Browse code
python2 : Fix CVE-2017-1000158
Change-Id: I564cd81c53202c7032ec589e1c9eb683c8d78ede
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/4437
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
xiaolin-vmware authored on 2017/12/06 08:22:57Showing 2 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,41 @@ |
| 0 |
+From c3c9db89273fabc62ea1b48389d9a3000c1c03ae Mon Sep 17 00:00:00 2001 |
|
| 1 |
+From: Jay Bosamiya <jaybosamiya@gmail.com> |
|
| 2 |
+Date: Sun, 18 Jun 2017 22:11:03 +0530 |
|
| 3 |
+Subject: [PATCH] [2.7] bpo-30657: Check & prevent integer overflow in |
|
| 4 |
+ PyString_DecodeEscape (#2174) |
|
| 5 |
+ |
|
| 6 |
+--- |
|
| 7 |
+ Misc/ACKS | 1 + |
|
| 8 |
+ Misc/NEWS | 3 +++ |
|
| 9 |
+ Objects/stringobject.c | 8 +++++++- |
|
| 10 |
+ 3 files changed, 11 insertions(+), 1 deletion(-) |
|
| 11 |
+ |
|
| 12 |
+diff --git a/Misc/ACKS b/Misc/ACKS |
|
| 13 |
+index 95be42717a0..a411bc5ffc8 100644 |
|
| 14 |
+--- a/Misc/ACKS |
|
| 15 |
+@@ -152,6 +152,7 @@ Gregory Bond |
|
| 16 |
+ Matias Bordese |
|
| 17 |
+ Jonas Borgström |
|
| 18 |
+ Jurjen Bos |
|
| 19 |
++Jay Bosamiya |
|
| 20 |
+ Peter Bosch |
|
| 21 |
+ Dan Boswell |
|
| 22 |
+ Eric Bouck |
|
| 23 |
+--- a/Objects/stringobject.c |
|
| 24 |
+@@ -612,7 +612,13 @@ PyObject *PyString_DecodeEscape(const char *s, |
|
| 25 |
+ char *p, *buf; |
|
| 26 |
+ const char *end; |
|
| 27 |
+ PyObject *v; |
|
| 28 |
+- Py_ssize_t newlen = recode_encoding ? 4*len:len; |
|
| 29 |
++ Py_ssize_t newlen; |
|
| 30 |
++ /* Check for integer overflow */ |
|
| 31 |
++ if (recode_encoding && (len > PY_SSIZE_T_MAX / 4)) {
|
|
| 32 |
++ PyErr_SetString(PyExc_OverflowError, "string is too large"); |
|
| 33 |
++ return NULL; |
|
| 34 |
++ } |
|
| 35 |
++ newlen = recode_encoding ? 4*len:len; |
|
| 36 |
+ v = PyString_FromStringAndSize((char *)NULL, newlen); |
|
| 37 |
+ if (v == NULL) |
|
| 38 |
+ return NULL; |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
Summary: A high-level scripting language |
| 2 | 2 |
Name: python2 |
| 3 | 3 |
Version: 2.7.13 |
| 4 |
-Release: 10%{?dist}
|
|
| 4 |
+Release: 11%{?dist}
|
|
| 5 | 5 |
License: PSF |
| 6 | 6 |
URL: http://www.python.org/ |
| 7 | 7 |
Group: System Environment/Programming |
| ... | ... |
@@ -14,6 +14,7 @@ Patch1: added-compiler-flags-for-curses-module.patch |
| 14 | 14 |
Patch2: added-pyopenssl-ipaddress-certificate-validation.patch |
| 15 | 15 |
Patch3: python2-support-photon-platform.patch |
| 16 | 16 |
Patch4: back-port-random-dot-c.patch |
| 17 |
+Patch5: python2-CVE-2017-1000158.patch |
|
| 17 | 18 |
BuildRequires: pkg-config >= 0.28 |
| 18 | 19 |
BuildRequires: bzip2-devel |
| 19 | 20 |
BuildRequires: openssl-devel |
| ... | ... |
@@ -115,6 +116,7 @@ The test package contains all regression tests for Python as well as the modules |
| 115 | 115 |
%patch2 -p1 |
| 116 | 116 |
%patch3 -p1 |
| 117 | 117 |
%patch4 -p1 |
| 118 |
+%patch5 -p1 |
|
| 118 | 119 |
|
| 119 | 120 |
%build |
| 120 | 121 |
export OPT="${CFLAGS}"
|
| ... | ... |
@@ -236,6 +238,8 @@ make test |
| 236 | 236 |
%{_libdir}/python2.7/test/*
|
| 237 | 237 |
|
| 238 | 238 |
%changelog |
| 239 |
+* Mon Dec 04 2017 Xiaolin Li <xiaolinl@vmware.com> 2.7.13-11 |
|
| 240 |
+- Fix CVE-2017-1000158 |
|
| 239 | 241 |
* Mon Sep 18 2017 Alexey Makhalov <amakhalov@vmware.com> 2.7.13-10 |
| 240 | 242 |
- Requires coreutils or toybox |
| 241 | 243 |
- Requires bzip2-libs |