commit 9c6d827f8d4803d2880f052661fad342ebca9c0f · pyrox.dev/nixpkgs

+47

pkgs/development/perl-modules/Cpanel-JSON-XS-CVE-2025-40929.patch

···

       1
       +
       From 5592bfb58eb8d1c8a644e67c9bba795d1384a995 Mon Sep 17 00:00:00 2001

     

       2
       +
       From: Marc Lehmann <schmorp@schmorp.de>

     

       3
       +
       Date: Sat, 6 Sep 2025 11:31:36 +0200

     

       4
       +
       Subject: [PATCH 1/2] fix json_atof_scan1 overflows

     

       5
       +
       

     

       6
       +
       with fuzzed overlong numbers. CVE-2025-40928

     

       7
       +
       Really the comparisons were wrong.

     

       8
       +
       ---

     

       9
       +
        XS.xs | 8 ++++----

     

       10
       +
        1 file changed, 4 insertions(+), 4 deletions(-)

     

       11
       +
       

     

       12
       +
       diff --git a/XS.xs b/XS.xs

     

       13
       +
       index 9b1ce2b..94ab0d6 100755

     

       14
       +
       --- a/XS.xs

     

       15
       +
       +++ b/XS.xs

     

       16
       +
       @@ -710,16 +710,16 @@ json_atof_scan1 (const char *s, NV *accum, int *expo, int postdp, int maxdepth)

     

       17
       +
          /* if we recurse too deep, skip all remaining digits */

     

       18
       +
          /* to avoid a stack overflow attack */

     

       19
       +
          if (UNLIKELY(--maxdepth <= 0))

     

       20
       +
       -    while (((U8)*s - '0') < 10)

     

       21
       +
       +    while ((U8)(*s - '0') < 10)

     

       22
       +
              ++s;

     

       23
       +
        

     

       24
       +
          for (;;)

     

       25
       +
            {

     

       26
       +
       -      U8 dig = (U8)*s - '0';

     

       27
       +
       +      U8 dig = (U8)(*s - '0');

     

       28
       +
        

     

       29
       +
              if (UNLIKELY(dig >= 10))

     

       30
       +
                {

     

       31
       +
       -          if (dig == (U8)((U8)'.' - (U8)'0'))

     

       32
       +
       +          if (dig == (U8)('.' - '0'))

     

       33
       +
                    {

     

       34
       +
                      ++s;

     

       35
       +
                      json_atof_scan1 (s, accum, expo, 1, maxdepth);

     

       36
       +
       @@ -739,7 +739,7 @@ json_atof_scan1 (const char *s, NV *accum, int *expo, int postdp, int maxdepth)

     

       37
       +
                      else if (*s == '+')

     

       38
       +
                        ++s;

     

       39
       +
        

     

       40
       +
       -              while ((dig = (U8)*s - '0') < 10)

     

       41
       +
       +              while ((dig = (U8)(*s - '0')) < 10)

     

       42
       +
                        exp2 = exp2 * 10 + *s++ - '0';

     

       43
       +
        

     

       44
       +
                      *expo += neg ? -exp2 : exp2;

     

       45
       +
       -- 

     

       46
       +
       2.50.1

     

       47
       +

+31

pkgs/development/perl-modules/JSON-XS-CVE-2025-40928.patch

···

       1
       +
       --- a/XS.xs	2025-09-06 08:34:51.376455632 -0300

     

       2
       +
       +++ b/XS.xs	2025-09-06 08:35:30.725873619 -0300

     

       3
       +
       @@ -253,16 +253,16 @@

     

       4
       +
          // if we recurse too deep, skip all remaining digits

     

       5
       +
          // to avoid a stack overflow attack

     

       6
       +
          if (expect_false (--maxdepth <= 0))

     

       7
       +
       -    while (((U8)*s - '0') < 10)

     

       8
       +
       +    while ((U8)(*s - '0') < 10)

     

       9
       +
              ++s;

     

       10
       +
        

     

       11
       +
          for (;;)

     

       12
       +
            {

     

       13
       +
       -      U8 dig = (U8)*s - '0';

     

       14
       +
       +      U8 dig = *s - '0';

     

       15
       +
        

     

       16
       +
              if (expect_false (dig >= 10))

     

       17
       +
                {

     

       18
       +
       -          if (dig == (U8)((U8)'.' - (U8)'0'))

     

       19
       +
       +          if (dig == (U8)('.' - '0'))

     

       20
       +
                    {

     

       21
       +
                      ++s;

     

       22
       +
                      json_atof_scan1 (s, accum, expo, 1, maxdepth);

     

       23
       +
       @@ -282,7 +282,7 @@

     

       24
       +
                      else if (*s == '+')

     

       25
       +
                        ++s;

     

       26
       +
        

     

       27
       +
       -              while ((dig = (U8)*s - '0') < 10)

     

       28
       +
       +              while ((dig = (U8)(*s - '0')) < 10)

     

       29
       +
                        exp2 = exp2 * 10 + *s++ - '0';

     

       30
       +
        

     

       31
       +
                      *expo += neg ? -exp2 : exp2;

pkgs/top-level/perl-packages.nix

···

       6645
        
             url = "mirror://cpan/authors/id/R/RU/RURBAN/Cpanel-JSON-XS-4.37.tar.gz";

     

       6646
        
             hash = "sha256-wkFhWg4X/3Raqoa79Gam4pzSQFFeZfBqegUBe2GebUs=";

     

       6647
        
           };

     

       0
        
       
     

       6648
        
           meta = {

     

       6649
        
             description = "CPanel fork of JSON::XS, fast and correct serializing";

     

       6650
        
             license = with lib.licenses; [

     
···

       18308
        
             url = "mirror://cpan/authors/id/M/ML/MLEHMANN/JSON-XS-4.03.tar.gz";

     

       18309
        
             hash = "sha256-UVU29F8voafojIgkUzdY0BIdJnq5y0U6G1iHyKVrkGg=";

     

       18310
        
           };

     

       0
        
       
     

       18311
        
           propagatedBuildInputs = [ TypesSerialiser ];

     

       18312
        
           buildInputs = [ CanaryStability ];

     

       18313
        
           meta = {

···

       6645
        
             url = "mirror://cpan/authors/id/R/RU/RURBAN/Cpanel-JSON-XS-4.37.tar.gz";

     

       6646
        
             hash = "sha256-wkFhWg4X/3Raqoa79Gam4pzSQFFeZfBqegUBe2GebUs=";

     

       6647
        
           };

     

       6648
       +
           patches = [ ../development/perl-modules/Cpanel-JSON-XS-CVE-2025-40929.patch ];

     

       6649
        
           meta = {

     

       6650
        
             description = "CPanel fork of JSON::XS, fast and correct serializing";

     

       6651
        
             license = with lib.licenses; [

     
···

       18309
        
             url = "mirror://cpan/authors/id/M/ML/MLEHMANN/JSON-XS-4.03.tar.gz";

     

       18310
        
             hash = "sha256-UVU29F8voafojIgkUzdY0BIdJnq5y0U6G1iHyKVrkGg=";

     

       18311
        
           };

     

       18312
       +
           patches = [ ../development/perl-modules/JSON-XS-CVE-2025-40928.patch ];

     

       18313
        
           propagatedBuildInputs = [ TypesSerialiser ];

     

       18314
        
           buildInputs = [ CanaryStability ];

     

       18315
        
           meta = {