Bug#998247: marked as done (bullseye-pu: package libencode-perl/3.08-1+deb11u2)

Sat, 18 Dec 2021 03:41:30 -0800 

Your message dated Sat, 18 Dec 2021 11:36:17 +0000
with message-id 
<f35b13da0620aab462a587a3d6f06f29a527c6c9.ca...@adam-barratt.org.uk>
and subject line Closing p-u requests for changes included in 11.2
has caused the Debian Bug report #998247,
regarding bullseye-pu: package libencode-perl/3.08-1+deb11u2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
998247: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998247
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: debian-p...@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I've uploaded libencode-perl/3.08-1+deb11u2 to bullseye.

It fixes a memory leak with a patch backported from newer upstream
releases which is already in unstable.

Bug: https://rt.cpan.org/Ticket/Display.html?id=139622
Bug-Debian: #995804

Complete debdiff attached.


Cheers,
gregor

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEE0eExbpOnYKgQTYX6uzpoAYZJqgYFAmGABmVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEQx
RTEzMTZFOTNBNzYwQTgxMDREODVGQUJCM0E2ODAxODY0OUFBMDYACgkQuzpoAYZJ
qgbVRQ/+IG3HcRjqmmdwdLJEEuLrtYGTjWTFnEt9Dv4OuMUgJYBNqk0UPxTzvacE
V77Gqt/0A8hadc/LZ8i9roj07swpViKrcmn4OIhQ00KrKMykdvSku7gn9UfkeC/4
GNwozyaS+frn1jQh92zdNyiyyEFbc+MIVBCJBs09nD7DJDdOsXJD6aAkSvAK+MYs
sVnvUA8Z/eZwdTdVbqnGTAJFR0645KLmuJ43eb38kR+izp5M++K1GyGSJBzlI7ZE
PowBCZ/nUbwhOMZ8gq0KDq7TwnIH77sDgGieUCTdEj/A6BPSR5zfBGC93DGWhPgJ
fZsyRa4R0HcTYcZig9xfQTrY6gAG+7RiVpAi3JxW6Jub7Egia/KNsPketkUNk3CU
g3pep3jVxS8YgD0XepeTbg5+o1zSMpzv7KY1L1in3T/AzER9fk6TF8uuKvQQlRF4
kr8OUbLUE3H4CZB6c48n1gLIT2JQslgGRof/RE/6WSlsDbCREppym08/P1FnngYC
Hqebq/D3aw8JPfaaipUgT1bpB3LM/rTNUuJBGZMepQp2LVpB9lq8PFCQAiaiY17c
kH739P6Wyc6a/DGzm+2h34+3I0SHczORnXf3OjV3zoTovwkKcbhZi68l9zGm4SuZ
4e5/hVKjFxGWWGrOBopSeZ0A8sIl9aOKAYs1Jhsoeo4dQGM3vM8=
=2XB1
-----END PGP SIGNATURE-----

diff -Nru libencode-perl-3.08/debian/changelog 
libencode-perl-3.08/debian/changelog
--- libencode-perl-3.08/debian/changelog        2021-08-06 20:49:32.000000000 
+0200
+++ libencode-perl-3.08/debian/changelog        2021-11-01 16:15:54.000000000 
+0100
@@ -1,3 +1,13 @@
+libencode-perl (3.08-1+deb11u2) bullseye; urgency=medium
+
+  * Fix memory leak.
+    Add patch rt_139622_memory-leak.patch, taken from upstream releases 3.13,
+    3.14, 3.15 to fix a memory leak in Encode.xs.
+    Cf. https://rt.cpan.org/Ticket/Display.html?id=139622
+    (Closes: #995804)
+
+ -- gregor herrmann <gre...@debian.org>  Mon, 01 Nov 2021 16:15:54 +0100
+
 libencode-perl (3.08-1+deb11u1) bullseye-security; urgency=high
 
   * [SECURITY] CVE-2021-36770: Encode loading code from working directory
diff -Nru libencode-perl-3.08/debian/patches/rt_139622_memory-leak.patch 
libencode-perl-3.08/debian/patches/rt_139622_memory-leak.patch
--- libencode-perl-3.08/debian/patches/rt_139622_memory-leak.patch      
1970-01-01 01:00:00.000000000 +0100
+++ libencode-perl-3.08/debian/patches/rt_139622_memory-leak.patch      
2021-11-01 16:15:54.000000000 +0100
@@ -0,0 +1,82 @@
+Description: Fix memory leak
+Origin: upstream releases 3.13, 3.14, 3.15
+Bug-Debian: https://bugs.debian.org/995804
+Bug: https://rt.cpan.org/Ticket/Display.html?id=139622
+Reviewed-by: gregor herrmann <gre...@debian.org>
+Last-Update: 2021-11-01
+
+--- a/Encode.xs
++++ b/Encode.xs
+@@ -154,7 +154,7 @@ encode_method(pTHX_ const encode_t * enc
+     STRLEN sdone = 0;
+     /* We allocate slen+1.
+        PerlIO dumps core if this value is smaller than this. */
+-    SV *dst = newSV(slen+1);
++    SV *dst = sv_2mortal(newSV(slen+1));
+     U8 *d = (U8 *)SvPVX(dst);
+     STRLEN dlen = SvLEN(dst)-1;
+     int code = 0;
+@@ -810,13 +810,12 @@ CODE:
+     tmp = encode_method(aTHX_ enc, enc->t_utf8, src, s, slen, check,
+                 &offset, term, &code, fallback_cb);
+     sv_catsv(dst, tmp);
+-    SvREFCNT_dec(tmp);
+     SvIV_set(off, (IV)offset);
+     RETVAL = (code == ENCODE_FOUND_TERM);
+ OUTPUT:
+     RETVAL
+ 
+-SV *
++void
+ Method_decode(obj,src,check_sv = &PL_sv_no)
+ SV *  obj
+ SV *  src
+@@ -828,6 +827,7 @@ PREINIT:
+     encode_t *enc;
+     U8 *s;
+     STRLEN slen;
++    SV *ret;
+ INIT:
+     SvGETMAGIC(src);
+     SvGETMAGIC(check_sv);
+@@ -841,13 +841,13 @@ CODE:
+     s = modify ? (U8 *)SvPV_force_nomg(src, slen) : (U8 *)SvPV_nomg(src, 
slen);
+     if (SvUTF8(src))
+         utf8_safe_downgrade(aTHX_ &src, &s, &slen, modify);
+-    RETVAL = encode_method(aTHX_ enc, enc->t_utf8, src, s, slen, check,
++    ret = encode_method(aTHX_ enc, enc->t_utf8, src, s, slen, check,
+               NULL, Nullsv, NULL, fallback_cb);
+-    SvUTF8_on(RETVAL);
+-OUTPUT:
+-    RETVAL
++    SvUTF8_on(ret);
++    ST(0) = ret;
++    XSRETURN(1);
+ 
+-SV *
++void
+ Method_encode(obj,src,check_sv = &PL_sv_no)
+ SV *  obj
+ SV *  src
+@@ -859,6 +859,7 @@ PREINIT:
+     encode_t *enc;
+     U8 *s;
+     STRLEN slen;
++    SV *ret;
+ INIT:
+     SvGETMAGIC(src);
+     SvGETMAGIC(check_sv);
+@@ -872,10 +873,10 @@ CODE:
+     s = modify ? (U8 *)SvPV_force_nomg(src, slen) : (U8 *)SvPV_nomg(src, 
slen);
+     if (!SvUTF8(src))
+         utf8_safe_upgrade(aTHX_ &src, &s, &slen, modify);
+-    RETVAL = encode_method(aTHX_ enc, enc->f_utf8, src, s, slen, check,
++    ret = encode_method(aTHX_ enc, enc->f_utf8, src, s, slen, check,
+               NULL, Nullsv, NULL, fallback_cb);
+-OUTPUT:
+-    RETVAL
++    ST(0) = ret;
++    XSRETURN(1);
+ 
+ bool
+ Method_needs_lines(obj)
diff -Nru libencode-perl-3.08/debian/patches/series 
libencode-perl-3.08/debian/patches/series
--- libencode-perl-3.08/debian/patches/series   2021-08-06 20:49:32.000000000 
+0200
+++ libencode-perl-3.08/debian/patches/series   2021-11-01 16:15:54.000000000 
+0100
@@ -1 +1,2 @@
 0001-mitigate-INC-pollution-when-loading-ConfigLocal.patch
+rt_139622_memory-leak.patch

--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 11.2

Hi,

All of the updates referred to by these bugs were included in this
morning's bullseye point release.

Regards,

Adam

--- End Message ---

Reply via email to