERL_TEST_MEMORY PERL_RUN_SLOW_TESTS
|
||||
unset PERL_TEST_MEMORY PERL_RUN_SLOW_TESTS
|
||||
make test
|
||||
|
||||
%files
|
||||
%doc ChangeLog README
|
||||
%{perl_vendorarch}/auto/*
|
||||
%{perl_vendorarch}/Storable*
|
||||
%{_mandir}/man3/Storable*
|
||||
|
||||
%files tests
|
||||
%{_libexecdir}/%{name}
|
||||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.32-502
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
||||
|
||||
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.32-501
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
||||
|
||||
* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.32-500
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
|
||||
|
||||
* Tue Jul 11 2023 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.32-499
|
||||
- Increase release to favour standalone package
|
||||
|
||||
* Mon Jun 12 2023 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.32-1
|
||||
- Upgrade to 3.32 as provided in perl-5.37.12
|
||||
|
||||
* Thu May 18 2023 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.31-1
|
||||
- Upgrade to 3.31 as provided in perl-5.37.11
|
||||
|
||||
* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.26-490
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
||||
|
||||
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.26-489
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
||||
|
||||
* Mon May 30 2022 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.26-488
|
||||
- Upgrade to 3.26 as provided in perl-5.35.11
|
||||
|
||||
* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.25-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
||||
|
||||
* Mon Aug 30 2021 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.25-1
|
||||
- 3.25 bump
|
||||
- Package tests
|
||||
|
||||
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.23-478
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
||||
|
||||
* Fri May 21 2021 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.23-477
|
||||
- Upgrade to 3.23 as provided in perl-5.34.0
|
||||
|
||||
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.21-458
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.21-457
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Mon Jun 22 2020 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.21-456
|
||||
- Upgrade to 3.21 as provided in perl-5.32.0
|
||||
|
||||
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.15-443
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Mon Nov 25 2019 Petr Pisar <ppisar@redhat.com> - 1:3.15-442
|
||||
- Fix a buffer overflow when processing a vstring longer than 2^31-1
|
||||
(Perl GH#17306)
|
||||
|
||||
* Thu Aug 08 2019 Petr Pisar <ppisar@redhat.com> - 1:3.15-441
|
||||
- Fix array length check in a store hook
|
||||
|
||||
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.15-440
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Tue Jun 11 2019 Petr Pisar <ppisar@redhat.com> - 1:3.15-439
|
||||
- Fix deep cloning regular expression objects (RT#134179)
|
||||
|
||||
* Thu May 30 2019 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.15-438
|
||||
- Increase release to favour standalone package
|
||||
|
||||
* Wed Apr 24 2019 Petr Pisar <ppisar@redhat.com> - 1:3.15-1
|
||||
- 3.15 bump
|
||||
|
||||
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.11-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Mon Jan 07 2019 Petr Pisar <ppisar@redhat.com> - 1:3.11-6
|
||||
- Storable-3.11 source archive repackaged without a t/CVE-2015-1592.inc file
|
||||
(RT#133706)
|
||||
|
||||
* Mon Aug 27 2018 Petr Pisar <ppisar@redhat.com> - 1:3.11-5
|
||||
* Mon Aug 27 2018 Petr Pisar <ppisar@redhat.com> - 1:3.11-3
|
||||
- Fix recursion check (RT#133326)
|
||||
|
||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.11-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Tue Jun 26 2018 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.11-3
|
||||
- Perl 5.28 rebuild
|
||||
|
||||
* Tue Jun 05 2018 Petr Pisar <ppisar@redhat.com> - 1:3.11-2
|
||||
- Do not package empty Storable::Limit(3pm) manual page
|
||||
|
||||
|
@ -235,9 +113,6 @@ make test
|
|||
* Thu Apr 19 2018 Petr Pisar <ppisar@redhat.com> - 1:3.06-1
|
||||
- 3.06 bump
|
||||
|
||||
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.62-396
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.62-395
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
summary: Sanity tests
|
||||
discover:
|
||||
how: fmf
|
||||
execute:
|
||||
how: tmt
|
2
sources
2
sources
|
@ -1 +1 @@
|
|||
SHA512 (Storable-3.25.tar.gz) = a1e0342061bc3fbe04e1041c94004c6dc2fbee10ab49939fe93fa84696829aa32896e6af234a33743c6ecd9e5b0c2e2c623428207e0f04dc01b31caa87f8d73c
|
||||
SHA512 (Storable-3.11.tar.gz) = da27b56dd422d4ae0bad225c0b0dcc91beff546d0cc537643da5530e8d50f421e88b960a2ac9f09867448e28a10743790d935aa0c1b6c8456d059430e1f7ffe9
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
summary: Upstream tests
|
||||
component: perl-Storable
|
||||
require: perl-Storable-tests
|
||||
test: /usr/libexec/perl-Storable/test
|
Loading…
Reference in New Issue