[libyaml-libyaml-perl] 01/02: Control blessing of loaded objects through an environment variable

[Christoph Biedl]

This is an automated email from the git hooks/post-receive script.

cbiedl-guest pushed a commit to branch yaml-unsafe
in repository libyaml-libyaml-perl.

commit 9d4847733ecf05fde0419da5bb2d3091d2a194f9
Author: Christoph Biedl <debian.axhn at manchmal.in-ulm.de>
Date:   Thu May 18 19:44:28 2017 +0000

    Control blessing of loaded objects through an environment variable
---
 debian/patches/control-blessing.patch | 49 +++++++++++++++++++++++++++++++++++
 debian/patches/series                 |  1 +
 debian/rules                          |  1 +
 3 files changed, 51 insertions(+)

diff --git a/debian/patches/control-blessing.patch b/debian/patches/control-blessing.patch
new file mode 100644
index 0000000..289a9bf
--- /dev/null
+++ b/debian/patches/control-blessing.patch
@@ -0,0 +1,49 @@
+--- a/LibYAML/perl_libyaml.c
++++ b/LibYAML/perl_libyaml.c
+@@ -290,6 +290,19 @@
+ }
+ 
+ /*
++ * Check for the unsafe YAML instantiation flag
++ */
++int
++use_yaml_unsafe()
++{
++    HV *env = get_hv("ENV", 0);
++    if (!env)
++        return 0;
++    SV **svp = hv_fetch(env, "PERL_USE_UNSAFE_YAML", 20, 0);
++    return svp && SvTRUE (*svp);
++}
++
++/*
+  * Load a YAML mapping into a Perl hash
+  */
+ SV *
+@@ -320,7 +333,7 @@
+     /* Deal with possibly blessing the hash if the YAML tag has a class */
+     if (tag && strEQ(tag, TAG_PERL_PREFIX "hash"))
+         tag = NULL;
+-    if (tag) {
++    if (use_yaml_unsafe() && tag) {
+         char *class;
+         char *prefix = TAG_PERL_PREFIX "hash:";
+         if (*tag == '!') {
+@@ -354,7 +367,7 @@
+     }
+     if (tag && strEQ(tag, TAG_PERL_PREFIX "array"))
+         tag = NULL;
+-    if (tag) {
++    if (use_yaml_unsafe() && tag) {
+         char *class;
+         char *prefix = TAG_PERL_PREFIX "array:";
+         if (*tag == '!')
+@@ -448,7 +461,7 @@
+     SPAGAIN;
+     regexp = newSVsv(POPs);
+ 
+-    if (strlen(tag) > strlen(prefix) && strnEQ(tag, prefix, strlen(prefix))) {
++    if (use_yaml_unsafe() && strlen(tag) > strlen(prefix) && strnEQ(tag, prefix, strlen(prefix))) {
+         char *class = tag + strlen(prefix);
+         sv_bless(regexp, gv_stashpv(class, TRUE));
+     }
diff --git a/debian/patches/series b/debian/patches/series
index 43edb66..94b5aef 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 disable-update.sh.patch
 libyaml-node-id-hardening.patch
 Load-B-Deparse-at-runtime.patch
+control-blessing.patch
diff --git a/debian/rules b/debian/rules
index 73c5dbc..c3bb9d4 100755
--- a/debian/rules
+++ b/debian/rules
@@ -1,6 +1,7 @@
 #!/usr/bin/make -f
 
 export DEB_BUILD_MAINT_OPTIONS = hardening=+bindnow
+export PERL_USE_UNSAFE_YAML=1
 
 %:
 	dh $@

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libyaml-libyaml-perl.git