Hello community, here is the log from the commit of package perl-Sereal for openSUSE:Factory checked in at 2020-07-17 20:50:26 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/perl-Sereal (Old) and /work/SRC/openSUSE:Factory/.perl-Sereal.new.3592 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-Sereal" Fri Jul 17 20:50:26 2020 rev:6 rq:821418 version:4.017 Changes: -------- --- /work/SRC/openSUSE:Factory/perl-Sereal/perl-Sereal.changes 2020-02-11 22:17:28.783307350 +0100 +++ /work/SRC/openSUSE:Factory/.perl-Sereal.new.3592/perl-Sereal.changes 2020-07-17 20:51:10.920941062 +0200 @@ -1,0 +2,20 @@ +Fri Jul 10 09:39:41 UTC 2020 - Tina Müller <[email protected]> + +- updated to 4.017 + see /usr/share/doc/packages/perl-Sereal/Changes + + 4.017 Thurs July 9, 2020 + * The build fixes in 4.016 didn't work correctly, this should fix them. + 4.016 Thurs July 9, 2020 + * Fix some dependency issues in build process + 4.015 Weds July 8, 2020 + * Build fixes (missing dependency) + * Hardening against corrupted data + * New thresholds to manage decoding process + 4.014 Thurs June 11, 2020 + * Fix build issue on non-win32 platforms. + * Update zstd to 1.4.5 + 4.012 Tues February 4, 2020 + * Fix memory leak in looks_like_sereal(), thanks to Kirill Sysoev + +------------------------------------------------------------------- Old: ---- Sereal-4.011.tar.gz New: ---- Sereal-4.017.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-Sereal.spec ++++++ --- /var/tmp/diff_new_pack.L7Znmu/_old 2020-07-17 20:51:12.068942260 +0200 +++ /var/tmp/diff_new_pack.L7Znmu/_new 2020-07-17 20:51:12.068942260 +0200 @@ -1,7 +1,7 @@ # # spec file for package perl-Sereal # -# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,26 +17,26 @@ Name: perl-Sereal -Version: 4.011 +Version: 4.017 Release: 0 %define cpan_name Sereal Summary: Binary serialization module for Perl License: Artistic-1.0 OR GPL-1.0-or-later Group: Development/Libraries/Perl -Url: https://metacpan.org/release/%{cpan_name} +URL: https://metacpan.org/release/%{cpan_name} Source0: https://cpan.metacpan.org/authors/id/Y/YV/YVES/%{cpan_name}-%{version}.tar.gz Source1: cpanspec.yml BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: perl BuildRequires: perl-macros -BuildRequires: perl(Sereal::Decoder) >= 4.011 -BuildRequires: perl(Sereal::Encoder) >= 4.011 +BuildRequires: perl(Sereal::Decoder) >= 4.017 +BuildRequires: perl(Sereal::Encoder) >= 4.017 BuildRequires: perl(Test::LongString) BuildRequires: perl(Test::More) >= 0.88 BuildRequires: perl(Test::Warn) -Requires: perl(Sereal::Decoder) >= 4.011 -Requires: perl(Sereal::Encoder) >= 4.011 +Requires: perl(Sereal::Decoder) >= 4.017 +Requires: perl(Sereal::Encoder) >= 4.017 %{perl_requires} %description ++++++ Sereal-4.011.tar.gz -> Sereal-4.017.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Sereal-4.011/Changes new/Sereal-4.017/Changes --- old/Sereal-4.011/Changes 2020-02-04 05:49:05.000000000 +0100 +++ new/Sereal-4.017/Changes 2020-07-09 20:18:07.000000000 +0200 @@ -13,6 +13,24 @@ * Sereal package and instead install the Encoder or * * Decoder independently. * **************************************************************** +4.017 Thurs July 9, 2020 + * The build fixes in 4.016 didn't work correctly, this should fix them. + +4.016 Thurs July 9, 2020 + * Fix some dependency issues in build process + +4.015 Weds July 8, 2020 + * Build fixes (missing dependency) + * Hardening against corrupted data + * New thresholds to manage decoding process + +4.014 Thurs June 11, 2020 + * Fix build issue on non-win32 platforms. + * Update zstd to 1.4.5 + +4.012 Tues February 4, 2020 + * Fix memory leak in looks_like_sereal(), thanks to Kirill Sysoev + 4.011 Tues February 4, 2020 * Fix and test custom opcode logic for 5.31.2 and later. