Adapted from upstream commit 659615c7b100a89eafe6253e7a5b9d84d0e8df74,
this patch omits the upstream changes to 'Changes' and 'VERSION'.
http://seclists.org/oss-sec/2016/q2/170
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8869
https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74
---
byterun/alloc.c | 4 ++--
byterun/intern.c | 2 +-
byterun/str.c | 4 ++--
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/byterun/alloc.c b/byterun/alloc.c
index 96a21bf..0db9947 100644
--- a/byterun/alloc.c
+++ b/byterun/alloc.c
@@ -153,7 +153,7 @@ CAMLexport int caml_convert_flag_list(value list, int *flags)
/* [size] is a [value] representing number of words (fields) */
CAMLprim value caml_alloc_dummy(value size)
{
- mlsize_t wosize = Int_val(size);
+ mlsize_t wosize = Long_val(size);
if (wosize == 0) return Atom(0);
return caml_alloc (wosize, 0);
@@ -169,7 +169,7 @@ CAMLprim value caml_alloc_dummy_function(value size,value arity)
/* [size] is a [value] representing number of floats. */
CAMLprim value caml_alloc_dummy_float (value size)
{
- mlsize_t wosize = Int_val(size) * Double_wosize;
+ mlsize_t wosize = Long_val(size) * Double_wosize;
if (wosize == 0) return Atom(0);
return caml_alloc (wosize, 0);
diff --git a/byterun/intern.c b/byterun/intern.c
index 89d13d1..7b8d049 100644
--- a/byterun/intern.c
+++ b/byterun/intern.c
@@ -291,7 +291,7 @@ static void intern_rec(value *dest)
case OFreshOID:
/* Refresh the object ID */
/* but do not do it for predefined exception slots */
- if (Int_val(Field((value)dest, 1)) >= 0)
+ if (Long_val(Field((value)dest, 1)) >= 0)
caml_set_oo_id((value)dest);
/* Pop item and iterate */
sp--;
diff --git a/byterun/str.c b/byterun/str.c
index 5ad4e29..885772f 100644
--- a/byterun/str.c
+++ b/byterun/str.c
@@ -266,7 +266,7 @@ CAMLprim value caml_string_greaterequal(value s1, value s2)
CAMLprim value caml_blit_string(value s1, value ofs1, value s2, value ofs2,
value n)
{
- memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Int_val(n));
+ memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Long_val(n));
return Val_unit;
}
@@ -278,7 +278,7 @@ CAMLprim value caml_fill_string(value s, value offset, value len, value init)
CAMLprim value caml_bitvect_test(value bv, value n)
{
- int pos = Int_val(n);
+ intnat pos = Long_val(n);
return Val_int(Byte_u(bv, pos >> 3) & (1 << (pos & 7)));
}
--
2.7.4
bf0fc88df562defab9cbeb91&showmsg=1'>Expand)| Author |
| 2021-12-22 | tests: Move keys into ./tests/keys/ and add a third ed25519 key....The third key will be used in an upcoming commit.
Rename public keys to .pub.
* guix/tests/gnupg.scm (%ed25519-3-public-key-file): New variable.
(%ed25519-3-secret-key-file): New variable.
(%ed25519-2-public-key-file): Renamed from %ed25519bis-public-key-file.
(%ed25519-2-secret-key-file): Renamed from %ed25519bis-secret-key-file.
* tests/keys/ed25519-3.key: New file.
* tests/keys/ed25519-3.sec: New file.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
| Attila Lendvai |
| 2020-09-15 | authenticate: Encode strings as ISO-8859-1....Fixes <https://bugs.gnu.org/43421>.
* guix/scripts/authenticate.scm (read-command): Decode strings as
ISO-8859-1, not UTF-8.
(guix-authenticate)[send-reply]: Encode strings as ISO-8859-1, not
UTF-8.
* tests/guix-authenticate.sh: Add test.
| Ludovic Courtès |
| 2020-09-14 | daemon: Spawn 'guix authenticate' once for all....Previously, we'd spawn 'guix authenticate' once for each item that has
to be signed (when exporting) or authenticated (when importing). Now,
we spawn it once for all and then follow a request/reply protocol. This
reduces the wall-clock time of:
guix archive --export -r $(guix build coreutils -d)
from 30s to 2s.
* guix/scripts/authenticate.scm (sign-with-key): Return the signature
instead of displaying it. Raise a &formatted-message instead of calling
'leave'.
(validate-signature): Likewise.
(read-command): New procedure.
(define-enumerate-type, reply-code): New macros.
(guix-authenticate)[send-reply]: New procedure.
Change to read commands from current-input-port.
* nix/libstore/local-store.cc (runAuthenticationProgram): Remove.
(authenticationAgent, readInteger, readAuthenticateReply): New
functions.
(signHash, verifySignature): Rewrite in terms of the agent.
* tests/store.scm ("import not signed"): Remove 'pk' call.
("import signed by unauthorized key"): Check the error message of C.
* tests/guix-authenticate.sh: Rewrite using the new protocol.
fixlet
| Ludovic Courtès |
| 2020-09-11 | daemon: Simplify interface with 'guix authenticate'....There's no reason at this point to mimic the calling convention of the
'openssl' command.
* nix/libstore/local-store.cc (LocalStore::exportPath): Add only "sign"
and HASH to ARGS. Remove 'tmpDir' and 'hashFile'.
(LocalStore::importPath): Add only "verify" and SIGNATURE to
* guix/scripts/authenticate.scm (guix-authenticate): Adjust
accordingly; remove the OpenSSL-style clauses.
(read-hash-data): Remove.
(sign-with-key): Replace 'port' with 'sha256' and adjust accordingly.
(validate-signature): Export SIGNATURE to be a canonical sexp.
* tests/guix-authenticate.sh: Adjust tests accordingly.
| Ludovic Courtès |