diff --git a/backport-Fix-various-obj-NULL-derefs.patch b/backport-Fix-various-obj-NULL-derefs.patch new file mode 100644 index 0000000..356319a --- /dev/null +++ b/backport-Fix-various-obj-NULL-derefs.patch @@ -0,0 +1,170 @@ +From a47f87c0a79015dc8c712b9713f2d2fd052405d1 Mon Sep 17 00:00:00 2001 +From: Reini Urban +Date: Tue, 26 May 2020 15:48:19 +0200 +Subject: [PATCH] Fix various obj NULL derefs + +Reported by Petr Pisar [cpan #132711] +--- + Bzip2.xs | 44 +++++++++++++++++++++++++++----------------- + 1 file changed, 27 insertions(+), 17 deletions(-) + +diff --git a/Bzip2.xs b/Bzip2.xs +index e18fced..0d8d0e9 100644 +--- a/Bzip2.xs ++++ b/Bzip2.xs +@@ -179,7 +179,7 @@ char* error_info; + + errstr = error_num * -1 < 0 || error_num * -1 > 9 ? "Unknown" : (char *) bzerrorstrings[ error_num * -1 ]; + +- if ( obj!=NULL ) { ++ if ( obj != NULL ) { + obj->bzip_errno = error_num; + obj->io_error = error_num == BZ_IO_ERROR ? errno : 0; + } +@@ -216,7 +216,7 @@ Bool bzfile_error( bzFile *obj ) { + #else + Bool bzfile_error( obj ) bzFile *obj; { + #endif +- return obj!=NULL ? ( obj->bzip_errno ? True : False ) : global_bzip_errno ? True : False; ++ return obj != NULL ? ( obj->bzip_errno ? True : False ) : global_bzip_errno ? True : False; + } + + #ifdef CAN_PROTOTYPE +@@ -224,7 +224,7 @@ int bzfile_geterrno( bzFile *obj ) { + #else + int bzfile_geterrno( obj ) bzFile *obj; { + #endif +- return obj==NULL ? global_bzip_errno : obj->bzip_errno; ++ return obj == NULL ? global_bzip_errno : obj->bzip_errno; + } + + #ifdef CAN_PROTOTYPE +@@ -232,7 +232,7 @@ const char *bzfile_geterrstr( bzFile *obj ) { + #else + const char *bzfile_geterrstr( obj ) bzFile *obj; { + #endif +- int error_num = obj==NULL ? global_bzip_errno : obj->bzip_errno; ++ int error_num = obj == NULL ? global_bzip_errno : obj->bzip_errno; + char *errstr = error_num * -1 < 0 || error_num * -1 > 9 ? "Unknown" : (char *) bzerrorstrings[ error_num * -1 ]; + return errstr; + } +@@ -242,7 +242,7 @@ Bool bzfile_eof( bzFile *obj ) { + #else + Bool bzfile_eof( obj ) bzFile *obj; { + #endif +- return obj==NULL ? False : ++ return obj == NULL ? False : + obj->bzip_errno == BZ_UNEXPECTED_EOF ? True : + obj->bzip_errno == BZ_OK && obj->pending_io_error && obj->io_error == BZ_IO_EOF ? True : + obj->bzip_errno != BZ_IO_ERROR ? False : +@@ -254,7 +254,7 @@ long bzfile_total_in( bzFile *obj ) { + #else + long bzfile_total_in( obj ) bzFile *obj; { + #endif +- return obj->total_in; ++ return obj == NULL ? 0 : obj->total_in; + } + + #ifdef CAN_PROTOTYPE +@@ -262,7 +262,7 @@ long bzfile_total_out( bzFile *obj ) { + #else + long bzfile_total_out( obj ) bzFile *obj; { + #endif +- return obj->total_out; ++ return obj == NULL ? 