In perl.git, the branch blead has been updated <http://perl5.git.perl.org/perl.git/commitdiff/a8c6ff7b8e8c6037333c21f9b3f6b38b9278df4f?hp=518a5310cc4bb66e3f41f288851d246966c3a685>
- Log ----------------------------------------------------------------- commit a8c6ff7b8e8c6037333c21f9b3f6b38b9278df4f Author: Chris 'BinGOs' Williams <[email protected]> Date: Tue Jan 15 10:32:29 2013 +0000 Update Digest-SHA to CPAN version 5.81 [DELTA] 5.81 Mon Jan 14 05:17:08 MST 2013 - corrected load subroutine (SHA.pm) to prevent double-free -- Bug #82655: Security issue - segfault -- thanks to Victor Efimov and Nicholas Clark for technical expertise and suggestions ----------------------------------------------------------------------- Summary of changes: Porting/Maintainers.pl | 2 +- cpan/Digest-SHA/Changes | 6 ++++++ cpan/Digest-SHA/README | 2 +- cpan/Digest-SHA/lib/Digest/SHA.pm | 13 ++++++++----- cpan/Digest-SHA/shasum | 6 +++--- cpan/Digest-SHA/src/hmac.c | 4 ++-- cpan/Digest-SHA/src/hmac.h | 4 ++-- cpan/Digest-SHA/src/sha.c | 6 +++--- cpan/Digest-SHA/src/sha.h | 4 ++-- 9 files changed, 28 insertions(+), 19 deletions(-) diff --git a/Porting/Maintainers.pl b/Porting/Maintainers.pl index 8287f66..bca6395 100755 --- a/Porting/Maintainers.pl +++ b/Porting/Maintainers.pl @@ -594,7 +594,7 @@ use File::Glob qw(:case); 'Digest::SHA' => { 'MAINTAINER' => 'mshelor', - 'DISTRIBUTION' => 'MSHELOR/Digest-SHA-5.80.tar.gz', + 'DISTRIBUTION' => 'MSHELOR/Digest-SHA-5.81.tar.gz', 'FILES' => q[cpan/Digest-SHA], 'EXCLUDED' => [ qw( t/pod.t diff --git a/cpan/Digest-SHA/Changes b/cpan/Digest-SHA/Changes index 97cb0fa..59fb090 100644 --- a/cpan/Digest-SHA/Changes +++ b/cpan/Digest-SHA/Changes @@ -1,5 +1,11 @@ Revision history for Perl extension Digest::SHA. +5.81 Mon Jan 14 05:17:08 MST 2013 + - corrected load subroutine (SHA.pm) to prevent double-free + -- Bug #82655: Security issue - segfault + -- thanks to Victor Efimov and Nicholas Clark + for technical expertise and suggestions + 5.80 Mon Dec 10 14:15:26 MST 2012 - obtained noticeable speedup on Intel/gcc -- by setting -O1 and -fomit-frame-pointer diff --git a/cpan/Digest-SHA/README b/cpan/Digest-SHA/README index c6592c8..8e0dca1 100644 --- a/cpan/Digest-SHA/README +++ b/cpan/Digest-SHA/README @@ -1,4 +1,4 @@ -Digest::SHA version 5.80 +Digest::SHA version 5.81 ======================== Digest::SHA is a complete implementation of the NIST Secure Hash diff --git a/cpan/Digest-SHA/lib/Digest/SHA.pm b/cpan/Digest-SHA/lib/Digest/SHA.pm index 40934b6..24fbc8b 100644 --- a/cpan/Digest-SHA/lib/Digest/SHA.pm +++ b/cpan/Digest-SHA/lib/Digest/SHA.pm @@ -7,7 +7,7 @@ use vars qw($VERSION @ISA @EXPORT @EXPORT_OK); use Fcntl; use integer; -$VERSION = '5.80'; +$VERSION = '5.81'; require Exporter; require DynaLoader; @@ -50,7 +50,7 @@ sub new { return($class); } shaclose($$class) if $$class; - $$class = shaopen($alg) || return; + return unless $$class = shaopen($alg); return($class); } $alg = 1 unless defined $alg; @@ -163,18 +163,21 @@ sub Addfile { sub dump { my $self = shift; - my $file = shift || ""; + my $file = shift; + $file = "" unless defined $file; shadump($file, $$self) || return; return($self); } sub load { my $class = shift; - my $file = shift || ""; + my $file = shift; + + $file = "" unless defined $file; if (ref($class)) { # instance method shaclose($$class) if $$class; - $$class = shaload($file) || return; + return unless $$class = shaload($file); return($class); } my $state = shaload($file) || return; diff --git a/cpan/Digest-SHA/shasum b/cpan/Digest-SHA/shasum index 12a27db..c8a67b1 100644 --- a/cpan/Digest-SHA/shasum +++ b/cpan/Digest-SHA/shasum @@ -4,8 +4,8 @@ ## ## Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved ## - ## Version: 5.80 - ## Mon Dec 10 14:15:26 MST 2012 + ## Version: 5.81 + ## Mon Jan 14 05:17:08 MST 2013 ## shasum SYNOPSIS adapted from GNU Coreutils sha1sum. ## Add an "-a" option for algorithm selection, a "-p" @@ -97,7 +97,7 @@ use strict; use Fcntl; use Getopt::Long; -my $VERSION = "5.80"; +my $VERSION = "5.81"; ## Try to use Digest::SHA. If not installed, use the slower diff --git a/cpan/Digest-SHA/src/hmac.c b/cpan/Digest-SHA/src/hmac.c index 97e7894..b9a7809 100644 --- a/cpan/Digest-SHA/src/hmac.c +++ b/cpan/Digest-SHA/src/hmac.c @@ -5,8 +5,8 @@ * * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved * - * Version: 5.80 - * Mon Dec 10 14:15:26 MST 2012 + * Version: 5.81 + * Mon Jan 14 05:17:08 MST 2013 * */ diff --git a/cpan/Digest-SHA/src/hmac.h b/cpan/Digest-SHA/src/hmac.h index bb81a33..d10b9e8 100644 --- a/cpan/Digest-SHA/src/hmac.h +++ b/cpan/Digest-SHA/src/hmac.h @@ -5,8 +5,8 @@ * * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved * - * Version: 5.80 - * Mon Dec 10 14:15:26 MST 2012 + * Version: 5.81 + * Mon Jan 14 05:17:08 MST 2013 * */ diff --git a/cpan/Digest-SHA/src/sha.c b/cpan/Digest-SHA/src/sha.c index d6b24c2..7bd6f1b 100644 --- a/cpan/Digest-SHA/src/sha.c +++ b/cpan/Digest-SHA/src/sha.c @@ -5,8 +5,8 @@ * * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved * - * Version: 5.80 - * Mon Dec 10 14:15:26 MST 2012 + * Version: 5.81 + * Mon Jan 14 05:17:08 MST 2013 * */ @@ -272,7 +272,7 @@ void sharewind(SHA *s) /* shaopen: creates a new digest object */ SHA *shaopen(int alg) { - SHA *s; + SHA *s = NULL; if (alg != SHA1 && alg != SHA224 && alg != SHA256 && alg != SHA384 && alg != SHA512 && diff --git a/cpan/Digest-SHA/src/sha.h b/cpan/Digest-SHA/src/sha.h index 3355086..6534b76 100644 --- a/cpan/Digest-SHA/src/sha.h +++ b/cpan/Digest-SHA/src/sha.h @@ -5,8 +5,8 @@ * * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved * - * Version: 5.80 - * Mon Dec 10 14:15:26 MST 2012 + * Version: 5.81 + * Mon Jan 14 05:17:08 MST 2013 * */ -- Perl5 Master Repository
