Fixed buffer overflow (upstream patch)
Resolves: rhbz#1062375
This commit is contained in:
parent
01c16031a5
commit
645b355bed
|
@ -0,0 +1,43 @@
|
|||
|
||||
# HG changeset patch
|
||||
# User Benjamin Peterson <benjamin@python.org>
|
||||
# Date 1389671978 18000
|
||||
# Node ID 87673659d8f7ba1623cd4914f09ad3d2ade034e9
|
||||
# Parent 2631d33ee7fbd5f0288931ef37872218d511d2e8
|
||||
complain when nbytes > buflen to fix possible buffer overflow (closes #20246)
|
||||
|
||||
diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py
|
||||
--- a/Lib/test/test_socket.py
|
||||
+++ b/Lib/test/test_socket.py
|
||||
@@ -1620,6 +1620,16 @@ class BufferIOTest(SocketConnectedTest):
|
||||
|
||||
_testRecvFromIntoMemoryview = _testRecvFromIntoArray
|
||||
|
||||
+ def testRecvFromIntoSmallBuffer(self):
|
||||
+ # See issue #20246.
|
||||
+ buf = bytearray(8)
|
||||
+ self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024)
|
||||
+
|
||||
+ def _testRecvFromIntoSmallBuffer(self):
|
||||
+ with test_support.check_py3k_warnings():
|
||||
+ buf = buffer(MSG*2048)
|
||||
+ self.serv_conn.send(buf)
|
||||
+
|
||||
|
||||
TIPC_STYPE = 2000
|
||||
TIPC_LOWER = 200
|
||||
diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
|
||||
--- a/Modules/socketmodule.c
|
||||
+++ b/Modules/socketmodule.c
|
||||
@@ -2742,6 +2742,10 @@ sock_recvfrom_into(PySocketSockObject *s
|
||||
if (recvlen == 0) {
|
||||
/* If nbytes was not specified, use the buffer's length */
|
||||
recvlen = buflen;
|
||||
+ } else if (recvlen > buflen) {
|
||||
+ PyErr_SetString(PyExc_ValueError,
|
||||
+ "nbytes is greater than the length of the buffer");
|
||||
+ goto error;
|
||||
}
|
||||
|
||||
readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr);
|
||||
|
14
python.spec
14
python.spec
|
@ -106,7 +106,7 @@ Summary: An interpreted, interactive, object-oriented programming language
|
|||
Name: %{python}
|
||||
# Remember to also rebase python-docs when changing this:
|
||||
Version: 2.7.6
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
License: Python
|
||||
Group: Development/Languages
|
||||
Requires: %{python}-libs%{?_isa} = %{version}-%{release}
|
||||
|
@ -853,6 +853,13 @@ Patch190: 00190-get_python_version.patch
|
|||
# Disabling NOOP test as it fails without internet connection
|
||||
Patch191: 00191-disable-NOOP.patch
|
||||
|
||||
# 00192 #
|
||||
#
|
||||
# Fixing buffer overflow (upstream patch)
|
||||
# rhbz#1062375
|
||||
Patch192: 00192-buffer-overflow.patch
|
||||
|
||||
|
||||
# (New patches go here ^^^)
|
||||
#
|
||||
# When adding new patches to "python" and "python3" in Fedora 17 onwards,
|
||||
|
@ -1203,6 +1210,7 @@ mv Modules/cryptmodule.c Modules/_cryptmodule.c
|
|||
%patch189 -p1
|
||||
%patch190 -p1
|
||||
%patch191 -p1
|
||||
%patch192 -p1
|
||||
|
||||
|
||||
# This shouldn't be necesarry, but is right now (2.2a3)
|
||||
|
@ -2037,6 +2045,10 @@ rm -fr %{buildroot}
|
|||
# ======================================================
|
||||
|
||||
%changelog
|
||||
* Mon Feb 10 2014 Tomas Radej <tradej@redhat.com> - 2.7.6-3
|
||||
- Fixed buffer overflow (upstream patch)
|
||||
Resolves: rhbz#1062375
|
||||
|
||||
* Tue Feb 04 2014 Bohuslav Kabrda <bkabrda@redhat.com> - 2.7.6-2
|
||||
- Install macros in _rpmconfigdir.
|
||||
|
||||
|
|
Loading…
Reference in New Issue