Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
core
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Locked Files
Issues
86
Issues
86
List
Boards
Labels
Service Desk
Milestones
Iterations
Merge Requests
33
Merge Requests
33
Requirements
Requirements
List
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Security & Compliance
Security & Compliance
Dependency List
License Compliance
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Code Review
Insights
Issue
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Chakra
Packages
core
Commits
03bd4cc1
Commit
03bd4cc1
authored
May 27, 2013
by
Manuel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
New perl
parent
3d0eaa9d
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
57 additions
and
199 deletions
+57
-199
perl/0001-Append-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch
...ppend-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch
+0
-82
perl/PKGBUILD
perl/PKGBUILD
+34
-37
perl/digest_eval_hole.diff
perl/digest_eval_hole.diff
+0
-62
perl/perl.install
perl/perl.install
+0
-9
perl/perlbin.sh
perl/perlbin.sh
+1
-0
perl/provides.pl
perl/provides.pl
+22
-9
No files found.
perl/0001-Append-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch
deleted
100644 → 0
View file @
3d0eaa9d
From bb249b0b26c2e79a6f55355ef94889070f07fd21 Mon Sep 17 00:00:00 2001
From: Niko Tyni <ntyni@debian.org>
Date: Thu, 28 Apr 2011 09:18:54 +0300
Subject: [PATCH] Append CFLAGS and LDFLAGS to their Config.pm counterparts in
EU::CBuilder
Since ExtUtils::CBuilder 0.27_04 (bleadperl commit 06e8058f27e4),
CFLAGS and LDFLAGS from the environment have overridden the Config.pm
ccflags and ldflags settings. This can cause binary incompatibilities
between the core Perl and extensions built with EU::CBuilder.
Append to the Config.pm values rather than overriding them.
---
.../lib/ExtUtils/CBuilder/Base.pm | 6 +++-
dist/ExtUtils-CBuilder/t/04-base.t | 25 +++++++++++++++++++-
2 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Base.pm b/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Base.pm
index b572312..2255c51 100644
--- a/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Base.pm
+++ b/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Base.pm
@@ -40,11 +40,13 @@
sub new {
$self->{config}{$k} = $v unless exists $self->{config}{$k};
}
$self->{config}{cc} = $ENV{CC} if defined $ENV{CC};
- $self->{config}{ccflags} = $ENV{CFLAGS} if defined $ENV{CFLAGS};
+ $self->{config}{ccflags} = join(" ", $self->{config}{ccflags}, $ENV{CFLAGS})
+ if defined $ENV{CFLAGS};
$self->{config}{cxx} = $ENV{CXX} if defined $ENV{CXX};
$self->{config}{cxxflags} = $ENV{CXXFLAGS} if defined $ENV{CXXFLAGS};
$self->{config}{ld} = $ENV{LD} if defined $ENV{LD};
- $self->{config}{ldflags} = $ENV{LDFLAGS} if defined $ENV{LDFLAGS};
+ $self->{config}{ldflags} = join(" ", $self->{config}{ldflags}, $ENV{LDFLAGS})
+ if defined $ENV{LDFLAGS};
unless ( exists $self->{config}{cxx} ) {
my ($ccpath, $ccbase, $ccsfx ) = fileparse($self->{config}{cc}, qr/\.[^.]*/);
diff --git a/dist/ExtUtils-CBuilder/t/04-base.t b/dist/ExtUtils-CBuilder/t/04-base.t
index c3bf6b5..1bb15aa 100644
--- a/dist/ExtUtils-CBuilder/t/04-base.t
+++ b/dist/ExtUtils-CBuilder/t/04-base.t
@@ -1,7 +1,7 @@
#! perl -w
use strict;
-use Test::More tests => 50;
+use Test::More tests => 64;
use Config;
use Cwd;
use File::Path qw( mkpath );
@@ -326,6 +326,29 @@
is_deeply( $mksymlists_args,
"_prepare_mksymlists_args(): got expected arguments for Mksymlists",
);
+my %testvars = (
+ CFLAGS => 'ccflags',
+ LDFLAGS => 'ldflags',
+);
+
+while (my ($VAR, $var) = each %testvars) {
+ local $ENV{$VAR};
+ $base = ExtUtils::CBuilder::Base->new( quiet => 1 );
