gentoo resync : 16.09.2021

author: V3n3RiX <venerix@redcorelinux.org> 2021-09-16 22:05:01 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2021-09-16 22:05:01 +0100
commit: cc4618c9ba3d974948ebf340b542d8cb01db2f55 (patch)
tree: 125ee67bb9e0d548771cf7b61d04bb1f0dc57687 /dev-python/rencode
parent: 677b7ba5c317778df2ad7e70df94b9b7eec4adbc (diff)
6 files changed, 75 insertions, 25 deletions
diff --git a/dev-python/rencode/Manifest b/dev-python/rencode/Manifest
index 6258337f7eda..40d9b78ac1c8 100644
--- a/dev-python/rencode/Manifest
+++ b/dev-python/rencode/Manifest
@@ -1,5 +1,6 @@
 AUX rencode-1.0.6-drop-wheel-dependency.patch 493 BLAKE2B 368e3b618490538adee98c42e574c2130ca57c43d6502d35d9c35a72a3a0d20077d48098ac91fb53f39a32f601c594aa355657fde25502f1beb1450cb08f0654 SHA512 254cd71919906f24842e921ce6d4a8cfe4960b2b048a25c6eb170d8ff1dcde0b758d429a7bcdca971379a0b5706e278111ae1f43b64c4251d3dee87d9c6df063
+AUX rencode-1.0.6-fix-CVE-2021-40839.patch 1166 BLAKE2B b0ddee3e9ccc62d7caaecfec8d8e1363942fe65c9d931fac9bd609e8738d8a796c644e1657906257daf5161de0f1e7a5efcad31eb424dd3fc9508d5bf6d56f84 SHA512 885ecede3d9fb52eb09728e37863cade4800f87d09ab6ffc1e55d1ace90b8e197e4f3073f6fcf548f2e8e4b9d7cfadedb3190d556427e826bbd6b2ba48ca6cac
 DIST rencode-1.0.6.tar.gz 25455 BLAKE2B def013a569a53e2b2d96b3430c13676810bc5879e565f091dbc44f1ae950b8ec7ca0fa5e35a974432fd71a1bcca5a3f1f18bb2a9f042480167ab50e4f0aba8c3 SHA512 f04de4d3a83aed916bdc4b7a8ca772655e9324d0531ee882cb7d2a1e92b397bdcec8497bf02939e0a806886ecc62ed2e7319dfee054dad1b69052157f0959e8f
-EBUILD rencode-1.0.6-r1.ebuild 919 BLAKE2B aa6245c1ac5449d68407863eec062e3f3ecd9b442be47765f63461df172f635d7345535c569f8c34ab4897646efcf1bab7e2c14f8602ca1d11ede07b08c8cd9c SHA512 f99d7c943a033981a6e166931e1ca1d199de647b0f2f241518219d0a2bc766bcad2333868d08c8ae67d51fbcac602c76800fd233e99202fa6a4f6d76af260a77
-EBUILD rencode-1.0.6.ebuild 550 BLAKE2B a758e02c534663464a4d8ba52059904d134f61e9194a9bdd4493c55eb92b3a2d9525807e5242d34811c76e7a3e86619e39d343c34e25637caa48388c9e9c9396 SHA512 0ff395a1b4365b6db91525c4263bdf7b26d63a1094c800ed434463e3a03d2db0ae6e96ef65274bd4fe4d615f828ce73b855aa212e54518ee18c596f8b360b954
-MISC metadata.xml 711 BLAKE2B 99d00b59865b5d2994f472e347afb5cf8a4bfc1333c9eea5ce76d45f6ae2ee246c376bf2a7b0dbafa7f8b9e14ffb4cd062ea1c3e6bf300061b6bb13c212aa09b SHA512 55138e8f053487e2d4fc904ac544f9fa2058ed3fb2ab3238d36612c6741f667a812460d613c474a287eb871cbc8ba76b521838ca1d030a088761e5c73dc65511
+EBUILD rencode-1.0.6-r1.ebuild 917 BLAKE2B 086d89d7b66dccab037cf89d2bd913267c77844784f599c06b5b3c5eced67ec5fc272f76f83fc4deab9eda25765f90c88c91411aa400cb349dc3bc9b930e109e SHA512 9b505ad1a73b6b275141f1e89569f0a3a4ded38c98947b754e8ccedff7be82ef9979c53342fcad7c6d355798a919c2cb6c5be90879a5842559e5388c7ce5cd3e
+EBUILD rencode-1.0.6-r2.ebuild 978 BLAKE2B db9faaeb2cb7e9b1c05a18569710e6c8d1b1ddcd81075c9464c37edba3cd399e19ae8fdf0698a2974b9e0d85890e0d750d49d90dfb1ffa5919e93d66f9d3e223 SHA512 345b70c2662d61f9f4603a18680089270459f1fc21c701f289a723d12a824fb85dd9809febfbd7cd1ba435cf2f50980a1bace1da04b71aa7a0c1c6e3b8380461
+MISC metadata.xml 712 BLAKE2B 0d5545f8297c043a09922dc92765fa62ed6aa3fc77fb69df2208a46f298a50575b5235780c174a044df7f0105b11d1fa9667b77d152bb6f1b91720976200f26e SHA512 10b0ef1c5a426a0ab03b157967710193ab783382619191530b4f9a27e352879c5e48f462ea9624008f6aaf779391f4ccb7cafcbe11c86457618f0365d6f81ea1
diff --git a/dev-python/rencode/files/rencode-1.0.6-fix-CVE-2021-40839.patch b/dev-python/rencode/files/rencode-1.0.6-fix-CVE-2021-40839.patch
new file mode 100644
index 000000000000..0a997d408017
--- /dev/null
+++ b/dev-python/rencode/files/rencode-1.0.6-fix-CVE-2021-40839.patch
@@ -0,0 +1,34 @@
+From: Andrew Resch <andrewresch@gmail.com>
+Date: Mon, 9 Aug 2021 20:44:51 -0700
+Subject: [PATCH] Fix checking if typecode is valid while decoding.
+
+This bug will cause rencode to hang if the invalid typecode is included
+in a sequence type (list, dict) since the position will not change and
+the loop checking for the termination byte never returns.
+
+This change is a copy of PR #29 with a few aesthetic changes.
+
+--- a/rencode/rencode.pyx
++++ b/rencode/rencode.pyx
+@@ -527,6 +527,8 @@
+         return decode_fixed_dict(data, pos)
+     elif typecode == CHR_DICT:
+         return decode_dict(data, pos)
++    else:
++        raise ValueError("Invalid typecode: %d at pos: %d" % (typecode, pos[0]))
+ 
+ def loads(data, decode_utf8=False):
+     """
+--- a/tests/test_rencode.py
++++ b/tests/test_rencode.py
+@@ -223,5 +223,10 @@
+         assert rencode_orig.__version__
+         self.assertEqual(rencode.__version__[1:], rencode_orig.__version__[1:], "version number does not match")
+ 
++    def test_invalid_typecode(self):
++        s = b";\x2f\x7f"
++        with self.assertRaises(ValueError):
++            rencode.loads(s)
++
+ if __name__ == '__main__':
+     unittest.main()
diff --git a/dev-python/rencode/metadata.xml b/dev-python/rencode/metadata.xml
index be3b0fc774d0..f2aa20a04dc4 100644
--- a/dev-python/rencode/metadata.xml
+++ b/dev-python/rencode/metadata.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
 	<!-- maintainer-needed -->
 	<longdescription lang="en">
diff --git a/dev-python/rencode/rencode-1.0.6-r1.ebuild b/dev-python/rencode/rencode-1.0.6-r1.ebuild
index f02c970bbcdc..2765b5c16726 100644
--- a/dev-python/rencode/rencode-1.0.6-r1.ebuild
+++ b/dev-python/rencode/rencode-1.0.6-r1.ebuild
@@ -13,7 +13,7 @@ SRC_URI="https://github.com/aresch/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
 
