[Pkg-ocaml-maint-commits] [ocaml] 04/05: CVE-2015-8869
Mehdi Dogguy
mehdi at moszumanska.debian.org
Thu Dec 22 00:01:11 UTC 2016
This is an automated email from the git hooks/post-receive script.
mehdi pushed a commit to branch debian/sid
in repository ocaml.
commit 5017340848104ac9e4b2f7c32b693bb2dac5e168
Author: Mehdi Dogguy <mehdi at debian.org>
Date: Thu Dec 22 00:48:03 2016 +0100
CVE-2015-8869
---
debian/changelog | 1 +
debian/patches/0015-CVE-2015-8869.patch | 70 +++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 72 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index fda32d0..0c6dba1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@ ocaml (4.02.3-9) UNRELEASED; urgency=medium
- add patch 0013-Obey-ldflags.patch
* Compute a stable name for preprocessed files (Closes: #838188).
Thanks to Johannes Schauer for the patch!
+ * CVE-2015-8869 (Closes: #824139).
-- Mehdi Dogguy <mehdi at debian.org> Thu, 22 Dec 2016 00:12:38 +0100
diff --git a/debian/patches/0015-CVE-2015-8869.patch b/debian/patches/0015-CVE-2015-8869.patch
new file mode 100644
index 0000000..1dbb367
--- /dev/null
+++ b/debian/patches/0015-CVE-2015-8869.patch
@@ -0,0 +1,70 @@
+From: Mehdi Dogguy <mehdi at debian.org>
+Date: Thu, 22 Dec 2016 00:45:00 +0100
+Subject: CVE-2015-8869
+
+Upstream commit: https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74#diff-a97df53e3ebc59bb457191b496c90762
+
+http://www.openwall.com/lists/oss-security/2016/04/29/1
+---
+ byterun/alloc.c | 4 ++--
+ byterun/intern.c | 2 +-
+ byterun/str.c | 4 ++--
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/byterun/alloc.c b/byterun/alloc.c
+index b421cac..3d7dfc4 100644
+--- a/byterun/alloc.c
++++ b/byterun/alloc.c
+@@ -147,7 +147,7 @@ CAMLexport int caml_convert_flag_list(value list, int *flags)
+
+ CAMLprim value caml_alloc_dummy(value size)
+ {
+- mlsize_t wosize = Int_val(size);
++ mlsize_t wosize = Long_val(size);
+
+ if (wosize == 0) return Atom(0);
+ return caml_alloc (wosize, 0);
+@@ -161,7 +161,7 @@ CAMLprim value caml_alloc_dummy_function(value size,value arity)
+
+ CAMLprim value caml_alloc_dummy_float (value size)
+ {
+- mlsize_t wosize = Int_val(size) * Double_wosize;
++ mlsize_t wosize = Long_val(size) * Double_wosize;
+
+ if (wosize == 0) return Atom(0);
+ return caml_alloc (wosize, 0);
+diff --git a/byterun/intern.c b/byterun/intern.c
+index d2943af..e5cdeb4 100644
+--- a/byterun/intern.c
++++ b/byterun/intern.c
+@@ -287,7 +287,7 @@ static void intern_rec(value *dest)
+ case OFreshOID:
+ /* Refresh the object ID */
+ /* but do not do it for predefined exception slots */
+- if (Int_val(Field((value)dest, 1)) >= 0)
++ if (Long_val(Field((value)dest, 1)) >= 0)
+ caml_set_oo_id((value)dest);
+ /* Pop item and iterate */
+ sp--;
+diff --git a/byterun/str.c b/byterun/str.c
+index a72b34c..dc69624 100644
+--- a/byterun/str.c
++++ b/byterun/str.c
+@@ -266,7 +266,7 @@ CAMLprim value caml_string_greaterequal(value s1, value s2)
+ CAMLprim value caml_blit_string(value s1, value ofs1, value s2, value ofs2,
+ value n)
+ {
+- memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Int_val(n));
++ memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Long_val(n));
+ return Val_unit;
+ }
+
+@@ -293,7 +293,7 @@ CAMLprim value caml_is_printable(value chr)
+
+ CAMLprim value caml_bitvect_test(value bv, value n)
+ {
+- int pos = Int_val(n);
++ intnat pos = Long_val(n);
+ return Val_int(Byte_u(bv, pos >> 3) & (1 << (pos & 7)));
+ }
+
diff --git a/debian/patches/series b/debian/patches/series
index 78d8b8c..e3c2088 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -12,3 +12,4 @@
0012-arm-default-PIC.patch
0013-Use-CCLINKFLAGS-for-linking-all-executables-and-shar.patch
0014-Compute-a-stable-name-for-preprocessed-files.patch
+0015-CVE-2015-8869.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ocaml-maint/packages/ocaml.git
More information about the Pkg-ocaml-maint-commits
mailing list