diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..762cadc --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/Data-Dumper-2.173.tar.gz diff --git a/.rh-perl530-perl-Data-Dumper.metadata b/.rh-perl530-perl-Data-Dumper.metadata new file mode 100644 index 0000000..a0fb6ca --- /dev/null +++ b/.rh-perl530-perl-Data-Dumper.metadata @@ -0,0 +1 @@ +91ca53fd5499b913996009e763d73ebeb51be8c3 SOURCES/Data-Dumper-2.173.tar.gz diff --git a/SOURCES/Data-Dumper-2.173-Data-Dumper-avoid-leak-on-croak.patch b/SOURCES/Data-Dumper-2.173-Data-Dumper-avoid-leak-on-croak.patch new file mode 100644 index 0000000..e570009 --- /dev/null +++ b/SOURCES/Data-Dumper-2.173-Data-Dumper-avoid-leak-on-croak.patch @@ -0,0 +1,167 @@ +From d9c4b4ae5a1a17347ff5e3ecbf8e1d9da481f476 Mon Sep 17 00:00:00 2001 +From: David Mitchell +Date: Wed, 3 Apr 2019 13:23:24 +0100 +Subject: [PATCH] Data::Dumper - avoid leak on croak +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +v5.21.3-742-g19be3be696 added a facility to Dumper.xs to croak if the +recursion level became too deep (1000 by default). + +The trouble with this is that various parts of DD_dump() allocate +temporary SVs and buffers, which will leak if DD_dump() unceremoniously +just croaks(). + +This currently manifests as dist/Data-Dumper/t/recurse.t failing under +Address Sanitiser. + +This commit makes the depth checking code just set a sticky 'too deep' +boolean flag, and +a) on entry, DD_dump() just returns immediately if the flag is set; +b) the flag is checked by the top-level called of DD_dump() and croaks +if set. + +So the net effect is to defer croaking until the dump is complete, +and avoid any further recursion once the flag is set. + +This is a bit of a quick fix. More long-term solutions would be to +convert DD_dump() to be iterative rather than recursive, and/or make +sure all temporary SVs and buffers are suitably anchored somewhere so +that they get cleaned up on croak. + +Petr Písař: Ported from 6d65cb5d847ac93680949c4fa02111808207fbdc in +perl git tree. + +Signed-off-by: Petr Písař +--- + Dumper.pm | 6 +++--- + Dumper.xs | 27 ++++++++++++++++++++------- + 2 files changed, 23 insertions(+), 10 deletions(-) + +diff --git a/Dumper.pm b/Dumper.pm +index 40aeb7d..06af4c4 100644 +--- a/Dumper.pm ++++ b/Dumper.pm +@@ -10,7 +10,7 @@ + package Data::Dumper; + + BEGIN { +- $VERSION = '2.173'; # Don't forget to set version and release ++ $VERSION = '2.174'; # Don't forget to set version and release + } # date in POD below! + + #$| = 1; +@@ -1461,13 +1461,13 @@ be to use the C filter of Data::Dumper. + + Gurusamy Sarathy gsar@activestate.com + +-Copyright (c) 1996-2017 Gurusamy Sarathy. All rights reserved. ++Copyright (c) 1996-2019 Gurusamy Sarathy. All rights reserved. + This program is free software; you can redistribute it and/or + modify it under the same terms as Perl itself. + + =head1 VERSION + +-Version 2.173 ++Version 2.174 + + =head1 SEE ALSO + +diff --git a/Dumper.xs b/Dumper.xs +index 7f0b027..a324cb6 100644 +--- a/Dumper.xs ++++ b/Dumper.xs +@@ -61,9 +61,10 @@ + #endif + + /* This struct contains almost all the user's desired configuration, and it +- * is treated as constant by the recursive function. This arrangement has +- * the advantage of needing less memory than passing all of them on the +- * stack all the time (as was the case in an earlier implementation). */ ++ * is treated as mostly constant (except for maxrecursed) by the recursive ++ * function. This arrangement has the advantage of needing less memory ++ * than passing