summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python/python/CVE-2016-5636.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-devtools/python/python/CVE-2016-5636.patch')
-rw-r--r--meta/recipes-devtools/python/python/CVE-2016-5636.patch44
1 files changed, 0 insertions, 44 deletions
diff --git a/meta/recipes-devtools/python/python/CVE-2016-5636.patch b/meta/recipes-devtools/python/python/CVE-2016-5636.patch
deleted file mode 100644
index 9a37471459..0000000000
--- a/meta/recipes-devtools/python/python/CVE-2016-5636.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-
-# HG changeset patch
-# User Benjamin Peterson <benjamin@python.org>
-# Date 1453357424 28800
-# Node ID 985fc64c60d6adffd1138b6cc46df388ca91ca5d
-# Parent 7ec954b9fc54448a35b56d271340ba109eb381b9
-prevent buffer overflow in get_data (closes #26171)
-
-Upstream-Status: Backport
-https://hg.python.org/cpython/rev/985fc64c60d6
-
-CVE: CVE-2016-5636
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
-Index: Python-2.7.11/Misc/NEWS
-===================================================================
---- Python-2.7.11.orig/Misc/NEWS
-+++ Python-2.7.11/Misc/NEWS
-@@ -7,6 +7,9 @@ What's New in Python 2.7.11?
-
- *Release date: 2015-12-05*
-
-+- Issue #26171: Fix possible integer overflow and heap corruption in
-+ zipimporter.get_data().
-+
- Library
- -------
-
-Index: Python-2.7.11/Modules/zipimport.c
-===================================================================
---- Python-2.7.11.orig/Modules/zipimport.c
-+++ Python-2.7.11/Modules/zipimport.c
-@@ -895,6 +895,11 @@ get_data(char *archive, PyObject *toc_en
- PyMarshal_ReadShortFromFile(fp); /* local header size */
- file_offset += l; /* Start of file data */
-
-+ if (data_size > LONG_MAX - 1) {
-+ fclose(fp);
-+ PyErr_NoMemory();
-+ return NULL;
-+ }
- raw_data = PyString_FromStringAndSize((char *)NULL, compress == 0 ?
- data_size : data_size + 1);
- if (raw_data == NULL) {
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-30 20:54:59 +0000