diff options
| author | Chris 'BinGOs' Williams <chris@bingosnet.co.uk> | 2011-10-02 19:24:33 +0100 |
|---|---|---|
| committer | Chris 'BinGOs' Williams <chris@bingosnet.co.uk> | 2011-10-02 19:24:33 +0100 |
| commit | a2fa999d41c94d622051667d897fedca90be1828 (patch) | |
| tree | eb0124a7654b545ba461ce5413b7bfd05c865ec7 /cpan/Digest | |
| parent | dd4e46d75e27ba994dc0527364bc4c4a4a683e36 (diff) | |
| download | perl-a2fa999d41c94d622051667d897fedca90be1828.tar.gz | |
Update Digest to CPAN version 1.17
[DELTA]
2011-10-02 Gisle Aas <gisle@ActiveState.com>
Release 1.17.
Gisle Aas (6):
Less noisy 'git status' output
Merge pull request #1 from schwern/bug/require_eval
Don't clobber $@ in Digest->new [RT#50663]
More meta info added to Makefile.PL
Fix typo in RIPEMD160 [RT#50629]
Add schwern's test files
Michael G. Schwern (5):
Turn on strict.
Convert tests to use Test::More
Untabify
Turn Digest::Dummy into a real file which exercises the Digest->new() require logic.
Close the eval "require $module" security hole in Digest->new($algorithm)
Diffstat (limited to 'cpan/Digest')
| -rw-r--r-- | cpan/Digest/Changes | 21 | ||||
| -rw-r--r-- | cpan/Digest/Digest.pm | 35 | ||||
| -rw-r--r-- | cpan/Digest/t/base.t | 31 | ||||
| -rw-r--r-- | cpan/Digest/t/digest.t | 36 | ||||
| -rw-r--r-- | cpan/Digest/t/file.t | 17 | ||||
| -rw-r--r-- | cpan/Digest/t/lib/Digest/Dummy.pm | 20 | ||||
| -rw-r--r-- | cpan/Digest/t/security.t | 14 |
7 files changed, 108 insertions, 66 deletions
diff --git a/cpan/Digest/Changes b/cpan/Digest/Changes index be5a3de54d..d91cb3565e 100644 --- a/cpan/Digest/Changes +++ b/cpan/Digest/Changes @@ -1,3 +1,24 @@ +2011-10-02 Gisle Aas <gisle@ActiveState.com> + + Release 1.17. + + Gisle Aas (6): + Less noisy 'git status' output + Merge pull request #1 from schwern/bug/require_eval + Don't clobber $@ in Digest->new [RT#50663] + More meta info added to Makefile.PL + Fix typo in RIPEMD160 [RT#50629] + Add schwern's test files + + Michael G. Schwern (5): + Turn on strict. + Convert tests to use Test::More + Untabify + Turn Digest::Dummy into a real file which exercises the Digest->new() require logic. + Close the eval "require $module" security hole in Digest->new($algorithm) + + + 2009-06-09 Gisle Aas <gisle@ActiveState.com> Release 1.16. diff --git a/cpan/Digest/Digest.pm b/cpan/Digest/Digest.pm index 384dfc8266..c3355a8bd4 100644 --- a/cpan/Digest/Digest.pm +++ b/cpan/Digest/Digest.pm @@ -3,7 +3,7 @@ package Digest; use strict; use vars qw($VERSION %MMAP $AUTOLOAD); -$VERSION = "1.16"; +$VERSION = "1.17"; %MMAP = ( "SHA-1" => [["Digest::SHA", 1], "Digest::SHA1", ["Digest::SHA2", 1]], @@ -16,7 +16,7 @@ $VERSION = "1.16"; "CRC-16" => [["Digest::CRC", type => "crc16"]], "CRC-32" => [["Digest::CRC", type => "crc32"]], "CRC-CCITT" => [["Digest::CRC", type => "crcccitt"]], - "RIPEMD-160" => "Crypt::PIPEMD160", + "RIPEMD-160" => "Crypt::RIPEMD160", ); sub