0 : obj->total_out; + } + + #ifdef CAN_PROTOTYPE +@@ -270,8 +270,10 @@ long bzfile_clear_totals( bzFile *obj ) { + #else + long bzfile_clear_totals( obj ) bzFile *obj; { + #endif +- obj->total_in = 0; +- obj->total_out = 0; ++ if (obj) { ++ obj->total_in = 0; ++ obj->total_out = 0; ++ } + return 0; + } + +@@ -284,7 +286,8 @@ int bzfile_clearerr( obj ) bzFile *obj; { + int clear_flag = 1; + + if ( error_num == BZ_IO_ERROR ) { +- PerlIO_clearerr( obj->handle ); ++ if (obj) ++ PerlIO_clearerr( obj->handle ); + } + else if ( error_num == BZ_SEQUENCE_ERROR ) { + /* program error */ +@@ -310,7 +313,7 @@ int bzfile_clearerr( obj ) bzFile *obj; { + clear_flag = 0; /* we don't like the version of bzlib */ + } + else if ( error_num == BZ_OK ) { +- if ( obj->pending_io_error ) { ++ if ( obj && obj->pending_io_error ) { + if ( obj->io_error == BZ_IO_EOF ) { + PerlIO_clearerr( obj->handle ); + clear_flag = 0; +@@ -335,7 +338,7 @@ int bzfile_clearerr( obj ) bzFile *obj; { + } + + if ( clear_flag ) { +- if ( obj != NULL ) { ++ if ( obj ) { + obj->bzip_errno = 0; + obj->io_error = 0; + obj->pending_io_error = False; +@@ -368,6 +371,11 @@ bzFile* bzfile_new( verbosity, small, blockSize100k, workFactor ) + } + + Newz(idthing, obj, 1, bzFile); ++ if (!obj) { ++ BZ_SETERR(NULL, BZ_IO_ERROR, NULL); ++ die( "Out of memory"); ++ return NULL; ++ } + + BZ_SETERR(obj, BZ_OK, NULL); + +@@ -411,7 +419,7 @@ void bzfile_free( bzFile* obj ) { + #else + void bzfile_free( obj ) bzFile* obj; { + #endif +- if ( obj!=NULL ) Safefree((void*) obj); ++ if ( obj != NULL ) Safefree((void*) obj); + } + + /* query and/or set param setting of bzFile */ +@@ -1668,8 +1676,8 @@ MY_new(...) + { + int i; + +- perlobj=NULL; +- obj=NULL; ++ perlobj = NULL; ++ obj = NULL; + if ( items == 0 ) { + class = "Compress::Bzip2"; + } +@@ -1711,7 +1719,9 @@ DESTROY(obj) + + CODE: + { +- if (obj->verbosity>=1) ++ if (!obj) ++ XSRETURN_UNDEF; ++ if (obj->verbosity >= 1) + PerlIO_printf(PerlIO_stderr(), "debug: DESTROY on %p\n", obj); + bzfile_close( obj, 0 ); + bzfile_free( obj ); +@@ -2135,7 +2145,7 @@ MY_bzclearerr(obj) + + CODE: + { +- if ( bzfile_clearerr( obj ) ) ++ if ( obj && bzfile_clearerr( obj ) ) + RETVAL = 1; + else + RETVAL = 0; diff --git a/perl-Compress-Bzip2.spec b/perl-Compress-Bzip2.spec index 1d1538f..1e5f6f2 100644 --- a/perl-Compress-Bzip2.spec +++ b/perl-Compress-Bzip2.spec @@ -1,10 +1,13 @@ Name: perl-Compress-Bzip2 Version: 2.26 -Release: 11 +Release: 12 Summary: This module provides a Compress::Zlib like Perl interface to the bzip2 library License: GPL+ or Artistic URL: https://metacpan.org/release/Compress-Bzip2 Source0: https://cpan.metacpan.org/authors/id/R/RU/RURBAN/Compress-Bzip2-%{version}.tar.gz + +Patch1: backport-Fix-various-obj-NULL-derefs.patch + BuildRequires: findutils gcc make bzip2-devel >= 1.0.5 sed perl(ExtUtils::MakeMaker) BuildRequires: perl-interpreter perl-generators perl(Test::More) perl-devel Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) perl(constant) >= 1.04 @@ -20,6 +23,7 @@ level routines. %prep %setup -q -n Compress-Bzip2-%{version} +%patch1 -p1 find bzlib-src -mindepth 1 -type f \! -name 'sample*' -delete sed -i -e '/^bzlib-src\//d' MANIFEST @@ -47,6 +51,9 @@ make test %{_mandir}/man3/*.3pm* %changelog +* Tue Oct 24 2023 wangjiang - 2.26-12 +- fix various obj NULL derefs + * Wed May 13 2020 openEuler Buildteam - 2.26-11 - Add build requires of perl-devel