From 9eb4407b6046e4cf648d9121a3c4c22192911930 Mon Sep 17 00:00:00 2001
From: Hamish Guthrie <hcg@openwrt.org>
Date: Mon, 6 Sep 2010 13:48:31 +0000
Subject: [PATCH 1/1] [packages] add package python-cjson

SVN-Revision: 22955
---
 lang/python-cjson/Makefile                    | 48 +++++++++++
 .../patches/001-unicode-buffer-overflow.patch | 79 +++++++++++++++++++
 2 files changed, 127 insertions(+)
 create mode 100644 lang/python-cjson/Makefile
 create mode 100644 lang/python-cjson/patches/001-unicode-buffer-overflow.patch

diff --git a/lang/python-cjson/Makefile b/lang/python-cjson/Makefile
new file mode 100644
index 0000000000..ce6dc2d76b
--- /dev/null
+++ b/lang/python-cjson/Makefile
@@ -0,0 +1,48 @@
+#
+# Copyright (C) 2010 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python-cjson
+PKG_VERSION:=1.0.5
+PKG_RELEASE:=1
+
+PKG_SOURCE:=python-cjson-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://pypi.python.org/packages/source/p/python-cjson/
+PKG_MD5SUM:=4d55b66ecdf0300313af9d030d9644a3
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/python-cjson-$(PKG_VERSION)
+PKG_BUILD_DEPENDS:=python
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/python-cjson
+  SUBMENU:=Python
+  SECTION:=lang
+  CATEGORY:=Languages
+  TITLE:=python-cjson
+  URL:=http://pypi.python.org/pypi/python-cjson/
+  DEPENDS:=+python
+endef
+
+define Package/python-cjson/description
+  Fast JSON encoder/decoder for Python
+endef
+
+define Build/Compile
+	$(call Build/Compile/PyMod,,install --prefix="$(PKG_INSTALL_DIR)/usr")
+endef
+
+define Package/python-cjson/install
+	$(INSTALL_DIR) $(1)$(PYTHON_PKG_DIR)
+	$(CP) \
+	    $(PKG_INSTALL_DIR)$(PYTHON_PKG_DIR)/* \
+	    $(1)$(PYTHON_PKG_DIR)
+endef
+
+$(eval $(call BuildPackage,python-cjson))
diff --git a/lang/python-cjson/patches/001-unicode-buffer-overflow.patch b/lang/python-cjson/patches/001-unicode-buffer-overflow.patch
new file mode 100644
index 0000000000..21c49946e2
--- /dev/null
+++ b/lang/python-cjson/patches/001-unicode-buffer-overflow.patch
@@ -0,0 +1,79 @@
+=== modified file 'cjson.c'
+--- a/cjson.c	2007-08-24 16:12:17 +0000
++++ b/cjson.c	2010-05-26 05:05:55 +0000
+@@ -613,6 +613,25 @@
+     char *p;
+ 
+     static const char *hexdigit = "0123456789abcdef";
++#ifdef Py_UNICODE_WIDE
++    const Py_ssize_t expandsize = 10;
++#else
++    const Py_ssize_t expandsize = 6;
++#endif
++
++    /* Initial allocation is based on the longest-possible unichr
++       escape.
++
++       In wide (UTF-32) builds '\U00xxxxxx' is 10 chars per source
++       unichr, so in this case it's the longest unichr escape. In
++       narrow (UTF-16) builds this is five chars per source unichr
++       since there are two unichrs in the surrogate pair, so in narrow
++       (UTF-16) builds it's not the longest unichr escape.
++
++       In wide or narrow builds '\uxxxx' is 6 chars per source unichr,
++       so in the narrow (UTF-16) build case it's the longest unichr
++       escape.
++    */
+ 
+     s = PyUnicode_AS_UNICODE(unicode);
+     size = PyUnicode_GET_SIZE(unicode);
+@@ -623,7 +642,7 @@
+         return NULL;
+     }
+ 
+-    repr = PyString_FromStringAndSize(NULL, 2 + 6*size + 1);
++    repr = PyString_FromStringAndSize(NULL, 2 + expandsize*size + 1);
+     if (repr == NULL)
+         return NULL;
+ 
+@@ -644,15 +663,6 @@
+ #ifdef Py_UNICODE_WIDE
+         /* Map 21-bit characters to '\U00xxxxxx' */
+         else if (ch >= 0x10000) {
+-            int offset = p - PyString_AS_STRING(repr);
+-
+-            /* Resize the string if necessary */
+-            if (offset + 12 > PyString_GET_SIZE(repr)) {
+-                if (_PyString_Resize(&repr, PyString_GET_SIZE(repr) + 100))
+-                    return NULL;
+-                p = PyString_AS_STRING(repr) + offset;
+-            }
+-
+             *p++ = '\\';
+             *p++ = 'U';
+             *p++ = hexdigit[(ch >> 28) & 0x0000000F];
+
+=== modified file 'jsontest.py'
+--- a/jsontest.py	2007-08-24 16:12:17 +0000
++++ b/jsontest.py	2010-05-26 05:05:55 +0000
+@@ -316,6 +316,18 @@
+ 
+     def testWriteLong(self):
+         self.assertEqual("12345678901234567890", cjson.encode(12345678901234567890))
++
++    def testWriteLongUnicode(self):
++        # This test causes a buffer overrun in cjson 1.0.5, on UCS4 builds.
++        # The string length is only resized for wide unicode characters if
++        # there is less than 12 bytes of space left. Padding with
++        # narrow-but-escaped characters prevents string resizing.
++        # Note that u'\U0001D11E\u1234' also breaks, but sometimes goes
++        # undetected.
++        s = cjson.encode(u'\U0001D11E\U0001D11E\U0001D11E\U0001D11E'
++                         u'\u1234\u1234\u1234\u1234\u1234\u1234')
++        self.assertEqual(r'"\U0001d11e\U0001d11e\U0001d11e\U0001d11e'
++                         r'\u1234\u1234\u1234\u1234\u1234\u1234"', s)
+         
+ def main():
+     unittest.main()
+
+
-- 
2.30.2