diff options
| author |   Alex Legler <a3li@gentoo.org> | 2009-08-17 10:17:42 +0000 |
|---|---|---|
| committer | Alex Legler <a3li@gentoo.org> | 2009-08-17 10:17:42 +0000 |
| commit | 1b51640417ca6f1be4b08db9e44f8e536d965f91 (patch) | |
| tree | c14b27b6dac7c89ebe2c92175975a94f64b755ec /net-zope/zodb/files | |
| parent | Fix USE=postgres handling, add USE=sqlite support, use latest autotools, and ... (diff) | |
| download | historical-1b51640417ca6f1be4b08db9e44f8e536d965f91.tar.gz historical-1b51640417ca6f1be4b08db9e44f8e536d965f91.tar.bz2 historical-1b51640417ca6f1be4b08db9e44f8e536d965f91.zip | |
Non-maintainer commit: Version bump for security bug 278824.
Package-Manager: portage-2.2_rc33/cvs/Linux x86_64
Diffstat (limited to 'net-zope/zodb/files')
| -rw-r--r-- | net-zope/zodb/files/zodb-3.3.1-CVE-2009-0668+0669.patch | 117 | ||||
| -rw-r--r-- | net-zope/zodb/files/zodb-3.6.0-CVE-2009-0668+0669.patch | 117 |
2 files changed, 234 insertions, 0 deletions
diff --git a/net-zope/zodb/files/zodb-3.3.1-CVE-2009-0668+0669.patch b/net-zope/zodb/files/zodb-3.3.1-CVE-2009-0668+0669.patch new file mode 100644 index 000000000000..d9cff752cd1f --- /dev/null +++ b/net-zope/zodb/files/zodb-3.3.1-CVE-2009-0668+0669.patch @@ -0,0 +1,117 @@ +=== StorageServer.py +================================================================== +Index: ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/StorageServer.py +=================================================================== +--- ZODB3-3.3.1.orig/Dependencies/ZEO-ZODB3-3.3.1/ZEO/StorageServer.py ++++ ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/StorageServer.py +@@ -98,7 +98,7 @@ class ZEOStorage: + for func in self.extensions: + self._extensions[func.func_name] = None + +- def finish_auth(self, authenticated): ++ def _finish_auth(self, authenticated): + if not self.auth_realm: + return 1 + self.authenticated = authenticated +@@ -350,6 +350,7 @@ class ZEOStorage: + + def new_oids(self, n=100): + """Return a sequence of n new oids, where n defaults to 100""" ++ n = min(n, 100) + if self.read_only: + raise ReadOnlyError() + if n <= 0: +Index: ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/auth/auth_digest.py +=================================================================== +--- ZODB3-3.3.1.orig/Dependencies/ZEO-ZODB3-3.3.1/ZEO/auth/auth_digest.py ++++ ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/auth/auth_digest.py +@@ -121,7 +121,7 @@ class StorageClass(ZEOStorage): + check = hexdigest("%s:%s" % (h_up, challenge)) + if check == response: + self.connection.setSessionKey(session_key(h_up, self._key_nonce)) +- return self.finish_auth(check == response) ++ return self._finish_auth(check == response) + + extensions = [auth_get_challenge, auth_response] + +Index: ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/tests/auth_plaintext.py +=================================================================== +--- ZODB3-3.3.1.orig/Dependencies/ZEO-ZODB3-3.3.1/ZEO/tests/auth_plaintext.py ++++ ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/tests/auth_plaintext.py +@@ -41,7 +41,7 @@ class StorageClass(ZEOStorage): + self.connection.setSessionKey(session_key(username, + self.database.realm, + password)) +- return self.finish_auth(dbpw == password_dig) ++ return self._finish_auth(dbpw == password_dig) + + class PlaintextClient(Client): + extensions = ["auth"] +Index: ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/zrpc/connection.py +=================================================================== +--- ZODB3-3.3.1.orig/Dependencies/ZEO-ZODB3-3.3.1/ZEO/zrpc/connection.py ++++ ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/zrpc/connection.py +@@ -22,7 +22,7 @@ import logging + import ThreadedAsync + from ZEO.zrpc import smac + from ZEO.zrpc.error import ZRPCError, DisconnectedError +-from ZEO.zrpc.marshal import Marshaller ++from ZEO.zrpc.marshal import Marshaller, ServerMarshaller + from ZEO.zrpc.trigger import trigger + from ZEO.zrpc.log import short_repr, log + from ZODB.loglevels import BLATHER, TRACE +@@ -716,6 +716,7 @@ class ManagedServerConnection(Connection + def __init__(self, sock, addr, obj, mgr): + self.mgr = mgr + self.__super_init(sock, addr, obj, 'S') ++ self.marshal = ServerMarshaller() + self.obj.notifyConnected(self) + + def handshake(self): +Index: ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/zrpc/marshal.py +=================================================================== +--- ZODB3-3.3.1.orig/Dependencies/ZEO-ZODB3-3.3.1/ZEO/zrpc/marshal.py ++++ ZODB3-3.3.1/Dependencies/ZEO-ZODB3-3.3.1/ZEO/zrpc/marshal.py +@@ -53,6 +53,20 @@ class Marshaller: + level=logging.ERROR) + raise + ++class ServerMarshaller(Marshaller): ++ ++ def decode(self, msg): ++ """Decodes msg and returns its parts""" ++ unpickler = cPickle.Unpickler(StringIO(msg)) ++ unpickler.find_global = server_find_global ++ ++ try: ++ return unpickler.load() # msgid, flags, name, args ++ except: ++ log("can't decode message: %s" % short_repr(msg), ++ level=logging.ERROR) ++ raise ++ + _globals = globals() + _silly = ('__doc__',) + +@@ -77,3 +91,21 @@ def find_global(module, name): + return r + + raise ZRPCError("Unsafe global: %s.%s" % (module, name)) ++ ++def server_find_global(module, name): ++ """Helper for message unpickler""" ++ try: ++ m = __import__(module, _globals, _globals, _silly) ++ except ImportError, msg: ++ raise ZRPCError("import error %s: %s" % (module, msg)) ++ ++ try: ++ r = getattr(m, name) ++ except AttributeError: ++ raise ZRPCError("module %s has no global %s" % (module, name)) ++ ++ safe = getattr(r, '__no_side_effects__', 0) ++ if safe: ++ return r ++ ++ raise ZRPCError("Unsafe global: %s.%s" % (module, name)) diff --git a/net-zope/zodb/files/zodb-3.6.0-CVE-2009-0668+0669.patch b/net-zope/zodb/files/zodb-3.6.0-CVE-2009-0668+0669.patch new file mode 100644 index 000000000000..e39248603d00 --- /dev/null +++ b/net-zope/zodb/files/zodb-3.6.0-CVE-2009-0668+0669.patch @@ -0,0 +1,117 @@ +=== StorageServer.py +================================================================== +Index: ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/StorageServer.py +=================================================================== +--- ZODB3-3.6.0.orig/Dependencies/ZEO-ZODB3-3.6.0/ZEO/StorageServer.py ++++ ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/StorageServer.py +@@ -98,7 +98,7 @@ class ZEOStorage: + for func in self.extensions: + self._extensions[func.func_name] = None + +- def finish_auth(self, authenticated): ++ def _finish_auth(self, authenticated): + if not self.auth_realm: + return 1 + self.authenticated = authenticated +@@ -350,6 +350,7 @@ class ZEOStorage: + + def new_oids(self, n=100): + """Return a sequence of n new oids, where n defaults to 100""" ++ n = min(n, 100) + if self.read_only: + raise ReadOnlyError() + if n <= 0: +Index: ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/auth/auth_digest.py +=================================================================== +--- ZODB3-3.6.0.orig/Dependencies/ZEO-ZODB3-3.6.0/ZEO/auth/auth_digest.py ++++ ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/auth/auth_digest.py +@@ -121,7 +121,7 @@ class StorageClass(ZEOStorage): + check = hexdigest("%s:%s" % (h_up, challenge)) + if check == response: + self.connection.setSessionKey(session_key(h_up, self._key_nonce)) +- return self.finish_auth(check == response) ++ return self._finish_auth(check == response) + + extensions = [auth_get_challenge, auth_response] + +Index: ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/tests/auth_plaintext.py +=================================================================== +--- ZODB3-3.6.0.orig/Dependencies/ZEO-ZODB3-3.6.0/ZEO/tests/auth_plaintext.py ++++ ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/tests/auth_plaintext.py +@@ -41,7 +41,7 @@ class StorageClass(ZEOStorage): + self.connection.setSessionKey(session_key(username, + self.database.realm, + password)) +- return self.finish_auth(dbpw == password_dig) ++ return self._finish_auth(dbpw == password_dig) + + class PlaintextClient(Client): + extensions = ["auth"] +Index: ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/zrpc/connection.py +=================================================================== +--- ZODB3-3.6.0.orig/Dependencies/ZEO-ZODB3-3.6.0/ZEO/zrpc/connection.py ++++ ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/zrpc/connection.py +@@ -22,7 +22,7 @@ import logging + import ThreadedAsync + from ZEO.zrpc import smac + from ZEO.zrpc.error import ZRPCError, DisconnectedError +-from ZEO.zrpc.marshal import Marshaller ++from ZEO.zrpc.marshal import Marshaller, ServerMarshaller + from ZEO.zrpc.trigger import trigger + from ZEO.zrpc.log import short_repr, log + from ZODB.loglevels import BLATHER, TRACE +@@ -716,6 +716,7 @@ class ManagedServerConnection(Connection + def __init__(self, sock, addr, obj, mgr): + self.mgr = mgr + self.__super_init(sock, addr, obj, 'S') ++ self.marshal = ServerMarshaller() + self.obj.notifyConnected(self) + + def handshake(self): +Index: ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/zrpc/marshal.py +=================================================================== +--- ZODB3-3.6.0.orig/Dependencies/ZEO-ZODB3-3.6.0/ZEO/zrpc/marshal.py ++++ ZODB3-3.6.0/Dependencies/ZEO-ZODB3-3.6.0/ZEO/zrpc/marshal.py +@@ -53,6 +53,20 @@ class Marshaller: + level=logging.ERROR) + raise + ++class ServerMarshaller(Marshaller): ++ ++ def decode(self, msg): ++ """Decodes msg and returns its parts""" ++ unpickler = cPickle.Unpickler(StringIO(msg)) ++ unpickler.find_global = server_find_global ++ ++ try: ++ return unpickler.load() # msgid, flags, name, args ++ except: ++ log("can't decode message: %s" % short_repr(msg), ++ level=logging.ERROR) ++ raise ++ + _globals = globals() + _silly = ('__doc__',) + +@@ -77,3 +91,21 @@ def find_global(module, name): + return r + + raise ZRPCError("Unsafe global: %s.%s" % (module, name)) ++ ++def server_find_global(module, name): ++ """Helper for message unpickler""" ++ try: ++ m = __import__(module, _globals, _globals, _silly) ++ except ImportError, msg: ++ raise ZRPCError("import error %s: %s" % (module, msg)) ++ ++ try: ++ r = getattr(m, name) ++ except AttributeError: ++ raise ZRPCError("module %s has no global %s" % (module, name)) ++ ++ safe = getattr(r, '__no_side_effects__', 0) ++ if safe: ++ return r ++ ++ raise ZRPCError("Unsafe global: %s.%s" % (module, name)) |