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Sereal-4.011/META.json new/Sereal-4.017/META.json --- old/Sereal-4.011/META.json 2020-02-04 06:00:05.000000000 +0100 +++ new/Sereal-4.017/META.json 2020-07-09 20:29:25.000000000 +0200 @@ -4,13 +4,13 @@ "Steffen Mueller <[email protected]>, Yves Orton <[email protected]>" ], "dynamic_config" : 1, - "generated_by" : "ExtUtils::MakeMaker version 7.44, CPAN::Meta::Converter version 2.150010", + "generated_by" : "ExtUtils::MakeMaker version 7.46, CPAN::Meta::Converter version 2.150010", "license" : [ "perl_5" ], "meta-spec" : { "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec";, - "version" : 2 + "version" : "2" }, "name" : "Sereal", "no_index" : { @@ -32,8 +32,8 @@ }, "runtime" : { "requires" : { - "Sereal::Decoder" : "4.011", - "Sereal::Encoder" : "4.011", + "Sereal::Decoder" : "4.017", + "Sereal::Encoder" : "4.017", "perl" : "5.008" } }, @@ -42,8 +42,8 @@ "Data::Dumper" : "0", "File::Spec" : "0", "Scalar::Util" : "0", - "Sereal::Decoder" : "4.011", - "Sereal::Encoder" : "4.011", + "Sereal::Decoder" : "4.017", + "Sereal::Encoder" : "4.017", "Test::LongString" : "0", "Test::More" : "0.88", "Test::Warn" : "0" @@ -60,6 +60,6 @@ "url" : "git://github.com/Sereal/Sereal.git" } }, - "version" : "4.011", - "x_serialization_backend" : "JSON::PP version 4.04" + "version" : "4.017", + "x_serialization_backend" : "JSON::PP version 2.27400" } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Sereal-4.011/META.yml new/Sereal-4.017/META.yml --- old/Sereal-4.011/META.yml 2020-02-04 06:00:05.000000000 +0100 +++ new/Sereal-4.017/META.yml 2020-07-09 20:29:25.000000000 +0200 @@ -7,15 +7,15 @@ ExtUtils::MakeMaker: '0' File::Spec: '0' Scalar::Util: '0' - Sereal::Decoder: '4.011' - Sereal::Encoder: '4.011' + Sereal::Decoder: '4.017' + Sereal::Encoder: '4.017' Test::LongString: '0' Test::More: '0.88' Test::Warn: '0' configure_requires: ExtUtils::MakeMaker: '0' dynamic_config: 1 -generated_by: 'ExtUtils::MakeMaker version 7.44, CPAN::Meta::Converter version 2.150010' +generated_by: 'ExtUtils::MakeMaker version 7.46, CPAN::Meta::Converter version 2.150010' license: perl meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html @@ -26,11 +26,11 @@ - t - inc requires: - Sereal::Decoder: '4.011' - Sereal::Encoder: '4.011' + Sereal::Decoder: '4.017' + Sereal::Encoder: '4.017' perl: '5.008' resources: bugtracker: https://github.com/Sereal/Sereal/issues repository: git://github.com/Sereal/Sereal.git -version: '4.011' +version: '4.017' x_serialization_backend: 'CPAN::Meta::YAML version 0.018' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Sereal-4.011/Makefile.PL new/Sereal-4.017/Makefile.PL --- old/Sereal-4.011/Makefile.PL 2020-02-04 05:49:18.000000000 +0100 +++ new/Sereal-4.017/Makefile.PL 2020-07-09 20:18:52.000000000 +0200 @@ -4,7 +4,7 @@ use ExtUtils::MakeMaker; use Cwd; -our $VERSION= '4.011'; +our $VERSION= '4.017'; my $shared_dir= "../shared"; my $its_our_repo_file= "../this_is_the_Sereal_repo.txt"; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Sereal-4.011/lib/Sereal.pm new/Sereal-4.017/lib/Sereal.pm --- old/Sereal-4.011/lib/Sereal.pm 2020-02-04 05:49:18.000000000 +0100 +++ new/Sereal-4.017/lib/Sereal.pm 2020-07-09 20:18:52.000000000 +0200 @@ -2,9 +2,9 @@ use 5.008; use strict; use warnings; -our $VERSION= '4.011'; +our $VERSION= '4.017'; our $XS_VERSION= $VERSION; $VERSION= eval $VERSION; -use