Fixed buffer overflow (upstream patch)
Resolves: rhbz#1062374
This commit is contained in:
parent
0d234b4d44
commit
b9079fb0c1
42
00192-buffer-overflow.patch
Normal file
42
00192-buffer-overflow.patch
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
|
||||||
|
# HG changeset patch
|
||||||
|
# User Benjamin Peterson <benjamin@python.org>
|
||||||
|
# Date 1389672775 18000
|
||||||
|
# Node ID 7f176a45211ff3cb85a2fbdc75f7979d642bb563
|
||||||
|
# Parent ed1c27b68068c942c6e845bdf8e987e963d50920# Parent 9c56217e5c793685eeaf0ee224848c402bdf1e4c
|
||||||
|
merge 3.2 (#20246)
|
||||||
|
|
||||||
|
diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py
|
||||||
|
--- a/Lib/test/test_socket.py
|
||||||
|
+++ b/Lib/test/test_socket.py
|
||||||
|
@@ -4538,6 +4538,14 @@ class BufferIOTest(SocketConnectedTest):
|
||||||
|
|
||||||
|
_testRecvFromIntoMemoryview = _testRecvFromIntoArray
|
||||||
|
|
||||||
|
+ def testRecvFromIntoSmallBuffer(self):
|
||||||
|
+ # See issue #20246.
|
||||||
|
+ buf = bytearray(8)
|
||||||
|
+ self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024)
|
||||||
|
+
|
||||||
|
+ def _testRecvFromIntoSmallBuffer(self):
|
||||||
|
+ self.serv_conn.send(MSG*2048)
|
||||||
|
+
|
||||||
|
|
||||||
|
TIPC_STYPE = 2000
|
||||||
|
TIPC_LOWER = 200
|
||||||
|
diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
|
||||||
|
--- a/Modules/socketmodule.c
|
||||||
|
+++ b/Modules/socketmodule.c
|
||||||
|
@@ -2935,6 +2935,11 @@ sock_recvfrom_into(PySocketSockObject *s
|
||||||
|
if (recvlen == 0) {
|
||||||
|
/* If nbytes was not specified, use the buffer's length */
|
||||||
|
recvlen = buflen;
|
||||||
|
+ } else if (recvlen > buflen) {
|
||||||
|
+ PyBuffer_Release(&pbuf);
|
||||||
|
+ PyErr_SetString(PyExc_ValueError,
|
||||||
|
+ "nbytes is greater than the length of the buffer");
|
||||||
|
+ return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
readlen = sock_recvfrom_guts(s, buf, recvlen, flags, &addr);
|
||||||
|
|
13
python3.spec
13
python3.spec
@ -126,7 +126,7 @@
|
|||||||
Summary: Version 3 of the Python programming language aka Python 3000
|
Summary: Version 3 of the Python programming language aka Python 3000
|
||||||
Name: python3
|
Name: python3
|
||||||
Version: %{pybasever}.2
|
Version: %{pybasever}.2
|
||||||
Release: 8%{?dist}
|
Release: 9%{?dist}
|
||||||
License: Python
|
License: Python
|
||||||
Group: Development/Languages
|
Group: Development/Languages
|
||||||
|
|
||||||
@ -629,6 +629,12 @@ Patch186: 00186-dont-raise-from-py_compile.patch
|
|||||||
# See http://bugs.python.org/issue17997#msg194950 for more.
|
# See http://bugs.python.org/issue17997#msg194950 for more.
|
||||||
Patch187: 00187-change-match_hostname-to-follow-RFC-6125.patch
|
Patch187: 00187-change-match_hostname-to-follow-RFC-6125.patch
|
||||||
|
|
||||||
|
# 00192 #
|
||||||
|
#
|
||||||
|
# Fixing buffer overflow (upstream patch)
|
||||||
|
# rhbz#1062375
|
||||||
|
Patch192: 00192-buffer-overflow.patch
|
||||||
|
|
||||||
|
|
||||||
# (New patches go here ^^^)
|
# (New patches go here ^^^)
|
||||||
#
|
#
|
||||||
@ -891,6 +897,7 @@ done
|
|||||||
%patch185 -p1
|
%patch185 -p1
|
||||||
%patch186 -p1
|
%patch186 -p1
|
||||||
%patch187 -p1
|
%patch187 -p1
|
||||||
|
%patch192 -p1
|
||||||
|
|
||||||
# Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there
|
# Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there
|
||||||
# are many differences between 2.6 and the Python 3 library.
|
# are many differences between 2.6 and the Python 3 library.
|
||||||
@ -1739,6 +1746,10 @@ rm -fr %{buildroot}
|
|||||||
# ======================================================
|
# ======================================================
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Feb 10 2014 Tomas Radej <tradej@redhat.com> - 3.3.2-9
|
||||||
|
- Fixed buffer overflow (upstream patch)
|
||||||
|
Resolves: rhbz#1062374
|
||||||
|
|
||||||
* Thu Nov 07 2013 Matej Stuchlik <mstuchli@redhat.com> - 3.3.2-8
|
* Thu Nov 07 2013 Matej Stuchlik <mstuchli@redhat.com> - 3.3.2-8
|
||||||
- Changed behavior of ssl.match_hostname() to follow RFC 6125 (rhbz#1023742)
|
- Changed behavior of ssl.match_hostname() to follow RFC 6125 (rhbz#1023742)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user