diff options
author | Narpat Mali <narpat.mali@windriver.com> | 2023-06-29 16:36:08 +0000 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2023-07-02 11:19:31 -0400 |
commit | d8acec2e848b2146e43df1c11d0bdbb118eba9d9 (patch) | |
tree | 5e6143648948600c7ef096ce0fe212559b93be04 /meta-python/recipes-devtools/python/python3-werkzeug/CVE-2023-23934.patch | |
parent | 297bc1cc64b13794468eceec3f6a934a6716e59b (diff) | |
download | meta-openembedded-contrib-d8acec2e848b2146e43df1c11d0bdbb118eba9d9.tar.gz |
python3-werkzeug: fix for patch-fuzz
Modified the CVE-2023-23934.patch to fix the patch-fuzz.
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-werkzeug/CVE-2023-23934.patch')
-rw-r--r-- | meta-python/recipes-devtools/python/python3-werkzeug/CVE-2023-23934.patch | 35 |
1 files changed, 18 insertions, 17 deletions
diff --git a/meta-python/recipes-devtools/python/python3-werkzeug/CVE-2023-23934.patch b/meta-python/recipes-devtools/python/python3-werkzeug/CVE-2023-23934.patch index 0be97d2888..3a0f4324a1 100644 --- a/meta-python/recipes-devtools/python/python3-werkzeug/CVE-2023-23934.patch +++ b/meta-python/recipes-devtools/python/python3-werkzeug/CVE-2023-23934.patch @@ -1,4 +1,4 @@ -From b070a40ebbd89d88f4d8144a6ece017d33604d00 Mon Sep 17 00:00:00 2001 +From db1457abec7fe27148673f5f8bfdf5c52eb7f29f Mon Sep 17 00:00:00 2001 From: David Lord <davidism@gmail.com> Date: Wed, 10 May 2023 11:33:18 +0000 Subject: [PATCH] Merge pull request from GHSA-px8h-6qxv-m22q @@ -17,26 +17,26 @@ Upstream-Status: Backport [https://github.com/pallets/werkzeug/commit/cf275f42ac Signed-off-by: Narpat Mali <narpat.mali@windriver.com> --- - CHANGES.rst | 4 ++++ + CHANGES.rst | 3 +++ src/werkzeug/_internal.py | 13 +++++++++---- src/werkzeug/http.py | 4 ---- tests/test_http.py | 4 +++- - 4 files changed, 16 insertions(+), 9 deletions(-) + 4 files changed, 15 insertions(+), 9 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst -index a351d7c..23505d3 100644 +index 6e809ba..13ef75b 100644 --- a/CHANGES.rst +++ b/CHANGES.rst -@@ -1,5 +1,9 @@ - .. currentmodule:: werkzeug - +@@ -4,6 +4,9 @@ + ``RequestEntityTooLarge`` exception is raised on parsing. This mitigates a DoS + attack where a larger number of form/file parts would result in disproportionate + resource use. +- A cookie header that starts with ``=`` is treated as an empty key and discarded, + rather than stripping the leading ``==``. + -+ + Version 2.1.1 ------------- - diff --git a/src/werkzeug/_internal.py b/src/werkzeug/_internal.py index a8b3523..d6290ba 100644 --- a/src/werkzeug/_internal.py @@ -55,14 +55,14 @@ index a8b3523..d6290ba 100644 i = 0 n = len(b) + b += b";" - + while i < n: - match = _cookie_re.search(b + b";", i) + match = _cookie_re.match(b, i) + if not match: break - + - key = match.group("key").strip() - value = match.group("val") or b"" i = match.end(0) @@ -70,11 +70,11 @@ index a8b3523..d6290ba 100644 + + if not key: + continue - + + value = match.group("val") or b"" yield key, _cookie_unquote(value) - - + + diff --git a/src/werkzeug/http.py b/src/werkzeug/http.py index 9369900..ae133e3 100644 --- a/src/werkzeug/http.py @@ -89,7 +89,7 @@ index 9369900..ae133e3 100644 - val_str = _to_str(val, charset, errors, allow_none_charset=True) yield key_str, val_str - + diff --git a/tests/test_http.py b/tests/test_http.py index 5936bfa..59cc179 100644 --- a/tests/test_http.py @@ -110,7 +110,8 @@ index 5936bfa..59cc179 100644 '"__Secure-c"': "d", + "__Host-eq": "good", } - + def test_dump_cookie(self): --- +-- 2.40.0 + |