+ ok( $base, "ExtUtils::CBuilder::Base->new() returned true value" );
+ isa_ok( $base, 'ExtUtils::CBuilder::Base' );
+ like($base->{config}{$var}, qr/\Q$Config{$var}/,
+ "honours $var from Config.pm");
+
+ $ENV{$VAR} = "-foo -bar";
+ $base = ExtUtils::CBuilder::Base->new( quiet => 1 );
+ ok( $base, "ExtUtils::CBuilder::Base->new() returned true value" );
+ isa_ok( $base, 'ExtUtils::CBuilder::Base' );
+ like($base->{config}{$var}, qr/\Q$ENV{$VAR}/,
+ "honours $VAR from the environment");
+ like($base->{config}{$var}, qr/\Q$Config{$var}/,
+ "doesn't override $var from Config.pm with $VAR from the environment");
+}
+
#####
for ($source_file, $object_file, $lib_file) {
--
1.7.4.4
perl/PKGBUILD
View file @
03bd4cc1
#
# Chakra Packages for Chakra, part of chakra-project.org
#
# maintainer: Manuel Tortosa <manutortosa[at]chakra-project[dot]org>
pkgname
=
perl
pkgver
=
5.1
4.2
pkgrel
=
2
pkgver
=
5.1
8.0
pkgrel
=
1
pkgdesc
=
"A highly capable, feature-rich programming language"
arch
=(
'x86_64'
)
arch
=(
i686 x86_64
)
license
=(
'GPL'
'PerlArtistic'
)
url
=
"http://www.perl.org"
groups
=(
'base'
)
depends
=(
'gdbm'
'db'
'coreutils'
'glibc'
'sh'
)
source
=(
"http://www.cpan.org/src/5.0/perl-
${
pkgver
}
.tar.bz2"
'perlbin.sh'
'perlbin.csh'
'provides.pl'
'digest_eval_hole.diff'
'0001-Append-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch'
)
source
=(
http://www.cpan.org/src/5.0/perl-
${
pkgver
}
.tar.bz2
perlbin.sh
perlbin.csh
provides.pl
)
install
=
perl.install
options
=(
'
!
makeflags'
'!purge'
)
md5sums
=(
'
04a4c5d3c1f9f19d77daff8e8cd19a26
'
'
d42c73468e596309f85908ee94a633e5
'
options
=(
'makeflags'
'!purge'
)
md5sums
=(
'
a832e928adfd36d162d2a5d3b631265c
'
'
5ed2542fdb9a60682f215bd33701e61a
'
'1f0cbbee783e8a6d32f01be5118e0d5e'
'31fc0b5bb4935414394c5cfbec2cb8e5'
'79cc7d76a208a6b935a08269434bfd04'
'a77c19a159b04f18f06c5a0ff9791b23'
)
'999c3eea6464860704abbb055a0f0896'
)
# workaround to let the integrity check find the correct provides array
if
[[
${
0
##*/
}
=
"parse_pkgbuilds.sh"
]]
;
then
true
&&
provides
=(
$(
bsdtar
-q
-O
-xf
"/srv/ftp/pool/packages/
$pkgname
-
$pkgver
-
$pkgrel
-
$CARCH
.pkg.tar.xz"
.PKGINFO |
sed
-rn
's#^provides = (.*)#\1#p'
)
)
fi
build
()
{
cd
${
srcdir
}
/
${
pkgname
}
-
${
pkgver
}
patch
-p1
-i
$srcdir
/digest_eval_hole.diff
if
[
"
${
CARCH
}
"
=
"x86_64"
]
;
then
# for x86_64
arch_opts
=
"-Dcccdlflags='-fPIC'"
else
# for i686
arch_opts
=
""
fi
./Configure
-des
-Dusethreads
-Duseshrplib
-Doptimize
=
"
${
CFLAGS
}
"
\
-Dprefix
=
/usr
-D
installprefix
=
${
pkgdir
}
/usr
-D
vendorprefix
=
/usr
\
-Dprefix
=
/usr
-Dvendorprefix
=
/usr
\
-Dprivlib
=
/usr/share/perl5/core_perl
\
-Darchlib
=
/usr/lib/perl5/core_perl
\
-Dsitelib
=
/usr/share/perl5/site_perl
\
...
...
@@ -44,33 +46,32 @@ build() {
-Dsitescript
=
/usr/bin/site_perl
\
-Dvendorscript
=
/usr/bin/vendor_perl
\
-Dinc_version_list
=
none
\
-Dman1ext
=
1perl
-Dman3ext
=
3perl
-Dcccdlflags
=
'-fPIC'
\
-Dman1ext
=
1perl
-Dman3ext
=
3perl
${
arch_opts
}
\
-Dlddlflags
=
"-shared
${
LDFLAGS
}
"
-Dldflags
=
"
${
LDFLAGS
}
"
patch
-p1
-i
$srcdir
/0001-Append-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch
make
# check
}
check
()
{
cd
${
srcdir
}
/
${
pkgname
}
-
${
pkgver
}
TEST_JOBS
=
$(
echo
$MAKEFLAGS
|
sed
's/.*-j\([0-9][0-9]*\).*/\1/'
)
make test_harness
TEST_JOBS
=
$(
echo
$MAKEFLAGS
|
sed
's/.*-j\([0-9][0-9]*\).*/\1/'
)
make test_harness
||
true
# make test
}
package
()
{
# hack to work around makepkg running the subshell in check()
# hack to work around makepkg running the subshell in check
_sanity
()
new_provides
=(
$(
cd
"
$srcdir
/perl-
$pkgver
"
;
LD_PRELOAD
=
./libperl.so ./perl
-Ilib
"
$srcdir
/provides.pl"
.
