perl: add patch for cve-2012-5195 (via Arch).

This commit is contained in:
Juan RP 2012-10-26 14:26:20 +02:00
parent 94d3ed6e64
commit 1fe1fbd1d2
2 changed files with 30 additions and 1 deletions

View File

@ -0,0 +1,29 @@
commit b11b0d3ef18a35595a07a06c91fa4f27c9cacf5b
Author: Andy Dougherty <doughera@lafayette.edu>
Date: Thu Sep 27 09:52:18 2012 -0400
avoid calling memset with a negative count
Poorly written perl code that allows an attacker to specify the count to
perl's 'x' string repeat operator can already cause a memory exhaustion
denial-of-service attack. A flaw in versions of perl before 5.15.5 can
escalate that into a heap buffer overrun; coupled with versions of glibc
before 2.16, it possibly allows the execution of arbitrary code.
The flaw addressed to this commit has been assigned identifier
CVE-2012-5195.
diff --git a/util.c b/util.c
index 171456f..34f5fa9 100644
--- util.c
+++ util.c
@@ -3416,6 +3416,9 @@ Perl_repeatcpy(register char *to, register const char *from, I32 len, register I
{
PERL_ARGS_ASSERT_REPEATCPY;
+ if (count < 0)
+ Perl_croak_nocontext("%s",PL_memory_wrap);
+
if (len == 1)
memset(to, *from, count);
else if (count) {

View File

@ -1,7 +1,7 @@
# Template build file for 'perl'.
pkgname=perl
version=5.16.1
revision=1
revision=2
makedepends="gdbm-devel db-devel less groff"
short_desc="Practical Extraction and Report Language"
maintainer="Juan RP <xtraeme@gmail.com>"