Sereal::Encoder 4.011 qw( +use Sereal::Encoder 4.017 qw( encode_sereal sereal_encode_with_object SRL_UNCOMPRESSED @@ -12,7 +12,7 @@ SRL_ZLIB SRL_ZSTD ); -use Sereal::Decoder 4.011 qw( +use Sereal::Decoder 4.017 qw( decode_sereal looks_like_sereal decode_sereal_with_header_data diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Sereal-4.011/t/030_looks_like_sereal.t new/Sereal-4.017/t/030_looks_like_sereal.t --- old/Sereal-4.011/t/030_looks_like_sereal.t 2020-02-02 18:25:40.000000000 +0100 +++ new/Sereal-4.017/t/030_looks_like_sereal.t 2020-07-03 08:41:57.000000000 +0200 @@ -65,7 +65,7 @@ [ "=Srl" . chr(1) . chr(0) . chr(SRL_HDR_UNDEF), "", "wrong magic string is not Sereal" ], ); -plan tests => 2 + @tests * 5; +plan tests => 3 + @tests * 5; is( prototype( \&looks_like_sereal ), undef ); is( prototype( \&scalar_looks_like_sereal ), "\$" ); @@ -79,3 +79,9 @@ is( $decoder->looks_like_sereal($input), $outcome, "$name (object method)" ); is( Sereal::Decoder->looks_like_sereal($input), $outcome, "$name (class method)" ); } + +SKIP:{ + skip "Build test only needs to run on linux", 1 if $^O ne "linux"; + skip "Test requires Test::MemoryGrowth", 1 if !eval "require Test::MemoryGrowth; 1"; + Test::MemoryGrowth::no_growth(sub{ looks_like_sereal(doc(1,3,1)) },'looks_like_sereal should not leak'); +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Sereal-4.011/t/150_dec_exception.t new/Sereal-4.017/t/150_dec_exception.t --- old/Sereal-4.011/t/150_dec_exception.t 2020-02-02 18:25:40.000000000 +0100 +++ new/Sereal-4.017/t/150_dec_exception.t 2020-07-03 19:07:23.000000000 +0200 @@ -20,7 +20,7 @@ # bad input. This obviously shouldn't segfault and neither leak # memory. -plan tests => 56; +plan tests => 88; my ( $ok, $out, $err ); SCOPE: { @@ -57,6 +57,40 @@ $hash_packet, qr/Sereal: Error/, "Setting hash limit option (999)", { max_num_hash_entries => 999 } ); + # Tests for limiting number of acceptable array entries + my $array_packet= Header() . array( map short_string($_), 1 .. 1000 ); + my $ar= decode_sereal($array_packet); + is( ref($ar), "ARRAY", "Deserializes as array" ); + is( scalar( @$ar ), 1000, "Array has 1000 entries" ); + $ar= decode_sereal( $array_packet, { max_num_array_entries => 0 } ); + is( ref($ar), "ARRAY", "Deserializes as array (2)" ); + $ar= decode_sereal( $array_packet, { max_num_array_entries => 1000 } ); + is( ref($ar), "ARRAY", "Deserializes as array (3)" ); + + check_fail( + $array_packet, qr/Sereal: Error/, "Setting array limit option (1)", + { max_num_array_entries => 1 } ); + check_fail( + $array_packet, qr/Sereal: Error/, "Setting array limit option (999)", + { max_num_array_entries => 999 } ); + + # Tests for limiting number of characters in a (NOT short) string + my $string_packet= "\x3d\xf3\x72\x6c\x04\x00\x26\xe8\x07" . ('a' x 1000); + my $str= decode_sereal($string_packet); + is( ref($str), "", "Deserializes as scalar" ); + is( length( $str ), 1000, "String has 1000 characters" ); + $str= decode_sereal( $string_packet, { max_string_length => 0 } ); + is( ref($str), "", "Deserializes as string (2)" ); + $str= decode_sereal( $string_packet, { max_string_length => 1000 } ); + is( ref($str), "", "Deserializes as string (3)" ); + + check_fail( + $string_packet, qr/Sereal: Error/, "Setting string limit option (1)", + { max_string_length => 1 } ); + check_fail( + $string_packet, qr/Sereal: Error/, "Setting array limit option (999)", + { max_string_length => 999 } ); + my $valid_packet= Header(2) . short_string("foo"); my $foo= decode_sereal($valid_packet); is( $foo, "foo", "Have valid test packet" );
