Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch')
-rw-r--r--media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch15
1 files changed, 15 insertions, 0 deletions
diff --git a/media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch b/media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch
new file mode 100644
index 0000000..3162a0d
--- /dev/null
+++ b/media-gfx/blender/files/blender-2.48a-CVE-2008-4863.patch
@@ -0,0 +1,15 @@
+diff -up blender-2.48a/source/blender/python/BPY_interface.c.cve blender-2.48a/source/blender/python/BPY_interface.c
+--- blender-2.48a/source/blender/python/BPY_interface.c.cve 2008-11-03 17:31:19.000000000 +0100
++++ blender-2.48a/source/blender/python/BPY_interface.c 2008-11-03 17:35:01.000000000 +0100
+@@ -225,6 +225,11 @@ void BPY_start_python( int argc, char **
+ Py_Initialize( );
+
+ PySys_SetArgv( argc_copy, argv_copy );
++
++ /* Sanitize sys.path to prevent relative imports loading modules in
++ the current working directory */
++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
++
+ /* Initialize thread support (also acquires lock) */
+ PyEval_InitThreads();
+