Commit 50796da3 authored by Leo's avatar Leo
Browse files

community/py-psutil: fix CVE-2019-18874

parent c87d40b7
......@@ -3,16 +3,22 @@
pkgname=py-psutil
_pkgname=psutil
pkgver=5.4.6
pkgrel=0
pkgrel=1
pkgdesc="A cross-platform process and system utilities module for Python"
url="https://github.com/giampaolo/psutil"
arch="all"
license="BSD"
makedepends="$depends_dev linux-headers python2-dev python3-dev"
subpackages="py3-$_pkgname:_py3 py2-$_pkgname:_py2"
source="https://files.pythonhosted.org/packages/source/${_pkgname:0:1}/$_pkgname/$_pkgname-$pkgver.tar.gz"
source="https://files.pythonhosted.org/packages/source/${_pkgname:0:1}/$_pkgname/$_pkgname-$pkgver.tar.gz
CVE-2019-18874.patch
"
builddir="$srcdir/$_pkgname-$pkgver"
# secfixes:
# 5.4.6-r1:
# - CVE-2019-18874
build() {
cd "$builddir"
python2 setup.py build
......@@ -48,4 +54,5 @@ _py3() {
_py python3
}
sha512sums="7aefb2c1759a62fca21d1bd07f7f3aeddc368b972ce831dc6e52cda5effaee2798c6bf0aece9732dedb7fefcd8e9e3f03760d6e715be8ea1479b282150a585f3 psutil-5.4.6.tar.gz"
sha512sums="7aefb2c1759a62fca21d1bd07f7f3aeddc368b972ce831dc6e52cda5effaee2798c6bf0aece9732dedb7fefcd8e9e3f03760d6e715be8ea1479b282150a585f3 psutil-5.4.6.tar.gz
a39fbc2f1c1d092fbbcded94291d3640edb4800f938a2665b84c88c211fc5f53155e1dfbb1898d92ebeac35357108fc1b31c550eab760e9e8dfd8e117970cd5d CVE-2019-18874.patch"
diff --git a/psutil/_psutil_aix.c b/psutil/_psutil_aix.c
index 898da6b..fa05be6 100644
--- a/psutil/_psutil_aix.c
+++ b/psutil/_psutil_aix.c
@@ -390,10 +390,10 @@ psutil_users(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_username);
- Py_DECREF(py_tty);
- Py_DECREF(py_hostname);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_username);
+ Py_CLEAR(py_tty);
+ Py_CLEAR(py_hostname);
+ Py_CLEAR(py_tuple);
}
endutxent();
@@ -450,9 +450,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_dev);
- Py_DECREF(py_mountp);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_dev);
+ Py_CLEAR(py_mountp);
+ Py_CLEAR(py_tuple);
mt = getmntent(file);
}
endmntent(file);
diff --git a/psutil/_psutil_bsd.c b/psutil/_psutil_bsd.c
index dce157f..d31436e 100644
--- a/psutil/_psutil_bsd.c
+++ b/psutil/_psutil_bsd.c
@@ -152,7 +152,7 @@ psutil_pids(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_pid))
goto error;
- Py_DECREF(py_pid);
+ Py_CLEAR(py_pid);
proclist++;
}
free(orig_address);
@@ -507,8 +507,8 @@ psutil_proc_open_files(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_path);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_path);
+ Py_CLEAR(py_tuple);
}
}
free(freep);
@@ -670,9 +670,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_dev);
- Py_DECREF(py_mountp);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_dev);
+ Py_CLEAR(py_mountp);
+ Py_CLEAR(py_tuple);
}
free(fs);
@@ -765,7 +765,7 @@ psutil_net_io_counters(PyObject *self, PyObject *args) {
goto error;
if (PyDict_SetItemString(py_retdict, ifc_name, py_ifc_info))
goto error;
- Py_DECREF(py_ifc_info);
+ Py_CLEAR(py_ifc_info);
}
else {
continue;
@@ -840,10 +840,10 @@ psutil_users(PyObject *self, PyObject *args) {
fclose(fp);
goto error;
}
- Py_DECREF(py_username);
- Py_DECREF(py_tty);
- Py_DECREF(py_hostname);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_username);
+ Py_CLEAR(py_tty);
+ Py_CLEAR(py_hostname);
+ Py_CLEAR(py_tuple);
}
fclose(fp);
@@ -883,10 +883,10 @@ psutil_users(PyObject *self, PyObject *args) {
endutxent();
goto error;
}
- Py_DECREF(py_username);
- Py_DECREF(py_tty);
