Sophie

Sophie

distrib > Mandriva > 2010.1 > i586 > media > contrib-updates-src > by-pkgid > f722e3fddb6bcd9335a8848a4b05a73c > files > 27

xbmc-10.1-1.pvr.2mdv2010.2.src.rpm

From 95c746509f4ec9d9028eaac7c8faf204590aebb0 Mon Sep 17 00:00:00 2001
From: Anssi Hannula <anssi.hannula@iki.fi>
Date: Sat, 13 Nov 2010 18:41:22 +0200
Subject: [PATCH 14/15] fixed: CVE-2010-3492 in internal python (Mandriva)

---
 xbmc/lib/libPython/Python/Lib/asyncore.py |   17 +++++++++++++----
 xbmc/lib/libPython/Python/Lib/smtpd.py    |    3 +--
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/xbmc/lib/libPython/Python/Lib/asyncore.py b/xbmc/lib/libPython/Python/Lib/asyncore.py
index a2387a1..2bc9038 100644
--- a/xbmc/lib/libPython/Python/Lib/asyncore.py
+++ b/xbmc/lib/libPython/Python/Lib/asyncore.py
@@ -320,12 +320,15 @@ class dispatcher:
         # XXX can return either an address pair or None
         try:
             conn, addr = self.socket.accept()
-            return conn, addr
+        except TypeError:
+            return None
         except socket.error, why:
-            if why[0] == EWOULDBLOCK:
-                pass
+            if why[0] in (EWOULDBLOCK, ECONNABORTED):
+                return None
             else:
                 raise
+        else:
+            return conn, addr
 
     def send(self, data):
         try:
@@ -433,7 +436,13 @@ class dispatcher:
         self.log_info('unhandled connect event', 'warning')
 
     def handle_accept(self):
-        self.log_info('unhandled accept event', 'warning')
+        pair = self.accept()
+        if pair is not None:
+            self.handle_accepted(*pair)
+
+    def handle_accepted(self, sock, addr):
+        sock.close()
+        self.log_info('unhandled accepted event', 'warning')
 
     def handle_close(self):
         self.log_info('unhandled close event', 'warning')
diff --git a/xbmc/lib/libPython/Python/Lib/smtpd.py b/xbmc/lib/libPython/Python/Lib/smtpd.py
index c656ec7..83596a4 100755
--- a/xbmc/lib/libPython/Python/Lib/smtpd.py
+++ b/xbmc/lib/libPython/Python/Lib/smtpd.py
@@ -284,8 +284,7 @@ class SMTPServer(asyncore.dispatcher):
             self.__class__.__name__, time.ctime(time.time()),
             localaddr, remoteaddr)
 
-    def handle_accept(self):
-        conn, addr = self.accept()
+    def handle_accepted(self, conn, addr):
         print >> DEBUGSTREAM, 'Incoming connection from %s' % repr(addr)
         channel = SMTPChannel(self, conn, addr)
 
-- 
1.7.3

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional