perl 5.16

1 files changed, 61 insertions, 0 deletions

diff --git a/abs/core/perl/digest_eval_hole.diff b/abs/core/perl/digest_eval_hole.diff
new file mode 100644
index 0000000..4790413
--- /dev/null
+++ b/abs/core/perl/digest_eval_hole.diff
@@ -0,0 +1,61 @@
+From 4b6a7324284e7435a361c58f7ddb32fc0c635bd0 Mon Sep 17 00:00:00 2001
+From: "Michael G. Schwern" <schwern@pobox.com>
+Date: Mon, 3 Oct 2011 19:05:29 +0100
+Subject: Close the eval "require $module" security hole in
+ Digest->new($algorithm)
+
+Also the filter was incomplete.
+
+Bug-Debian: http://bugs.debian.org/644108
+
+Patch-Name: fixes/digest_eval_hole.diff
+---
+ cpan/Digest/Digest.pm    |    6 ++++--
+ cpan/Digest/t/security.t |   14 ++++++++++++++
+ 2 files changed, 18 insertions(+), 2 deletions(-)
+ create mode 100644 cpan/Digest/t/security.t
+
+diff --git a/cpan/Digest/Digest.pm b/cpan/Digest/Digest.pm
+index 384dfc8..d714434 100644
+--- a/cpan/Digest/Digest.pm
++++ b/cpan/Digest/Digest.pm
+@@ -24,7 +24,7 @@ sub new
+     shift;  # class ignored
+     my $algorithm = shift;
+     my $impl = $MMAP{$algorithm} || do {
+-	$algorithm =~ s/\W+//;
++	$algorithm =~ s/\W+//g;
+ 	"Digest::$algorithm";
+     };
+     $impl = [$impl] unless ref($impl);
+@@ -35,7 +35,9 @@ sub new
+ 	($class, @args) = @$class if ref($class);
+ 	no strict 'refs';
+ 	unless (exists ${"$class\::"}{"VERSION"}) {
+-	    eval "require $class";
++	    my $pm_file = $class . ".pm";
++	    $pm_file =~ s{::}{/}g;
++	    eval { require $pm_file };
+ 	    if ($@) {
+ 		$err ||= $@;
+ 		next;
+diff --git a/cpan/Digest/t/security.t b/cpan/Digest/t/security.t
+new file mode 100644
+index 0000000..5cba122
+--- /dev/null
++++ b/cpan/Digest/t/security.t
+@@ -0,0 +1,14 @@
++#!/usr/bin/env perl
++
++# Digest->new() had an exploitable eval
++
++use strict;
++use warnings;
++
++use Test::More tests => 1;
++
++use Digest;
++
++$LOL::PWNED = 0;
++eval { Digest->new(q[MD;5;$LOL::PWNED = 42]) };
++is $LOL::PWNED, 0;