- Py_DECREF(py_hostname);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_username);
+ Py_CLEAR(py_tty);
+ Py_CLEAR(py_hostname);
+ Py_CLEAR(py_tuple);
}
endutxent();
diff --git a/psutil/_psutil_linux.c b/psutil/_psutil_linux.c
index bd27b5f..aabe3f4 100644
--- a/psutil/_psutil_linux.c
+++ b/psutil/_psutil_linux.c
@@ -235,9 +235,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_dev);
- Py_DECREF(py_mountp);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_dev);
+ Py_CLEAR(py_mountp);
+ Py_CLEAR(py_tuple);
}
endmntent(file);
return py_retlist;
@@ -491,10 +491,10 @@ psutil_users(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_username);
- Py_DECREF(py_tty);
- Py_DECREF(py_hostname);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_username);
+ Py_CLEAR(py_tty);
+ Py_CLEAR(py_hostname);
+ Py_CLEAR(py_tuple);
}
endutent();
return py_retlist;
diff --git a/psutil/_psutil_osx.c b/psutil/_psutil_osx.c
index be08de5..518ac4a 100644
--- a/psutil/_psutil_osx.c
+++ b/psutil/_psutil_osx.c
@@ -831,7 +831,7 @@ psutil_per_cpu_times(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_cputime))
goto error;
- Py_DECREF(py_cputime);
+ Py_CLEAR(py_cputime);
}
ret = vm_deallocate(mach_task_self(), (vm_address_t)info_array,
@@ -1013,9 +1013,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_dev);
- Py_DECREF(py_mountp);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_dev);
+ Py_CLEAR(py_mountp);
+ Py_CLEAR(py_tuple);
}
free(fs);
@@ -1083,7 +1083,6 @@ psutil_proc_threads(PyObject *self, PyObject *args) {
}
for (j = 0; j < thread_count; j++) {
- py_tuple = NULL;
thread_info_count = THREAD_INFO_MAX;
kr = thread_info(thread_list[j], THREAD_BASIC_INFO,
(thread_info_t)thinfo_basic, &thread_info_count);
@@ -1106,7 +1105,7 @@ psutil_proc_threads(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
}
ret = vm_deallocate(task, (vm_address_t)thread_list,
@@ -1215,10 +1214,8 @@ psutil_proc_open_files(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
- py_tuple = NULL;
- Py_DECREF(py_path);
- py_path = NULL;
+ Py_CLEAR(py_tuple);
+ Py_CLEAR(py_path);
// --- /construct python list
}
}
@@ -1398,7 +1395,7 @@ psutil_proc_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
}
else if (family == AF_UNIX) {
py_laddr = PyUnicode_DecodeFSDefault(
@@ -1420,9 +1417,9 @@ psutil_proc_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
- Py_DECREF(py_laddr);
- Py_DECREF(py_raddr);
+ Py_CLEAR(py_tuple);
+ Py_CLEAR(py_laddr);
+ Py_CLEAR(py_raddr);
}
}
}
@@ -1543,7 +1540,7 @@ psutil_net_io_counters(PyObject *self, PyObject *args) {
goto error;
if (PyDict_SetItemString(py_retdict, ifc_name, py_ifc_info))
goto error;
- Py_DECREF(py_ifc_info);
+ Py_CLEAR(py_ifc_info);
}
else {
continue;
@@ -1716,7 +1713,7 @@ psutil_disk_io_counters(PyObject *self, PyObject *args) {
goto error;
if (PyDict_SetItemString(py_retdict, disk_name, py_disk_info))
goto error;
- Py_DECREF(py_disk_info);
+ Py_CLEAR(py_disk_info);
CFRelease(parent_dict);
IOObjectRelease(parent);
@@ -1778,10 +1775,10 @@ psutil_users(PyObject *self, PyObject *args) {
endutxent();
goto error;
}
- Py_DECREF(py_username);
- Py_DECREF(py_tty);
- Py_DECREF(py_hostname);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_username);
+ Py_CLEAR(py_tty);
+ Py_CLEAR(py_hostname);
+ Py_CLEAR(py_tuple);
}
endutxent();
diff --git a/psutil/_psutil_sunos.c b/psutil/_psutil_sunos.c
index 0717f19..ea015e1 100644
--- a/psutil/_psutil_sunos.c
+++ b/psutil/_psutil_sunos.c