all of them on the stack all the time (as was the case in ++ * an earlier implementation). */ + typedef struct { + SV *pad; + SV *xpad; +@@ -74,6 +75,7 @@ typedef struct { + SV *toaster; + SV *bless; + IV maxrecurse; ++ bool maxrecursed; /* at some point we exceeded the maximum recursion level */ + I32 indent; + I32 purity; + I32 deepcopy; +@@ -97,7 +99,7 @@ static bool safe_decimal_number(const char *p, STRLEN len); + static SV *sv_x (pTHX_ SV *sv, const char *str, STRLEN len, I32 n); + static I32 DD_dump (pTHX_ SV *val, const char *name, STRLEN namelen, SV *retval, + HV *seenhv, AV *postav, const I32 level, SV *apad, +- const Style *style); ++ Style *style); + + #ifndef HvNAME_get + #define HvNAME_get HvNAME +@@ -615,7 +617,7 @@ deparsed_output(pTHX_ SV *val) + */ + static I32 + DD_dump(pTHX_ SV *val, const char *name, STRLEN namelen, SV *retval, HV *seenhv, +- AV *postav, const I32 level, SV *apad, const Style *style) ++ AV *postav, const I32 level, SV *apad, Style *style) + { + char tmpbuf[128]; + Size_t i; +@@ -642,6 +644,9 @@ DD_dump(pTHX_ SV *val, const char *name, STRLEN namelen, SV *retval, HV *seenhv, + if (!val) + return 0; + ++ if (style->maxrecursed) ++ return 0; ++ + /* If the output buffer has less than some arbitrary amount of space + remaining, then enlarge it. For the test case (25M of output), + *1.1 was slower, *2.0 was the same, so the first guess of 1.5 is +@@ -793,7 +798,7 @@ DD_dump(pTHX_ SV *val, const char *name, STRLEN namelen, SV *retval, HV *seenhv, + } + + if (style->maxrecurse > 0 && level >= style->maxrecurse) { +- croak("Recursion limit of %" IVdf " exceeded", style->maxrecurse); ++ style->maxrecursed = TRUE; + } + + if (realpack && !no_bless) { /* we have a blessed ref */ +@@ -1528,6 +1533,7 @@ Data_Dumper_Dumpxs(href, ...) + style.indent = 2; + style.quotekeys = 1; + style.maxrecurse = 1000; ++ style.maxrecursed = FALSE; + style.purity = style.deepcopy = style.useqq = style.maxdepth + = style.use_sparse_seen_hash = style.trailingcomma = 0; + style.pad = style.xpad = style.sep = style.pair = style.sortkeys +@@ -1675,7 +1681,7 @@ Data_Dumper_Dumpxs(href, ...) + DD_dump(aTHX_ val, SvPVX_const(name), SvCUR(name), valstr, seenhv, + postav, 0, newapad, &style); + SPAGAIN; +- ++ + if (style.indent >= 2 && !terse) + SvREFCNT_dec(newapad); + +@@ -1715,6 +1721,13 @@ Data_Dumper_Dumpxs(href, ...) + } + SvREFCNT_dec(postav); + SvREFCNT_dec(valstr); ++ ++ /* we defer croaking until here so that temporary SVs and ++ * buffers won't be leaked */ ++ if (style.maxrecursed) ++ croak("Recursion limit of %" IVdf " exceeded", ++ style.maxrecurse); ++ + } + else + croak("Call to new() method failed to return HASH ref"); +-- +2.20.1 + diff --git a/SPECS/perl-Data-Dumper.spec b/SPECS/perl-Data-Dumper.spec new file mode 100644 index 0000000..44a250f --- /dev/null +++ b/SPECS/perl-Data-Dumper.spec @@ -0,0 +1,246 @@ +%{?scl:%scl_package perl-Data-Dumper} + +%global base_version 2.173 + +Name: %{?scl_prefix}perl-Data-Dumper +Version: 2.174 +Release: 452%{?dist} +Summary: Stringify perl data structures, suitable for printing and eval +License: GPL+ or Artistic +URL: https://metacpan.org/release/Data-Dumper +Source0: https://cpan.metacpan.org/authors/id/X/XS/XSAWYERX/Data-Dumper-%{base_version}.tar.gz +# Fix a memory leak when croaking about a too deep recursion, +# fixed in perl after 5.29.9 +Patch0: Data-Dumper-2.173-Data-Dumper-avoid-leak-on-croak.patch +BuildRequires: findutils +BuildRequires: gcc +BuildRequires: make +BuildRequires: %{?scl_prefix}perl-devel +BuildRequires: %{?scl_prefix}perl-generators +BuildRequires: %{?scl_prefix}perl-interpreter +BuildRequires: %{?scl_prefix}perl(ExtUtils::MakeMaker) >= 6.76 +BuildRequires: %{?scl_prefix}perl(File::Copy) +BuildRequires: %{?scl_prefix}perl(strict) +# perl-Test-Simple is in cycle with perl-Data-Dumper +%if !