 LICENSE="GPL-3+"
 SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~sparc ~x86 ~amd64-linux ~x86-linux"
+KEYWORDS="amd64 ~arm ~arm64 ~ppc ~sparc x86 ~amd64-linux ~x86-linux"
 
 BDEPEND="dev-python/cython[${PYTHON_USEDEP}]"
 
diff --git a/dev-python/rencode/rencode-1.0.6-r2.ebuild b/dev-python/rencode/rencode-1.0.6-r2.ebuild
new file mode 100644
index 000000000000..523227282fc3
--- /dev/null
+++ b/dev-python/rencode/rencode-1.0.6-r2.ebuild
@@ -0,0 +1,35 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{8..10} )
+
+inherit distutils-r1
+
+DESCRIPTION="similar to bencode from the BitTorrent project"
+HOMEPAGE="https://github.com/aresch/rencode"
+SRC_URI="https://github.com/aresch/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-3+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~sparc x86 ~amd64-linux ~x86-linux"
+
+BDEPEND="dev-python/cython[${PYTHON_USEDEP}]"
+
+distutils_enable_tests pytest
+
+PATCHES=(
+	# https://github.com/aresch/rencode/commit/16e61e1ff4294bddb7c881536d3d454355c78969
+	"${FILESDIR}/${P}-drop-wheel-dependency.patch"
+	# bug #812437
+	"${FILESDIR}/${P}-fix-CVE-2021-40839.patch"
+)
+
+python_test() {
+	# The C extension ("_rencode") can't be imported from "${S}/rencode"
+	# so we need to cd somewhere else to make sure "rencode" is imported
+	# from ${BUILD_DIR}/lib (thanks to PYTHONPATH).
+	cd "${T}" || die
+	epytest "${S}"
+}
diff --git a/dev-python/rencode/rencode-1.0.6.ebuild b/dev-python/rencode/rencode-1.0.6.ebuild
deleted file mode 100644
index a23f32664aa6..000000000000
--- a/dev-python/rencode/rencode-1.0.6.ebuild
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7,8,9} )
-inherit distutils-r1
-
-DESCRIPTION="similar to bencode from the BitTorrent project"
-HOMEPAGE="https://github.com/aresch/rencode"
-SRC_URI="https://github.com/aresch/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="amd64 ~arm ~arm64 ~ppc ~sparc x86 ~amd64-linux ~x86-linux"
-IUSE=""
-
-RDEPEND=""
-DEPEND="dev-python/cython[${PYTHON_USEDEP}]
-	dev-python/wheel[${PYTHON_USEDEP}]"
author	V3n3RiX <venerix@redcorelinux.org>	2021-09-16 22:05:01 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2021-09-16 22:05:01 +0100
commit	cc4618c9ba3d974948ebf340b542d8cb01db2f55 (patch)
tree	125ee67bb9e0d548771cf7b61d04bb1f0dc57687 /dev-python/rencode
parent	677b7ba5c317778df2ad7e70df94b9b7eec4adbc (diff)