@@ -298,8 +298,8 @@ psutil_proc_environ(PyObject *self, PyObject *args) {
if (PyDict_SetItem(py_retdict, py_envname, py_envval) < 0)
goto error;
- Py_DECREF(py_envname);
- Py_DECREF(py_envval);
+ Py_CLEAR(py_envname);
+ Py_CLEAR(py_envval);
}
psutil_free_cstrings_array(env, env_count);
@@ -653,10 +653,10 @@ psutil_users(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_username);
- Py_DECREF(py_tty);
- Py_DECREF(py_hostname);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_username);
+ Py_CLEAR(py_tty);
+ Py_CLEAR(py_hostname);
+ Py_CLEAR(py_tuple);
}
endutxent();
@@ -712,9 +712,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_dev);
- Py_DECREF(py_mountp);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_dev);
+ Py_CLEAR(py_mountp);
+ Py_CLEAR(py_tuple);
}
fclose(file);
return py_retlist;
@@ -765,8 +765,7 @@ psutil_per_cpu_times(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_cputime))
goto error;
- Py_DECREF(py_cputime);
- py_cputime = NULL;
+ Py_CLEAR(py_cputime);
}
}
@@ -822,7 +821,7 @@ psutil_disk_io_counters(PyObject *self, PyObject *args) {
if (PyDict_SetItemString(py_retdict, ksp->ks_name,
py_disk_info))
goto error;
- Py_DECREF(py_disk_info);
+ Py_CLEAR(py_disk_info);
}
}
ksp = ksp->ks_next;
@@ -957,8 +956,8 @@ psutil_proc_memory_maps(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_path);
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_path);
+ Py_CLEAR(py_tuple);
// increment pointer
p += 1;
@@ -1073,7 +1072,7 @@ psutil_net_io_counters(PyObject *self, PyObject *args) {
goto error;
if (PyDict_SetItemString(py_retdict, ksp->ks_name, py_ifc_info))
goto error;
- Py_DECREF(py_ifc_info);
+ Py_CLEAR(py_ifc_info);
goto next;
next:
@@ -1271,7 +1270,7 @@ psutil_net_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
}
}
#if defined(AF_INET6)
@@ -1285,7 +1284,7 @@ psutil_net_connections(PyObject *self, PyObject *args) {
#ifdef NEW_MIB_COMPLIANT
processed_pid = tp6.tcp6ConnCreationProcess;
#else
- processed_pid = 0;
+ processed_pid = 0;
#endif
if (pid != -1 && processed_pid != pid)
continue;
@@ -1314,14 +1313,14 @@ psutil_net_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
}
}
#endif
// UDPv4
else if (mibhdr.level == MIB2_UDP || mibhdr.level == MIB2_UDP_ENTRY) {
num_ent = mibhdr.len / sizeof(mib2_udpEntry_t);
- assert(num_ent * sizeof(mib2_udpEntry_t) == mibhdr.len);
+ assert(num_ent * sizeof(mib2_udpEntry_t) == mibhdr.len);
for (i = 0; i < num_ent; i++) {
memcpy(&ude, databuf.buf + i * sizeof ude, sizeof ude);
#ifdef NEW_MIB_COMPLIANT
@@ -1353,7 +1352,7 @@ psutil_net_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
}
}
#if defined(AF_INET6)
@@ -1386,7 +1385,7 @@ psutil_net_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
}
}
#endif
@@ -1559,7 +1558,7 @@ psutil_net_if_stats(PyObject* self, PyObject* args) {
goto error;
if (PyDict_SetItemString(py_retdict, ksp->ks_name, py_ifc_info))
goto error;
- Py_DECREF(py_ifc_info);
+ Py_CLEAR(py_ifc_info);
}
}
diff --git a/psutil/_psutil_windows.c b/psutil/_psutil_windows.c
index ce44258..bf5d57d 100644
--- a/psutil/_psutil_windows.c
+++ b/psutil/_psutil_windows.c
@@ -350,7 +350,7 @@ psutil_pids(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_pid))
goto error;
- Py_DECREF(py_pid);
+ Py_CLEAR(py_pid);
}
// free C array allocated for PIDs
@@ -1113,7 +1113,7 @@ psutil_per_cpu_times(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
}
free(sppi);
@@ -1331,7 +1331,7 @@ psutil_proc_threads(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