%{defined perl_bootstrap} +# Run-time: +BuildRequires: %{?scl_prefix}perl(B::Deparse) +BuildRequires: %{?scl_prefix}perl(bytes) +BuildRequires: %{?scl_prefix}perl(Carp) +BuildRequires: %{?scl_prefix}perl(constant) +BuildRequires: %{?scl_prefix}perl(Exporter) +BuildRequires: %{?scl_prefix}perl(Scalar::Util) +BuildRequires: %{?scl_prefix}perl(XSLoader) +# Tests only: +BuildRequires: %{?scl_prefix}perl(Config) +BuildRequires: %{?scl_prefix}perl(if) +BuildRequires: %{?scl_prefix}perl(lib) +BuildRequires: %{?scl_prefix}perl(overload) +BuildRequires: %{?scl_prefix}perl(strict) +BuildRequires: %{?scl_prefix}perl(Test::More) >= 0.98 +BuildRequires: %{?scl_prefix}perl(vars) +BuildRequires: %{?scl_prefix}perl(warnings) +# Optional tests: +BuildRequires: %{?scl_prefix}perl(Encode) +%endif +Requires: %{?scl_prefix}perl(:MODULE_COMPAT_%(%{?scl:scl enable %{scl} '}eval "$(perl -V:version)";echo $version%{?scl:'})) +Requires: %{?scl_prefix}perl(B::Deparse) +Requires: %{?scl_prefix}perl(bytes) +Requires: %{?scl_prefix}perl(Scalar::Util) +Requires: %{?scl_prefix}perl(XSLoader) + +%{?perl_default_filter} + +%description +Given a list of scalars or reference variables, writes out their contents +in perl syntax. The references can also be objects. The content of each +variable is output in a single Perl statement. Handles self-referential +structures correctly. + +%prep +%setup -q -n Data-Dumper-%{base_version} +%patch0 -p1 + +%build +%{?scl:scl enable %{scl} '}perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 OPTIMIZE="$RPM_OPT_FLAGS" && make %{?_smp_mflags}%{?scl:'} + +%install +%{?scl:scl enable %{scl} '}make pure_install DESTDIR=$RPM_BUILD_ROOT%{?scl:'} +find $RPM_BUILD_ROOT -type f -name '*.bs' -size 0 -delete +%{_fixperms} $RPM_BUILD_ROOT/* + +%check +%if !%{defined perl_bootstrap} +%{?scl:scl enable %{scl} '}make test%{?scl:'} +%endif + +%files +%doc Changes Todo +%{perl_vendorarch}/auto/* +%{perl_vendorarch}/Data* +%{_mandir}/man3/* + +%changelog +* Tue Jan 07 2020 Jitka Plesnikova - 2.174-452 +- Re-rebuild of bootstrapped packages + +* Fri Dec 20 2019 Jitka Plesnikova - 2.174-451 +- SCL + +* Fri Jul 26 2019 Fedora Release Engineering - 2.174-440 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sun Jun 02 2019 Jitka Plesnikova - 2.174-439 +- Perl 5.30 re-rebuild of bootstrapped packages + +* Thu May 30 2019 Jitka Plesnikova - 2.174-438 +- Increase release to favour standalone package + +* Fri Apr 26 2019 Jitka Plesnikova - 2.174-1 +- Update version to 2.174 as provided in perl-5.29.10 + +* Wed Apr 03 2019 Petr Pisar - 2.173-3 +- Fix a memory leak when croaking about a too deep recursion + +* Fri Feb 01 2019 Fedora Release Engineering - 2.173-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Nov 12 2018 Petr Pisar - 2.173-1 +- 2.173 bump + +* Thu Sep 20 2018 Jitka Plesnikova - 2.172-1 +- 2.172 bump + +* Fri Jul 13 2018 Fedora Release Engineering - 2.170-418 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Sat Jun 30 2018 Jitka Plesnikova - 2.170-417 +- Perl 5.28 re-rebuild of bootstrapped packages + +* Wed Jun 27 2018 Jitka Plesnikova - 2.170-416 +- Increase release to favour standalone package + +* Wed May 23 2018 Jitka Plesnikova - 2.170-1 +- Upgrade to 2.170 as provided in perl-5.28.0-RC1 + +* Thu Feb 08 2018 Fedora Release Engineering - 2.167-399 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Jan 11 2018 Petr Pisar - 2.167-398 +- Fix postentry for quoted glob (bug #1532524) + +* Tue Dec 05 2017 Petr Pisar - 2.167-397 +- Fix quoting glob names (RT#119831) + +* Thu Aug 03 2017 Fedora Release Engineering - 2.167-396 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 2.167-395 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Wed Jun 07 2017 Jitka Plesnikova - 2.167-394 +- Perl 5.26 re-rebuild of bootstrapped packages + +* Sat Jun 03 2017 Jitka Plesnikova - 2.167-393 +- Perl 5.26 rebuild + +* Thu May 11 2017 Petr Pisar - 2.167-1 +- Upgrade to 2.167 as provided in perl-5.25.12 + +* Sat Feb 11 2017 Fedora Release Engineering - 2.161-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Jul 12 2016 Petr Pisar - 2.161-1 +- 1.161 bump + +* Wed May 18 2016 Jitka Plesnikova - 2.160-366 +- Perl 5.24 re-rebuild of bootstrapped packages + +* Sat May 14 2016 Jitka Plesnikova - 2.160-365 +- Increase release to favour standalone package + +* Wed May 11 2016 Jitka Plesnikova - 2.160-1 +- 2.160 bump in order to dual-live with perl 5.24 + +* Thu Feb 04 2016 Fedora Release Engineering - 2.158-348 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Thu Jun 18 2015 Fedora Release Engineering - 2.158-347 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed Jun 10 2015 Jitka Plesnikova - 2.158-346 +- Perl 5.22 re-rebuild of bootstrapped packages + +* Thu Jun 04 2015 Jitka Plesnikova - 2.158-345 +- Increase release to favour standalone package + +* Wed Jun 03 2015 Jitka Plesnikova - 2.158-2 +- Perl 5.22 rebuild + +* Wed May 06 2015 Petr Pisar - 2.158-1 +- 2.158 bump in order to dual-live with perl 5.22 + +* Fri Sep 19 2014 Petr Pisar - 2.154-1 +- 2.154 bump (fixes CVE-2014-4330 (limit recursion when dumping deep data + structures)) + +* Sun Sep 07 2014 Jitka Plesnikova - 2.151-311 +- Perl 5.20 re-rebuild of bootstrapped packages + +* Wed Sep 03 2014 Jitka Plesnikova - 2.151-310 +- Increase release to favour standalone package + +* Tue Aug 26 2014 Jitka Plesnikova - 2.151-4 +- Perl 5.20 rebuild + +* Sun Aug 17 2014 Fedora Release Engineering - 2.151-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 2.151-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Mon Mar 10 2014 Petr Pisar - 2.151-1 +- 2.151 bump + +* Wed Aug 14 2013 Jitka Plesnikova - 2.145-292 +- Perl 5.18 re-rebuild of bootstrapped packages + +* Sat Aug 03 2013 Fedora Release Engineering - 2.145-291 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon Jul 15 2013 Petr Pisar - 2.145-290 +- Increase release to favour standalone package + +* Fri Jul 12 2013 Petr Pisar - 2.145-2 +- Perl 5.18 rebuild + +* Mon Mar 18 2013 Petr Pisar - 2.145-1 +- 2.145 bump + +* Thu Feb 28 2013 Petr Pisar - 2.143-1 +- 2.143 bump + +* Thu Feb 14 2013 Fedora Release Engineering - 2.139-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Dec 12 2012 Petr Pisar - 2.139-1 +- 2.139 bump + +* Fri Oct 05 2012 Petr Pisar - 2.136-1 +- 2.136 bump + +* Fri Aug 24 2012 Petr Pisar - 2.135.07-241 +- Disable tests on bootstrap + +* Mon Aug 13 2012 Marcela Mašláňová - 2.135.07-240 +- update the version to override the module from perl.srpm +- bump release to override sub-package from perl.spec + +* Fri Jul 20 2012 Fedora Release Engineering - 2.131-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Wed Jun 06 2012 Petr Pisar - 2.131-2 +- Perl 5.16 rebuild + +* Tue Apr 10 2012 Petr Pisar 2.131-1 +- Specfile autogenerated by cpanspec 1.78.