)
)
provides
=(
${
new_provides
[@]
}
)
cd
${
srcdir
}
/
${
pkgname
}
-
${
pkgver
}
make
install
make
DESTDIR
=
"
$pkgdir
"
install
### Perl Settings ###
# Change man page extensions for site and vendor module builds.
# Set no mail address since bug reports should go to the bug tracker
# and not someone's email.
sed
-e
'/^man1ext=/ s/1perl/1p/'
-e
'/^man3ext=/ s/3perl/3pm/'
\
-e
"/^cf_email=/ s/'.*'/'
info@chakra-project.org
'/"
\
-e
"/^perladmin=/ s/'.*'/'
info@chakra-project.org
'/"
\
-e
"/^cf_email=/ s/'.*'/''/"
\
-e
"/^perladmin=/ s/'.*'/''/"
\
-i
${
pkgdir
}
/usr/lib/perl5/core_perl/Config_heavy.pl
### CPAN Settings ###
...
...
@@ -88,25 +89,21 @@ package() {
# Profile script to set paths to perl scripts.
install
-D
-m755
${
srcdir
}
/perlbin.sh
\
${
pkgdir
}
/etc/profile.d/perlbin.sh
# Profile script to set paths to perl scripts on csh.
# Profile script to set paths to perl scripts on csh.
(FS#22441)
install
-D
-m755
${
srcdir
}
/perlbin.csh
\
${
pkgdir
}
/etc/profile.d/perlbin.csh
(
cd
${
pkgdir
}
/usr/bin
;
mv
perl
${
pkgver
}
perl
)
(
cd
${
pkgdir
}
/usr/bin/core_perl
;
ln
-sf
c2ph pstruct
;
ln
-sf
s2p psed
)
grep
-Rl
"
${
pkgdir
}
"
${
pkgdir
}
/usr |
\
xargs
sed
-i
"s^
${
pkgdir
}
^^g"
# Remove all pod files *except* those under /usr/share/perl5/core_perl/pod/
# (FS#16488)
rm
-f
$pkgdir
/usr/share/perl5/core_perl/
*
.pod
for
d
in
$pkgdir
/usr/share/perl5/core_perl/
*
;
do
if
[
-d
$d
-a
$(
basename
$d
)
!=
"pod"
]
;
then
find
$d
-name
*
.pod
-delete
fi
done
find
$pkgdir
/usr/lib
-name
*
.pod
-delete
find
$pkgdir
-name
.packlist
-delete
install
-dv
${
pkgdir
}
/etc/ld.so.conf.d
echo
"/usr/lib/perl5/core_perl/CORE"
>
${
pkgdir
}
/etc/ld.so.conf.d/perl.conf
}
perl/digest_eval_hole.diff
deleted
100644 → 0
View file @
3d0eaa9d
From 4b6a7324284e7435a361c58f7ddb32fc0c635bd0 Mon Sep 17 00:00:00 2001
From: "Michael G. Schwern" <schwern@pobox.com>
Date: Mon, 3 Oct 2011 19:05:29 +0100
Subject: Close the eval "require $module" security hole in
Digest->new($algorithm)
Also the filter was incomplete.
Bug-Debian: http://bugs.debian.org/644108
Patch-Name: fixes/digest_eval_hole.diff
---
cpan/Digest/Digest.pm | 6 ++++--
cpan/Digest/t/security.t | 14 ++++++++++++++
2 files changed, 18 insertions(+), 2 deletions(-)
create mode 100644 cpan/Digest/t/security.t
diff --git a/cpan/Digest/Digest.pm b/cpan/Digest/Digest.pm
index 384dfc8..d714434 100644
--- a/cpan/Digest/Digest.pm
+++ b/cpan/Digest/Digest.pm
@@ -24,7 +24,7 @@
sub new
shift; # class ignored
my $algorithm = shift;
my $impl = $MMAP{$algorithm} || do {
- $algorithm =~ s/\W+//;
+ $algorithm =~ s/\W+//g;
"Digest::$algorithm";
};
$impl = [$impl] unless ref($impl);
@@ -35,7 +35,9 @@
sub new
($class, @args) = @$class if ref($class);
no strict 'refs';
unless (exists ${"$class\::"}{"VERSION"}) {
- eval "require $class";
+ my $pm_file = $class . ".pm";
+ $pm_file =~ s{::}{/}g;
+ eval { require $pm_file };
if ($@) {
$err ||= $@;
next;
diff --git a/cpan/Digest/t/security.t b/cpan/Digest/t/security.t
new file mode 100644
index 0000000..5cba122
--- /dev/null
+++ b/cpan/Digest/t/security.t
@@ -0,0 +1,14 @@
+#!/usr/bin/env perl
+
+# Digest->new() had an exploitable eval
+
+use strict;
+use warnings;
+
+use Test::More tests => 1;
+
+use Digest;
+
+$LOL::PWNED = 0;
+eval { Digest->new(q[MD;5;$LOL::PWNED = 42]) };
+is $LOL::PWNED, 0;
perl/perl.install
View file @
03bd4cc1
...
