Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: pu
As discussed in #724849, this should be considered for the next wheezy point release. Thanks, Dominic.
diff --git a/debian/changelog b/debian/changelog index eb75d57..7b89806 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +libdigest-sha-perl (5.71-2+deb7u1) UNRELEASED; urgency=low + + * Add 724342-fix-double-free-in-destroy.patch patch. + Fix double-free when Digest::SHA object is destroyed + (Closes: #724342) + + -- Dominic Hargreaves <d...@earth.li> Tue, 24 Sep 2013 21:55:34 +0100 + libdigest-sha-perl (5.71-2) unstable; urgency=low * Add 698172-fix-double-free-in-load-subroutine.patch patch. diff --git a/debian/control b/debian/control index f638d00..3dd4fad 100644 --- a/debian/control +++ b/debian/control @@ -10,7 +10,8 @@ Uploaders: Allard Hoeve <all...@byte.nl>, Niko Tyni <nt...@iki.fi>, gregor herrmann <gre...@debian.org>, Damyan Ivanov <d...@debian.org>, - Salvatore Bonaccorso <car...@debian.org> + Salvatore Bonaccorso <car...@debian.org>, + Dominic Hargreaves <d...@earth.li> Standards-Version: 3.9.3 Homepage: http://search.cpan.org/dist/Digest-SHA/ Vcs-Git: git://git.debian.org/pkg-perl/packages/libdigest-sha-perl.git diff --git a/debian/patches/724342-fix-double-free-in-destroy.patch b/debian/patches/724342-fix-double-free-in-destroy.patch new file mode 100644 index 0000000..5fd90f8 --- /dev/null +++ b/debian/patches/724342-fix-double-free-in-destroy.patch @@ -0,0 +1,42 @@ +From 504aefc29e21b6cc8e7d81ca83548ccda7ca606d Mon Sep 17 00:00:00 2001 +From: Chris 'BinGOs' Williams <ch...@bingosnet.co.uk> +Date: Fri, 28 Jun 2013 13:07:34 +0100 +Subject: [PATCH] maint-5.18: Digest-SHA crash fix in 5.85 + +Backported minimal changes from blead + +Bug-Debian: http://bugs.debian.org/724342 +Bug: https://rt.cpan.org/Public/Bug/Display.html?id=86295 +Origin: http://perl5.git.perl.org/perl.git/commit/ee8c6f40e6bd7b4e08eac8386f9a092fdd609ffa +--- + SHA.xs | 3 +++ + lib/Digest/SHA.pm | 2 +- + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/SHA.xs b/SHA.xs +index 7088a33..893bed2 100644 +--- a/SHA.xs ++++ b/SHA.xs +@@ -23,6 +23,9 @@ PROTOTYPES: ENABLE + int + shaclose(s) + SHA * s ++CODE: ++ RETVAL = shaclose(s); ++ sv_setiv(SvRV(ST(0)), 0); + + int + shadump(file, s) +diff --git a/lib/Digest/SHA.pm b/lib/Digest/SHA.pm +index 8cea302..2e70f60 100644 +--- a/lib/Digest/SHA.pm ++++ b/lib/Digest/SHA.pm +@@ -65,7 +65,7 @@ sub new { + + sub DESTROY { + my $self = shift; +- shaclose($$self) if $$self; ++ if ($$self) { shaclose($$self); $$self = undef } + } + + sub clone { diff --git a/debian/patches/series b/debian/patches/series index 04c11bb..2b4d631 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ 698172-fix-double-free-in-load-subroutine.patch +724342-fix-double-free-in-destroy.patch