CloseHandle(hThread);
}
@@ -1788,7 +1788,7 @@ psutil_net_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_conn_tuple))
goto error;
- Py_DECREF(py_conn_tuple);
+ Py_CLEAR(py_conn_tuple);
}
}
else {
@@ -1885,7 +1885,7 @@ psutil_net_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_conn_tuple))
goto error;
- Py_DECREF(py_conn_tuple);
+ Py_CLEAR(py_conn_tuple);
}
}
else {
@@ -1959,7 +1959,7 @@ psutil_net_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_conn_tuple))
goto error;
- Py_DECREF(py_conn_tuple);
+ Py_CLEAR(py_conn_tuple);
}
}
else {
@@ -2032,7 +2032,7 @@ psutil_net_connections(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_conn_tuple))
goto error;
- Py_DECREF(py_conn_tuple);
+ Py_CLEAR(py_conn_tuple);
}
}
else {
@@ -2439,8 +2439,8 @@ psutil_net_io_counters(PyObject *self, PyObject *args) {
goto error;
if (PyDict_SetItem(py_retdict, py_nic_name, py_nic_info))
goto error;
- Py_XDECREF(py_nic_name);
- Py_XDECREF(py_nic_info);
+ Py_CLEAR(py_nic_name);
+ Py_CLEAR(py_nic_info);
free(pIfRow);
pCurrAddresses = pCurrAddresses->Next;
@@ -2555,7 +2555,7 @@ psutil_disk_io_counters(PyObject *self, PyObject *args) {
goto error;
if (PyDict_SetItemString(py_retdict, szDeviceDisplay, py_tuple))
goto error;
- Py_XDECREF(py_tuple);
+ Py_CLEAR(py_tuple);
next:
CloseHandle(hDevice);
@@ -2712,7 +2712,7 @@ psutil_disk_partitions(PyObject *self, PyObject *args) {
goto error;
}
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
// Continue looking for more mount points
mp_flag = FindNextVolumeMountPoint(mp_h, mp_buf, MAX_PATH);
@@ -2737,7 +2737,7 @@ psutil_disk_partitions(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
+ Py_CLEAR(py_tuple);
goto next;
next:
@@ -2867,9 +2867,9 @@ psutil_users(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_XDECREF(py_username);
- Py_XDECREF(py_address);
- Py_XDECREF(py_tuple);
+ Py_CLEAR(py_username);
+ Py_CLEAR(py_address);
+ Py_CLEAR(py_tuple);
}
WTSFreeMemory(sessions);
@@ -3105,8 +3105,8 @@ psutil_proc_memory_maps(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
- Py_DECREF(py_str);
+ Py_CLEAR(py_tuple);
+ Py_CLEAR(py_str);
}
previousAllocationBase = basicInfo.AllocationBase;
baseAddress = (PCHAR)baseAddress + basicInfo.RegionSize;
@@ -3156,8 +3156,8 @@ psutil_ppid_map(PyObject *self, PyObject *args) {
goto error;
if (PyDict_SetItem(py_retdict, py_pid, py_ppid))
goto error;
- Py_DECREF(py_pid);
- Py_DECREF(py_ppid);
+ Py_CLEAR(py_pid);
+ Py_CLEAR(py_ppid);
} while (Process32Next(handle, &pe));
}
@@ -3260,8 +3260,8 @@ psutil_net_if_addrs(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
- Py_DECREF(py_mac_address);
+ Py_CLEAR(py_tuple);
+ Py_CLEAR(py_mac_address);
}
// find out the IP address associated with the NIC
@@ -3337,14 +3337,14 @@ psutil_net_if_addrs(PyObject *self, PyObject *args) {
goto error;
if (PyList_Append(py_retlist, py_tuple))
goto error;
- Py_DECREF(py_tuple);
- Py_DECREF(py_address);
- Py_DECREF(py_netmask);
+ Py_CLEAR(py_tuple);
+ Py_CLEAR(py_address);
+ Py_CLEAR(py_netmask);
pUnicast = pUnicast->Next;
}
}
- Py_DECREF(py_nic_name);
+ Py_CLEAR(py_nic_name);
pCurrAddresses = pCurrAddresses->Next;
}
@@ -3464,8 +3464,8 @@ psutil_net_if_stats(PyObject *self, PyObject *args) {
goto error;
if (PyDict_SetItem(py_retdict, py_nic_name, py_ifc_info))
goto error;
- Py_DECREF(py_nic_name);
- Py_DECREF(py_ifc_info);
+ Py_CLEAR(py_nic_name);
+ Py_CLEAR(py_ifc_info);
}
free(pIfTable);
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment