python-pam: new package

	source "package/python-networkmanager/Config.in"

	source "package/python-nfc/Config.in"

	source "package/python-numpy/Config.in"

	source "package/python-pam/Config.in"

	source "package/python-posix-ipc/Config.in"

	source "package/python-protobuf/Config.in"

	source "package/python-psutil/Config.in"

[PATCH] fix two bugs in the PAM object deallocation

Fixes https://bugzilla.redhat.com/show_bug.cgi?id=658955

Downloaded from:

http://pkgs.fedoraproject.org/cgit/PyPAM.git/plain/PyPAM-0.5.0-dealloc.patch

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff -up PyPAM-0.5.0/PAMmodule.c.dealloc PyPAM-0.5.0/PAMmodule.c

--- PyPAM-0.5.0/PAMmodule.c.dealloc	2011-01-17 22:48:22.000000000 +0100

+++ PyPAM-0.5.0/PAMmodule.c	2011-01-18 21:24:59.000000000 +0100

@@ -538,10 +538,11 @@ static void PyPAM_dealloc(PyPAMObject *s

     free(self->service);

     free(self->user);

     free(self->conv);

-    pam_end(self->pamh, PAM_SUCCESS);

+    if (self->pamh)

+        pam_end(self->pamh, PAM_SUCCESS);

     dlclose(self->dlh2);

     dlclose(self->dlh1);

-    PyMem_DEL(self);

+    PyObject_Del(self);

 }

 static PyObject * PyPAM_getattr(PyPAMObject *self, char *name)

[PATCH] deallocate the conversation response only in case of error

Fixes https://bugzilla.redhat.com/show_bug.cgi?id=679714

Downloaded from:

http://pkgs.fedoraproject.org/cgit/PyPAM.git/plain/PyPAM-0.5.0-nofree.patch

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/PAMmodule.c b/PAMmodule.c

index 03cb799..a7ff8a5 100644

--- a/PAMmodule.c

+++ b/PAMmodule.c

@@ -24,8 +24,6 @@ typedef struct {

     char                *service;

     char                *user;

     PyObject            *callback;

-    struct pam_response *response_data;

-    int                 response_len;

     PyObject            *user_data;

     void                *dlh1, *dlh2;

 } PyPAMObject;

@@ -54,15 +52,6 @@ static int PyPAM_conv(int num_msg, const struct pam_message **msg,

     Py_INCREF(self);

-    if (NULL != self->response_data) {

-        for (int i = 0; i < self->response_len; i++) {

-            free(self->response_data[0].resp);

-        }

-        free(self->response_data);

-        self->response_data = NULL;

-        self->response_len = 0;

-    }

-

     PyObject* msgList = PyList_New(num_msg);

     for (int i = 0; i < num_msg; i++) {

@@ -92,6 +81,10 @@ static int PyPAM_conv(int num_msg, const struct pam_message **msg,

         char* resp_text;

         int resp_retcode = 0;

         if (!PyArg_ParseTuple(respTuple, "si", &resp_text, &resp_retcode)) {

+            while (i > 0) {

+                free((--spr)->resp);

+                --i;

+            }

             free(*resp);

             Py_DECREF(respList);

             return PAM_CONV_ERR;

@@ -100,10 +93,6 @@ static int PyPAM_conv(int num_msg, const struct pam_message **msg,

         spr->resp_retcode = resp_retcode;

         Py_DECREF(respTuple);

     }

-    

-    // Save this so we can free it later.

-    self->response_data = *resp;

-    self->response_len = PyList_Size(respList);

     Py_DECREF(respList);

@@ -144,8 +133,6 @@ static PyObject * PyPAM_pam(PyObject *self, PyObject *args)

     p->user = NULL;

     Py_INCREF(Py_None);

     p->callback = Py_None;

-    p->response_data = NULL;

-    p->response_len = 0;

     Py_INCREF(Py_None);

     p->user_data = Py_None;

[PATCH] Fix Double Free Corruption (CVE2012-1502)

Downloaded from:

http://pkgs.fedoraproject.org/cgit/PyPAM.git/plain/PyPAM-0.5.0-memory-errors.patch

For details, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1502

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff -up PyPAM-0.5.0/PAMmodule.c.memory PyPAM-0.5.0/PAMmodule.c

--- PyPAM-0.5.0/PAMmodule.c.memory	2012-05-07 17:22:54.503914026 +0200

+++ PyPAM-0.5.0/PAMmodule.c	2012-05-07 17:23:15.644381942 +0200

@@ -37,33 +37,48 @@ static void PyPAM_Err(PyPAMObject *self,

     err_msg = pam_strerror(self->pamh, result);

     error = Py_BuildValue("(si)", err_msg, result);

-    Py_INCREF(PyPAM_Error);

