lang/python25/patches/patch-bc

   1 $NetBSD$
   2
   3 Patch for CVE-2008-2315 taken from Gentoo.
   4
   5 --- Objects/bufferobject.c.orig 2008-02-14 11:26:18.000000000 +0000
   6 +++ Objects/bufferobject.c      2008-08-30 10:16:13.000000000 +0100
   7 @@ -427,6 +427,10 @@
   8                 count = 0;
   9         if (!get_buf(self, &ptr, &size, ANY_BUFFER))
  10                 return NULL;
  11 +       if (count > PY_SSIZE_T_MAX / size) {
  12 +               PyErr_SetString(PyExc_MemoryError, "result too large");
  13 +               return NULL;
  14 +       }
  15         ob = PyString_FromStringAndSize(NULL, size * count);
  16         if ( ob == NULL )
  17                 return NULL;