Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-gfx/blender/files/blender-2.49b-CVE-2009-3850-v3.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-gfx/blender/files/blender-2.49b-CVE-2009-3850-v3.patch')
-rw-r--r--media-gfx/blender/files/blender-2.49b-CVE-2009-3850-v3.patch105
1 files changed, 105 insertions, 0 deletions
diff --git a/media-gfx/blender/files/blender-2.49b-CVE-2009-3850-v3.patch b/media-gfx/blender/files/blender-2.49b-CVE-2009-3850-v3.patch
new file mode 100644
index 0000000..9cf17a5
--- /dev/null
+++ b/media-gfx/blender/files/blender-2.49b-CVE-2009-3850-v3.patch
@@ -0,0 +1,105 @@
+From 072e11130a2f96642972b0d4ac7ad2a9cd19fbf2 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Wed, 20 Apr 2011 16:42:17 +0200
+Subject: [PATCH] Flip default of "Auto Run Python Scripts" to disabled
+ (CVE-2009-3850)
+
+Manual overriding through new parameter -666 is supported
+---
+ source/blender/blenkernel/intern/blender.c | 11 ++++++++++-
+ source/blender/python/api2_2x/sceneRender.c | 3 ++-
+ source/creator/creator.c | 14 ++++++++++----
+ 3 files changed, 22 insertions(+), 6 deletions(-)
+
+diff --git a/source/blender/blenkernel/intern/blender.c b/source/blender/blenkernel/intern/blender.c
+index bf208c8..029b7cf 100644
+--- a/source/blender/blenkernel/intern/blender.c
++++ b/source/blender/blenkernel/intern/blender.c
+@@ -388,7 +388,16 @@ static void setup_app_data(BlendFileData *bfd, char *filename)
+ if (G.f & G_DEBUG) bfd->globalf |= G_DEBUG;
+ else bfd->globalf &= ~G_DEBUG;
+
+- if ((U.flag & USER_DONT_DOSCRIPTLINKS)) bfd->globalf &= ~G_DOSCRIPTLINKS;
++ if (G.f & G_DOSCRIPTLINKS) {
++ /* Blender running in -666 mode */
++ /* NOTE: In background mode U.flag has not been initialized from ~/.B.blend */
++ if (! G.background && (U.flag & USER_DONT_DOSCRIPTLINKS))
++ /* Prefer disabled "Auto Run Python Scripts" over -666 */
++ bfd->globalf &= ~G_DOSCRIPTLINKS;
++ } else {
++ /* Blender NOT running in -666 mode, deny pulling G_DOSCRIPTLINKS in */
++ bfd->globalf &= ~G_DOSCRIPTLINKS;
++ }
+
+ G.f= bfd->globalf;
+
+diff --git a/source/blender/python/api2_2x/sceneRender.c b/source/blender/python/api2_2x/sceneRender.c
+index 1bf2b75..e34a361 100644
+--- a/source/blender/python/api2_2x/sceneRender.c
++++ b/source/blender/python/api2_2x/sceneRender.c
+@@ -498,7 +498,8 @@ static PyObject *RenderData_Render( BPy_RenderData * self )
+
+ RE_BlenderFrame(re, G.scene, G.scene->r.cfra);
+
+- BPY_do_all_scripts(SCRIPT_POSTRENDER, 0);
++ if (G.f & G_DOSCRIPTLINKS)
++ BPY_do_all_scripts(SCRIPT_POSTRENDER, 0);
+
+ set_scene_bg( oldsce );
+ }
+diff --git a/source/creator/creator.c b/source/creator/creator.c
+index a562fc3..994180d 100644
+--- a/source/creator/creator.c
++++ b/source/creator/creator.c
+@@ -232,7 +232,8 @@ static void print_help(void)
+ printf (" -nojoystick\tDisable joystick support\n");
+ printf (" -noglsl\tDisable GLSL shading\n");
+ printf (" -h\t\tPrint this help text\n");
+- printf (" -y\t\tDisable automatic python script execution (scriptlinks, pydrivers, pyconstraints, pynodes)\n");
++ printf (" -666\t\tEnables automatic python script execution (scriptlinks, pydrivers, pyconstraints, pynodes)\n");
++ printf (" -y\t\tDisable automatic python script execution (scriptlinks, pydrivers, pyconstraints, pynodes) (default)\n");
+ printf (" -P <filename>\tRun the given Python script (filename or Blender Text)\n");
+ #ifdef WIN32
+ printf (" -R\t\tRegister .blend extension\n");
+@@ -366,7 +367,7 @@ int main(int argc, char **argv)
+
+ /* first test for background */
+
+- G.f |= G_DOSCRIPTLINKS; /* script links enabled by default */
++ G.f &= ~G_DOSCRIPTLINKS; /* script links disabled by default */
+
+ for(a=1; a<argc; a++) {
+
+@@ -388,6 +389,10 @@ int main(int argc, char **argv)
+ exit(0);
+ }
+
++ if (!strcmp(argv[a], "-666")){
++ G.f |= G_DOSCRIPTLINKS;
++ }
++
+ /* Handle -* switches */
+ else if(argv[a][0] == '-') {
+ switch(argv[a][1]) {
+@@ -405,7 +410,7 @@ int main(int argc, char **argv)
+ a= argc;
+ break;
+
+- case 'y':
++ case 'y': /* NOTE: -y works the exact opposite way in version 2.57! */
+ G.f &= ~G_DOSCRIPTLINKS;
+ break;
+
+@@ -680,7 +685,8 @@ int main(int argc, char **argv)
+ #endif
+ RE_BlenderAnim(re, G.scene, frame, frame, G.scene->frame_step);
+ #ifndef DISABLE_PYTHON
+- BPY_do_all_scripts(SCRIPT_POSTRENDER, 0);
++ if (G.f & G_DOSCRIPTLINKS)
++ BPY_do_all_scripts(SCRIPT_POSTRENDER, 0);
+ #endif
+ }
+ } else {
+--
+1.7.5.rc1
+