perl: add patch for cve-2012-5195 (via Arch).
This commit is contained in:
parent
94d3ed6e64
commit
1fe1fbd1d2
|
@ -0,0 +1,29 @@
|
|||
commit b11b0d3ef18a35595a07a06c91fa4f27c9cacf5b
|
||||
Author: Andy Dougherty <doughera@lafayette.edu>
|
||||
Date: Thu Sep 27 09:52:18 2012 -0400
|
||||
|
||||
avoid calling memset with a negative count
|
||||
|
||||
Poorly written perl code that allows an attacker to specify the count to
|
||||
perl's 'x' string repeat operator can already cause a memory exhaustion
|
||||
denial-of-service attack. A flaw in versions of perl before 5.15.5 can
|
||||
escalate that into a heap buffer overrun; coupled with versions of glibc
|
||||
before 2.16, it possibly allows the execution of arbitrary code.
|
||||
|
||||
The flaw addressed to this commit has been assigned identifier
|
||||
CVE-2012-5195.
|
||||
|
||||
diff --git a/util.c b/util.c
|
||||
index 171456f..34f5fa9 100644
|
||||
--- util.c
|
||||
+++ util.c
|
||||
@@ -3416,6 +3416,9 @@ Perl_repeatcpy(register char *to, register const char *from, I32 len, register I
|
||||
{
|
||||
PERL_ARGS_ASSERT_REPEATCPY;
|
||||
|
||||
+ if (count < 0)
|
||||
+ Perl_croak_nocontext("%s",PL_memory_wrap);
|
||||
+
|
||||
if (len == 1)
|
||||
memset(to, *from, count);
|
||||
else if (count) {
|
|
@ -1,7 +1,7 @@
|
|||
# Template build file for 'perl'.
|
||||
pkgname=perl
|
||||
version=5.16.1
|
||||
revision=1
|
||||
revision=2
|
||||
makedepends="gdbm-devel db-devel less groff"
|
||||
short_desc="Practical Extraction and Report Language"
|
||||
maintainer="Juan RP <xtraeme@gmail.com>"
|
||||
|
|
Loading…
Reference in New Issue