new @@ -24,24 +24,27 @@ sub new shift; # class ignored my $algorithm = shift; my $impl = $MMAP{$algorithm} || do { - $algorithm =~ s/\W+//; - "Digest::$algorithm"; + $algorithm =~ s/\W+//g; + "Digest::$algorithm"; }; $impl = [$impl] unless ref($impl); + local $@; # don't clobber it for our caller my $err; for (@$impl) { - my $class = $_; - my @args; - ($class, @args) = @$class if ref($class); - no strict 'refs'; - unless (exists ${"$class\::"}{"VERSION"}) { - eval "require $class"; - if ($@) { - $err ||= $@; - next; - } - } - return $class->new(@args, @_); + my $class = $_; + my @args; + ($class, @args) = @$class if ref($class); + no strict 'refs'; + unless (exists ${"$class\::"}{"VERSION"}) { + my $pm_file = $class . ".pm"; + $pm_file =~ s{::}{/}g; + eval { require $pm_file }; + if ($@) { + $err ||= $@; + next; + } + } + return $class->new(@args, @_); } die $err; } diff --git a/cpan/Digest/t/base.t b/cpan/Digest/t/base.t index b2614f79e0..bd87a5dda7 100644 --- a/cpan/Digest/t/base.t +++ b/cpan/Digest/t/base.t @@ -1,7 +1,6 @@ #!perl -w -use Test qw(plan ok); -plan tests => 12; +use Test::More tests => 12; { package LenDigest; @@ -31,26 +30,26 @@ plan tests => 12; } my $ctx = LenDigest->new; -ok($ctx->digest, "X0000"); +is($ctx->digest, "X0000"); my $EBCDIC = ord('A') == 193; if ($EBCDIC) { - ok($ctx->hexdigest, "e7f0f0f0f0"); - ok($ctx->b64digest, "5/Dw8PA"); + is($ctx->hexdigest, "e7f0f0f0f0"); + is($ctx->b64digest, "5/Dw8PA"); } else { - ok($ctx->hexdigest, "5830303030"); - ok($ctx->b64digest, "WDAwMDA"); + is($ctx->hexdigest, "5830303030"); + is($ctx->b64digest, "WDAwMDA"); } $ctx->add("foo"); -ok($ctx->digest, "f0003"); +is($ctx->digest, "f0003"); $ctx->add("foo"); -ok($ctx->hexdigest, $EBCDIC ? "86f0f0f0f3" : "6630303033"); +is($ctx->hexdigest, $EBCDIC ? "86f0f0f0f3" : "6630303033"); $ctx->add("foo"); -ok($ctx->b64digest, $EBCDIC ? "hvDw8PM" : "ZjAwMDM"); +is($ctx->b64digest, $EBCDIC ? "hvDw8PM" : "ZjAwMDM"); open(F, ">xxtest$$") || die; binmode(F); @@ -62,23 +61,23 @@ $ctx->addfile(*F); close(F); unlink("xxtest$$") || warn; -ok($ctx->digest, "a0301"); +is($ctx->digest, "a0301"); eval { $ctx->add_bits("1010"); }; -ok($@ =~ /^Number of bits must be multiple of 8/); +like($@, '/^Number of bits must be multiple of 8/'); $ctx->add_bits($EBCDIC ? "11100100" : "01010101"); -ok($ctx->digest, "U0001"); +is($ctx->digest, "U0001"); eval { $ctx->add_bits("abc", 12); }; -ok($@ =~ /^Number of bits must be multiple of 8/); +like($@, '/^Number of bits must be multiple of 8/'); $ctx->add_bits("abc", 16); -ok($ctx->digest, "a0002"); +is($ctx->digest, "a0002"); $ctx->add_bits("abc", 32); -ok($ctx->digest, "a0003"); +is($ctx->digest, "a0003"); diff --git a/cpan/Digest/t/digest.t b/cpan/Digest/t/digest.t index c5da8f02c8..81260277f4 100644 --- a/cpan/Digest/t/digest.t +++ b/cpan/Digest/t/digest.t @@ -1,36 +1,22 @@ -print "1..3\n"; +#!