     PyErr_SetObject(PyPAM_Error, error);

+    Py_XDECREF(error);

 }

 static int PyPAM_conv(int num_msg, const struct pam_message **msg,

     struct pam_response **resp, void *appdata_ptr)

 {

-    PyObject                *args;

-

+    PyObject *args, *msgList, *respList, *item;

+    struct pam_response *response, *spr;

     PyPAMObject* self = (PyPAMObject *) appdata_ptr;

+

     if (self->callback == NULL)

         return PAM_CONV_ERR;

     Py_INCREF(self);

-    PyObject* msgList = PyList_New(num_msg);

-    

+    msgList = PyList_New(num_msg);

+    if (msgList == NULL) {

+        Py_DECREF(self);

+        return PAM_CONV_ERR;

+    }

+

     for (int i = 0; i < num_msg; i++) {

-        PyList_SetItem(msgList, i,

-            Py_BuildValue("(si)", msg[i]->msg, msg[i]->msg_style));

+        item = Py_BuildValue("(si)", msg[i]->msg, msg[i]->msg_style);

+        if (item == NULL) {

+            Py_DECREF(msgList);

+            Py_DECREF(self);

+            return PAM_CONV_ERR;

+        }

+        PyList_SetItem(msgList, i, item);

     }

-    

+

     args = Py_BuildValue("(OO)", self, msgList);

-    PyObject* respList = PyEval_CallObject(self->callback, args);

+    if (args == NULL) {

+        Py_DECREF(self);

+	Py_DECREF(msgList);

+        return PAM_CONV_ERR;

+    }

+    respList = PyEval_CallObject(self->callback, args);

     Py_DECREF(args);

     Py_DECREF(self);

-    

+

     if (respList == NULL)

         return PAM_CONV_ERR;

@@ -71,11 +86,15 @@ static int PyPAM_conv(int num_msg, const

         Py_DECREF(respList);

         return PAM_CONV_ERR;

     }

-    

-    *resp = (struct pam_response *) malloc(

+

+    response = (struct pam_response *) malloc(

         PyList_Size(respList) * sizeof(struct pam_response));

+    if (response == NULL) {

+        Py_DECREF(respList);

+        return PAM_CONV_ERR;

+    }

+    spr = response;

-    struct pam_response* spr = *resp;

     for (int i = 0; i < PyList_Size(respList); i++, spr++) {

         PyObject* respTuple = PyList_GetItem(respList, i);

         char* resp_text;

@@ -85,7 +104,7 @@ static int PyPAM_conv(int num_msg, const

                 free((--spr)->resp);

                 --i;

             }

-            free(*resp);

+            free(response);

             Py_DECREF(respList);

             return PAM_CONV_ERR;

         }

@@ -95,7 +114,8 @@ static int PyPAM_conv(int num_msg, const

     }

     Py_DECREF(respList);

-    

+    *resp = response;

+

     return PAM_SUCCESS;

 }

@@ -122,7 +142,11 @@ static PyObject * PyPAM_pam(PyObject *se

     PyPAMObject_Type.ob_type = &PyType_Type;

     p = (PyPAMObject *) PyObject_NEW(PyPAMObject, &PyPAMObject_Type);

+    if (p == NULL)

+        return NULL;

+

     if ((spc = (struct pam_conv *) malloc(sizeof(struct pam_conv))) == NULL) {

+        Py_DECREF((PyObject *)p);

         PyErr_SetString(PyExc_MemoryError, "out of memory");

         return NULL;

     }

@@ -455,9 +479,15 @@ static PyObject * PyPAM_getenvlist(PyObj

     }

     retval = PyList_New(0);

+    if (retval == NULL)

+	return NULL;

     while ((cp = *(result++)) != NULL) {

         entry = Py_BuildValue("s", cp);

+        if (entry == NULL) {

+            Py_DECREF(retval);

+            return NULL;

+        }

         PyList_Append(retval, entry);

         Py_DECREF(entry);

     }

comment "python-pam needs a toolchain w/ wchar, locale, dynamic library"

	depends on BR2_PACKAGE_PYTHON

	depends on !BR2_ENABLE_LOCALE || !BR2_USE_WCHAR || BR2_PREFER_STATIC_LIB

config BR2_PACKAGE_PYTHON_PAM

	bool "python-pam"

	depends on BR2_PACKAGE_PYTHON # C extension not compatible with python3

	depends on BR2_ENABLE_LOCALE # linux-pam

	depends on BR2_USE_WCHAR # linux-pam

	depends on !BR2_PREFER_STATIC_LIB # linux-pam

	select BR2_PACKAGE_LINUX_PAM

	help

	  PAM (Pluggable Authentication Module) bindings for Python.

	  https://admin.fedoraproject.org/pkgdb/package/PyPAM/