[SCM] Debian packaging of libapache2-mod-perl2 branch, master, updated. debian/2.0.7-2-3-g7b6d972

Dominic Hargreaves dom at earth.li
Tue Mar 12 00:01:39 UTC 2013 

The following commit has been merged in the master branch:
commit 7b6d972fcb6040c4ad7f6938fc68f9aa165fb92f
Author: Dominic Hargreaves <dom at earth.li>
Date:   Mon Mar 11 23:43:50 2013 +0000

    Fix FTBFS with versions of perl including the CVE-2013-1667 fix (Closes: #702821)

diff --git a/debian/changelog b/debian/changelog
index 134c25e..1f6b964 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,12 @@
 libapache2-mod-perl2 (2.0.7-3) UNRELEASED; urgency=low
 
+  [ Salvatore Bonaccorso ]
   * Change Vcs-Git to canonical URI (git://anonscm.debian.org)
 
+  [ Dominic Hargreaves ]
+  * Fix FTBFS with versions of perl including the CVE-2013-1667
+    fix (Closes: #702821)
+
  -- Salvatore Bonaccorso <carnil at debian.org>  Sun, 06 Jan 2013 21:56:58 +0100
 
 libapache2-mod-perl2 (2.0.7-2) unstable; urgency=low
diff --git a/debian/patches/270_fix_hash_attack_test.patch b/debian/patches/270_fix_hash_attack_test.patch
new file mode 100644
index 0000000..3158785
--- /dev/null
+++ b/debian/patches/270_fix_hash_attack_test.patch
@@ -0,0 +1,77 @@
+--- a/t/response/TestPerl/hash_attack.pm	(revision 1451907)
++++ b/t/response/TestPerl/hash_attack.pm	(working copy)
+@@ -5,10 +5,11 @@
+ # and fixup handlers in this test). Moreover it must not fail to find
+ # that entry on the subsequent requests.
+ #
+-# the hash attack is detected when HV_MAX_LENGTH_BEFORE_SPLIT keys
+-# find themselves in the same hash bucket, in which case starting from
+-# 5.8.2 the hash will rehash all its keys using a random hash seed
+-# (PL_new_hash_seed, set in mod_perl or via PERL_HASH_SEED environment
++# the hash attack is detected when HV_MAX_LENGTH_BEFORE_REHASH keys find
++# themselves in the same hash bucket on splitting (which happens when the
++# number of keys crosses the threshold of a power of 2), in which case
++# starting from 5.8.2 the hash will rehash all its keys using a random hash
++# seed (PL_new_hash_seed, set in mod_perl or via PERL_HASH_SEED environment
+ # variable)
+ #
+ # Prior to the attack condition hashes use the PL_hash_seed, which is
+@@ -29,7 +30,7 @@
+ 
+ use constant MASK_U32  => 2**32;
+ use constant HASH_SEED => 0; # 5.8.2: always zero before the rehashing
+-use constant THRESHOLD => 14; #define HV_MAX_LENGTH_BEFORE_SPLIT
++use constant THRESHOLD => 14; #define HV_MAX_LENGTH_BEFORE_REHASH
+ use constant START     => "a";
+ 
+ # create conditions which will trigger a rehash on the current stash
+@@ -74,9 +75,9 @@
+     my $bits = $keys ? log($keys)/log(2) : 0;
+     $bits = $min_bits if $min_bits > $bits;
+ 
+-    $bits = int($bits) < $bits ? int($bits) + 1 : int($bits);
+-    # need to add 2 bits to cover the internal split cases
+-    $bits += 2;
++    $bits = ceil($bits);
++    # need to add 3 bits to cover the internal split cases
++    $bits += 3;
+     my $mask = 2**$bits-1;
+     debug "mask: $mask ($bits)";
+ 
+@@ -90,7 +91,7 @@
+         next unless ($h & $mask) == 0;
+         $c++;
+         $stash->{$s}++;
+-        debug sprintf "%2d: %5s, %10s, %s", $c, $s, $h, scalar(%$stash);
++        debug sprintf "%2d: %5s, %08x %s", $c, $s, $h, scalar(%$stash);
+         push @keys, $s;
+         debug "The hash collision attack has been successful"
+             if Internals::HvREHASH(%$stash);
+@@ -98,6 +99,14 @@
+         $s++;
+     }
+ 
++    # Now add more keys until we reach a power of 2, to force the number
++    # of buckets to be doubled (at which point the longest chain is checked).
++    $keys = scalar keys %$stash;
++    $bits = log($keys)/log(2);
++    my $limit = 2 ** ceil($bits);
++    debug "pad keys from $keys to $limit";
++    $stash->{$s++}++ while keys(%$stash) <= $limit;
++
+     # this verifies that the attack was mounted successfully. If
+     # HvREHASH is on it is. Otherwise the sequence wasn't successful.
+     die "Failed to mount the hash collision attack"
+@@ -108,6 +117,12 @@
+     return @keys;
+ }
+ 
++# least integer >= n
++sub ceil {
++    my $value = shift;
++    return int($value) < $value ? int($value) + 1 : int($value);
++}
++
+ # trying to provide the fastest equivalent of C macro's PERL_HASH in
+ # Perl - the main complication is that the C macro uses U32 integer
+ # (unsigned int), which we can't do it Perl (it can do I32, with 'use
diff --git a/debian/patches/series b/debian/patches/series
index 16a657c..cfc7eb1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -11,3 +11,4 @@ avoid-db-linkage.patch
 220_fix-bad-whatis-entry.patch
 250-lfs-perl-5.14.patch
 260_fix_pipelined_response_deadlock.patch
+270_fix_hash_attack_test.patch

-- 
Debian packaging of libapache2-mod-perl2

More information about the Pkg-perl-cvs-commits mailing list