/usr/bin/env perl -use Digest; - -{ - package Digest::Dummy; - use vars qw($VERSION @ISA); - $VERSION = 1; +use strict; +use Test::More tests => 4; - require Digest::base; - @ISA = qw(Digest::base); +# To find Digest::Dummy +use lib 't/lib'; - sub new { - my $class = shift; - my $d = shift || "ooo"; - bless { d => $d }, $class; - } - sub add {} - sub digest { shift->{d} } -} +use Digest; +$@ = "rt#50663"; my $d; $d = Digest->new("Dummy"); -print "not " unless $d->digest eq "ooo"; -print "ok 1\n"; +is $@, "rt#50663"; +is $d->digest, "ooo"; $d = Digest->Dummy; -print "not " unless $d->digest eq "ooo"; -print "ok 2\n"; +is $d->digest, "ooo"; $Digest::MMAP{"Dummy-24"} = [["NotThere"], "NotThereEither", ["Digest::Dummy", 24]]; $d = Digest->new("Dummy-24"); -print "not " unless $d->digest eq "24"; -print "ok 3\n"; - - +is $d->digest, "24"; diff --git a/cpan/Digest/t/file.t b/cpan/Digest/t/file.t index f431a385a5..79f32deffe 100644 --- a/cpan/Digest/t/file.t +++ b/cpan/Digest/t/file.t @@ -1,7 +1,6 @@ #!perl -w -use Test qw(plan ok); -plan tests => 5; +use Test::More tests => 5; { package Digest::Foo; @@ -36,17 +35,17 @@ binmode(F); print F "foo\0\n"; close(F) || die "Can't write '$file': $!"; -ok(digest_file($file, "Foo"), "0005"); +is(digest_file($file, "Foo"), "0005"); if (ord('A') == 193) { # EBCDIC. - ok(digest_file_hex($file, "Foo"), "f0f0f0f5"); - ok(digest_file_base64($file, "Foo"), "8PDw9Q"); + is(digest_file_hex($file, "Foo"), "f0f0f0f5"); + is(digest_file_base64($file, "Foo"), "8PDw9Q"); } else { - ok(digest_file_hex($file, "Foo"), "30303035"); - ok(digest_file_base64($file, "Foo"), "MDAwNQ"); + is(digest_file_hex($file, "Foo"), "30303035"); + is(digest_file_base64($file, "Foo"), "MDAwNQ"); } unlink($file) || warn "Can't unlink '$file': $!"; -ok(eval { digest_file("not-there.txt", "Foo") }, undef); -ok($@); +ok !eval { digest_file("not-there.txt", "Foo") }; +ok $@; diff --git a/cpan/Digest/t/lib/Digest/Dummy.pm b/cpan/Digest/t/lib/Digest/Dummy.pm new file mode 100644 index 0000000000..b3db0db2a9 --- /dev/null +++ b/cpan/Digest/t/lib/Digest/Dummy.pm @@ -0,0 +1,20 @@ +package Digest::Dummy; + +use strict; +use vars qw($VERSION @ISA); +$VERSION = 1; + +require Digest::base; +@ISA = qw(Digest::base); + +sub new { + my $class = shift; + my $d = shift || "ooo"; + bless { d => $d }, $class; +} + +sub add {} +sub digest { shift->{d} } + +1; + diff --git a/cpan/Digest/t/security.t b/cpan/Digest/t/security.t new file mode 100644 index 0000000000..5cba122b22 --- /dev/null +++ b/cpan/Digest/t/security.t @@ -0,0 +1,14 @@ +#!/usr/bin/env perl + +# Digest->new() had an exploitable eval + +use strict; +use warnings; + +use Test::More tests => 1; + +use Digest; + +$LOL::PWNED = 0; +eval { Digest->new(q[MD;5;$LOL::PWNED = 42]) }; +is $LOL::PWNED, 0; |