...
@@ -7,12 +7,3 @@ post_install() {
done
return
0
}
post_upgrade
()
{
echo
'- The directories /usr/lib/perl5/current, /usr/lib/perl5/site_perl/current,'
echo
' /usr/lib/perl5/site_perl/5.10.1, and /usr/share/perl5/site_perl/5.10.1'
echo
' have been removed from @INC.'
echo
'- The script/binary directories are now /usr/bin/*_perl instead of'
echo
' /usr/lib/perl5/*_perl/bin which will be eventually removed.'
}
perl/perlbin.sh
View file @
03bd4cc1
# Set path to perl scriptdirs if they exist
# https://wiki.archlinux.org/index.php/Perl_Policy#Binaries_and_Scripts
# Added /usr/bin/*_perl dirs for scripts
# Remove /usr/lib/perl5/*_perl/bin in next release
...
...
perl/provides.pl
100755 → 100644
View file @
03bd4cc1
# provides.pl
##
# Script for printing out a provides list of every CPAN distribution
# that is bundled with perl.
# that is bundled with perl. You can run it before building perl
# or you can run it after building perl. Required modules are in core
# for perl 5.13 and above. It might be nice if this didn't require
# HTTP::Tiny and maybe just used wget or curl.
#
# Justin Davis <jrcd83@gmail.com>
# This script uses HTTP::Tiny to query Tatsuhiko Miyagawa's webapp at
# cpanmetadb.plackperl.org to cross-reference module files to their
# providing CPAN distribution. Thank you Miyagawa!
#
# - Justin "juster" Davis <jrcd83@gmail.com>
use
warnings
'
FATAL
'
=>
'
all
';
use
strict
;
...
...
@@ -13,21 +20,26 @@ package Common;
sub
evalver
{
my
(
$path
,
$mod
)
=
@_
;
$mod
||=
"";
open
my
$fh
,
'
<
',
$path
or
die
"
open
$path
: $!
";
while
(
<
$fh
>
)
{
next
unless
/\s*(?:\$${mod}::|\$)VERSION\s*=\s*(.+)/
;
my
$ver
=
eval
$
1
;
my
$m
=
(
$mod
?
qr/(?:\$${mod}::VERSION|\$VERSION)/
:
qr/\$VERSION/
);
while
(
my
$ln
=
<
$fh
>
)
{
next
unless
$ln
=~
/\s*$m\s*=\s*.+/
;
chomp
$ln
;
my
$ver
=
do
{
no
strict
;
eval
$ln
};
return
$ver
unless
$@
;
warn
qq{$path:$. bad version string "$ver
"\n}
;
die
qq{$path:$. bad version string in "$ln
"\n}
;
}
close
$fh
;
return
undef
;
}
#-----------------------------------------------------------------------------
package
Dists
;
...
...
@@ -143,7 +155,7 @@ use File::stat;
sub
cpan_provider
{
my
(
$module
)
=
@_
;
my
$url
=
"
http://cpanmetadb.
appspot.com
/v1.0/package/
$module
";
my
$url
=
"
http://cpanmetadb.
plackperl.org
/v1.0/package/
$module
";
my
$http
=
HTTP::
Tiny
->
new
;
my
$resp
=
$http
->
get
(
$url
);
return
undef
unless
$resp
->
{'
success
'};
...
...
@@ -169,6 +181,7 @@ sub find
my
@modfiles
;
my
$finder
=
sub
{
return
unless
/[.]pm\z/
;
return
if
m{\Q$libdir\E[^/]+/t/}
;
# ignore testing modules
push
@modfiles
,
$_
;
};
findfile
({
'
no_chdir
'
=>
1
,
'
wanted
'
=>
$finder
},
$libdir
);
...
...
@@ -194,7 +207,7 @@ sub find
$mod
=~
s{\A$libdir}{}
;
$mod
=~
s{/}{::}g
;
my
$ver
=
Common::
evalver
(
$path
)
||
q{}
;
my
$ver
=
Common::
evalver
(
$path
,
$mod
)
||
q{}
;
push
@mods
,
[
$mod
,
$ver
];
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment