summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python/python3/CVE-2020-14422.patch
blob: 6889e46da9884daae63cbd5c01d94525514c966c (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77

From dc8ce8ead182de46584cc1ed8a8c51d48240cbd5 Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
 <31488909+miss-islington@users.noreply.github.com>
Date: Mon, 29 Jun 2020 11:12:50 -0700
Subject: [PATCH] bpo-41004: Resolve hash collisions for IPv4Interface and
 IPv6Interface (GH-21033)

The __hash__() methods of classes IPv4Interface and IPv6Interface had issue
of generating constant hash values of 32 and 128 respectively causing hash collisions.
The fix uses the hash() function to generate hash values for the objects
instead of XOR operation
(cherry picked from commit b30ee26e366bf509b7538d79bfec6c6d38d53f28)

Co-authored-by: Ravi Teja P <rvteja92@gmail.com>

Upstream-Status: Backport [https://github.com/python/cpython/commit/dc8ce8ead182de46584cc1ed8a8c51d48240cbd5]
CVE: CVE-2020-14422
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
 Lib/ipaddress.py                                     |  4 ++--
 Lib/test/test_ipaddress.py                           | 12 ++++++++++++
 .../2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst         |  1 +
 3 files changed, 15 insertions(+), 2 deletions(-)
 create mode 100644 Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst

diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py
index 873c7644081af..a3a04f7f4b309 100644
--- a/Lib/ipaddress.py
+++ b/Lib/ipaddress.py
@@ -1370,7 +1370,7 @@ def __lt__(self, other):
             return False
 
     def __hash__(self):
-        return self._ip ^ self._prefixlen ^ int(self.network.network_address)
+        return hash((self._ip, self._prefixlen, int(self.network.network_address)))
 
     __reduce__ = _IPAddressBase.__reduce__
 
@@ -2017,7 +2017,7 @@ def __lt__(self, other):
             return False
 
     def __hash__(self):
-        return self._ip ^ self._prefixlen ^ int(self.network.network_address)
+        return hash((self._ip, self._prefixlen, int(self.network.network_address)))
 
     __reduce__ = _IPAddressBase.__reduce__
 
diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py
index de77111705b69..2eba740e5e7a4 100644
--- a/Lib/test/test_ipaddress.py
+++ b/Lib/test/test_ipaddress.py
@@ -2053,6 +2053,18 @@ def testsixtofour(self):
                          sixtofouraddr.sixtofour)
         self.assertFalse(bad_addr.sixtofour)
 
+    # issue41004 Hash collisions in IPv4Interface and IPv6Interface
+    def testV4HashIsNotConstant(self):
+        ipv4_address1 = ipaddress.IPv4Interface("1.2.3.4")
+        ipv4_address2 = ipaddress.IPv4Interface("2.3.4.5")
+        self.assertNotEqual(ipv4_address1.__hash__(), ipv4_address2.__hash__())
+
+    # issue41004 Hash collisions in IPv4Interface and IPv6Interface
+    def testV6HashIsNotConstant(self):
+        ipv6_address1 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")
+        ipv6_address2 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")
+        self.assertNotEqual(ipv6_address1.__hash__(), ipv6_address2.__hash__())
+
 
 if __name__ == '__main__':
     unittest.main()
diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
new file mode 100644
index 0000000000000..1380b31fbe9f4
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
@@ -0,0 +1 @@
+The __hash__() methods of  ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-07 09:34:56 +0000
ption> OpenEmbedded Core user contribution treesGrokmirror user
aboutsummaryrefslogtreecommitdiffstats
path: root/meta/site/mipsel-linux
blob: 696b1beeb43c0762691607f05a82f109522e6835 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

# general
ac_cv_func_setvbuf_reversed=${ac_cv_func_setvbuf_reversed=no}

# bash
ac_cv_c_long_double=${ac_cv_c_long_double=no}
bash_cv_func_sigsetjmp=${bash_cv_func_sigsetjmp=present}

# openssh
ac_cv_have_accrights_in_msghdr=${ac_cv_have_accrights_in_msghdr=no}
ac_cv_have_broken_snprintf=${ac_cv_have_broken_snprintf=no}
ac_cv_have_control_in_msghdr=${ac_cv_have_control_in_msghdr=yes}
ac_cv_have_openpty_ctty_bug=${ac_cv_have_openpty_ctty_bug=no}
ac_cv_have_space_d_name_in_struct_dirent=${ac_cv_have_space_d_name_in_struct_dirent=yes}

# fget
compat_cv_func_snprintf_works=${compat_cv_func_snprintf_works=yes}

# glib
glib_cv___va_copy=${glib_cv___va_copy=yes}
glib_cv_has__inline=${glib_cv_has__inline=yes}
glib_cv_has__inline__=${glib_cv_has__inline__=yes}
glib_cv_hasinline=${glib_cv_hasinline=yes}
glib_cv_long_long_format=${glib_cv_long_long_format=ll}
glib_cv_rtldglobal_broken=${glib_cv_rtldglobal_broken=no}
glib_cv_sane_realloc=${glib_cv_sane_realloc=yes}
glib_cv_sizeof_gmutex=${glib_cv_sizeof_gmutex=24}
glib_cv_sizeof_system_thread=${glib_cv_sizeof_system_thread=4}
glib_cv_stack_grows=${glib_cv_stack_grows=no}
glib_cv_uscore=${glib_cv_uscore=no}

# glib-2.0
glib_cv_stack_grows=${glib_cv_stack_grows=no}
utils_cv_sys_open_max=${utils_cv_sys_open_max=1015}
glib_cv_use_pid_surrogate=${glib_cv_use_pid_surrogate=yes}

# libpcap
ac_cv_linux_vers=${ac_cv_linux_vers=2}

# startup-notification
lf_cv_sane_realloc=${lf_cv_sane_realloc=yes}

# libidl
libIDL_cv_long_long_format=${libIDL_cv_long_long_format=ll}

# ncftp
wi_cv_struct_timeval_tv_sec=${wi_cv_struct_timeval_tv_sec=long}
wi_cv_struct_timeval_tv_usec=${wi_cv_struct_timeval_tv_usec=long}
wi_cv_unix_domain_sockets=${wi_cv_unix_domain_sockets=yes}

# db
db_cv_align_t=${db_cv_align_t='unsigned long long'}
db_cv_alignp_t=${db_cv_alignp_t='unsigned long'}
db_cv_fcntl_f_setfd=${db_cv_fcntl_f_setfd=yes}
db_cv_sprintf_count=${db_cv_sprintf_count=yes}

# rrdtool
rd_cv_ieee_works=${rd_cv_ieee_works=yes}
# ac_cv_path_PERL=${ac_cv_path_PERL=no}

# gettext
am_cv_func_working_getline=${am_cv_func_working_getline=yes}

# samba
samba_cv_HAVE_GETTIMEOFDAY_TZ=${samba_cv_HAVE_GETTIMEOFDAY_TZ=yes}

# vim
ac_cv_sizeof_int=${ac_cv_sizeof_int=4}

# intercom
ac_cv_func_fnmatch_works=${ac_cv_func_fnmatch_works=yes}

#lmbench
ac_cv_uint=${ac_cv_unit=yes}

# D-BUS
ac_cv_func_posix_getpwnam_r=${ac_cv_func_posix_getpwnam_r=yes}

# evolution-data-server
ac_cv_libiconv_utf8=${ac_cv_libiconv_utf8=yes}
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-07 09:34:56 +0000