diff options
Diffstat (limited to 'meta/recipes-devtools/python/python3/CVE-2018-14647.patch')
| -rw-r--r-- | meta/recipes-devtools/python/python3/CVE-2018-14647.patch | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python3/CVE-2018-14647.patch b/meta/recipes-devtools/python/python3/CVE-2018-14647.patch new file mode 100644 index 0000000000..c1f21f826c --- /dev/null +++ b/meta/recipes-devtools/python/python3/CVE-2018-14647.patch @@ -0,0 +1,95 @@ +From 610b4b0dbaedd3099ab76acf678e9cc845d99a76 Mon Sep 17 00:00:00 2001 +From: stratakis <cstratak@redhat.com> +Date: Mon, 25 Feb 2019 22:04:09 +0100 +Subject: [PATCH] [3.5] bpo-34623: Use XML_SetHashSalt in _elementtree (#9933) + +* bpo-34623: Use XML_SetHashSalt in _elementtree (GH-9146) + +The C accelerated _elementtree module now initializes hash randomization +salt from _Py_HashSecret instead of libexpat's default CPRNG. + +Signed-off-by: Christian Heimes <christian@python.org> + +https://bugs.python.org/issue34623 +(cherry picked from commit cb5778f00ce48631c7140f33ba242496aaf7102b) + +Co-authored-by: Christian Heimes <christian@python.org> + +CVE: CVE-2018-14647 +Upstream-Status: Backport +[https://github.com/python/cpython/commit/41b48e71ac8a71f56694b548f118bd20ce203410] + +Signed-off-by: Dan Tran <dantran@microsoft.com> +--- + Include/pyexpat.h | 4 +++- + .../next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst | 2 ++ + Modules/_elementtree.c | 5 +++++ + Modules/pyexpat.c | 5 +++++ + 4 files changed, 15 insertions(+), 1 deletion(-) + create mode 100644 Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst + +diff --git a/Include/pyexpat.h b/Include/pyexpat.h +index 44259bf6d7..07020b5dc9 100644 +--- a/Include/pyexpat.h ++++ b/Include/pyexpat.h +@@ -3,7 +3,7 @@ + + /* note: you must import expat.h before importing this module! */ + +-#define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.0" ++#define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.1" + #define PyExpat_CAPSULE_NAME "pyexpat.expat_CAPI" + + struct PyExpat_CAPI +@@ -48,6 +48,8 @@ struct PyExpat_CAPI + enum XML_Status (*SetEncoding)(XML_Parser parser, const XML_Char *encoding); + int (*DefaultUnknownEncodingHandler)( + void *encodingHandlerData, const XML_Char *name, XML_Encoding *info); ++ /* might be none for expat < 2.1.0 */ ++ int (*SetHashSalt)(XML_Parser parser, unsigned long hash_salt); + /* always add new stuff to the end! */ + }; + +diff --git a/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst b/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst +new file mode 100644 +index 0000000000..cbaa4b7506 +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst +@@ -0,0 +1,2 @@ ++CVE-2018-14647: The C accelerated _elementtree module now initializes hash ++randomization salt from _Py_HashSecret instead of libexpat's default CSPRNG. +diff --git a/Modules/_elementtree.c b/Modules/_elementtree.c +index 5dba9f70a9..90c6daf64a 100644 +--- a/Modules/_elementtree.c ++++ b/Modules/_elementtree.c +@@ -3282,6 +3282,11 @@ _elementtree_XMLParser___init___impl(XMLParserObject *self, PyObject *html, + PyErr_NoMemory(); + return -1; + } ++ /* expat < 2.1.0 has no XML_SetHashSalt() */ ++ if (EXPAT(SetHashSalt) != NULL) { ++ EXPAT(SetHashSalt)(self->parser, ++ (unsigned long)_Py_HashSecret.expat.hashsalt); ++ } + + if (target) { + Py_INCREF(target); +diff --git a/Modules/pyexpat.c b/Modules/pyexpat.c +index adc9b6cde8..948ab1b703 100644 +--- a/Modules/pyexpat.c ++++ b/Modules/pyexpat.c +@@ -1882,6 +1882,11 @@ MODULE_INITFUNC(void) + capi.SetStartDoctypeDeclHandler = XML_SetStartDoctypeDeclHandler; + capi.SetEncoding = XML_SetEncoding; + capi.DefaultUnknownEncodingHandler = PyUnknownEncodingHandler; ++#if XML_COMBINED_VERSION >= 20100 ++ capi.SetHashSalt = XML_SetHashSalt; ++#else ++ capi.SetHashSalt = NULL; ++#endif + + /* export using capsule */ + capi_object = PyCapsule_New(&capi, PyExpat_CAPSULE_NAME, NULL); +-- +2.22.0.vfs.1.1.57.gbaf16c8 + |