rpms/python3.9
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix undefined behavior in Modules/_hashopenssl.c

Browse Source 
Backport of 59e004af63

Resolves: rhbz#1942527
This commit is contained in:
Charalampos Stratakis 2022-02-10 22:08:55 +01:00
parent c20330386e
commit c076ac88b9
2 changed files with 74 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
00329-fips.patch
View File

@ -1,7 +1,47 @@
From a6d1a09943ab05b9253eda4b3b73c8a4fe9efbf6 Mon Sep 17 00:00:00 2001
From 355e975a386b60d787b98cc4cd08b98f876ff858 Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
<31488909+miss-islington@users.noreply.github.com>
Date: Mon, 7 Feb 2022 00:08:10 -0800
Subject: [PATCH 01/11] bpo-40479: Fix undefined behavior in
Modules/_hashopenssl.c (GH-31153)
va_end() must be called before returning.
(cherry picked from commit 59e004af63742361b67d1e1ae70229ff0db1059d)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
---
.../Core and Builtins/2022-02-06-23-08-30.bpo-40479.zED3Zu.rst | 1 +
Modules/_hashopenssl.c | 1 +
2 files changed, 2 insertions(+)
create mode 100644 Misc/NEWS.d/next/Core and Builtins/2022-02-06-23-08-30.bpo-40479.zED3Zu.rst
diff --git a/Misc/NEWS.d/next/Core and Builtins/2022-02-06-23-08-30.bpo-40479.zED3Zu.rst b/Misc/NEWS.d/next/Core and Builtins/2022-02-06-23-08-30.bpo-40479.zED3Zu.rst
new file mode 100644
index 00000000000..52701d53d8f
--- /dev/null
+++ b/Misc/NEWS.d/next/Core and Builtins/2022-02-06-23-08-30.bpo-40479.zED3Zu.rst
@@ -0,0 +1 @@
+Add a missing call to ``va_end()`` in ``Modules/_hashopenssl.c``.
diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c
index a4889450821..4873bb11aa0 100644
--- a/Modules/_hashopenssl.c
+++ b/Modules/_hashopenssl.c
@@ -311,6 +311,7 @@ _setException(PyObject *exc, const char* altmsg, ...)
} else {
PyErr_FormatV(exc, altmsg, vargs);
}
+ va_end(vargs);
return NULL;
}
va_end(vargs);
--
2.34.1
From b906713972396823c9e2e04421f9dbcfdc6a6c94 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <encukou@gmail.com>
Date: Wed, 11 Aug 2021 16:51:03 +0200
Subject: [PATCH 01/10] Backport PyModule_AddObjectRef as
Subject: [PATCH 02/11] Backport PyModule_AddObjectRef as
_PyModule_AddObjectRef
Having PyModule_AddObjectRef available should make backporting
@ -77,7 +117,7 @@ index 13482c6..fca1083 100644
From c67b383ffd3ccacedacbeb91c3bdeaf5f829ca09 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <encukou@gmail.com>
Date: Fri, 13 Aug 2021 13:16:43 +0200
Subject: [PATCH 02/10] _hashopenssl: Uncomment and use initialization function
Subject: [PATCH 03/11] _hashopenssl: Uncomment and use initialization function
list
This simplifies backporting of future changes.
@ -92,7 +132,7 @@ diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c
index a488945..62cf769 100644
--- a/Modules/_hashopenssl.c
+++ b/Modules/_hashopenssl.c
@@ -2215,7 +2215,6 @@ hashlib_init_hmactype(PyObject *module)
@@ -2216,7 +2216,6 @@ hashlib_init_hmactype(PyObject *module)
return 0;
}
@ -100,7 +140,7 @@ index a488945..62cf769 100644
static PyModuleDef_Slot hashlib_slots[] = {
/* OpenSSL 1.0.2 and LibreSSL */
{Py_mod_exec, hashlib_openssl_legacy_init},
@@ -2226,7 +2225,6 @@ static PyModuleDef_Slot hashlib_slots[] = {
@@ -2227,7 +2226,6 @@ static PyModuleDef_Slot hashlib_slots[] = {
{Py_mod_exec, hashlib_md_meth_names},
{0, NULL}
};
@ -108,7 +148,7 @@ index a488945..62cf769 100644
static struct PyModuleDef _hashlibmodule = {
PyModuleDef_HEAD_INIT,
@@ -2254,29 +2252,11 @@ PyInit__hashlib(void)
@@ -2255,29 +2253,11 @@ PyInit__hashlib(void)
return NULL;
}
@ -150,7 +190,7 @@ index a488945..62cf769 100644
From c49c1416d22fffc78204d66987f40e6d17a95c01 Mon Sep 17 00:00:00 2001
From: Christian Heimes <christian@python.org>
Date: Sat, 27 Mar 2021 14:55:03 +0100
Subject: [PATCH 03/10] bpo-40645: use C implementation of HMAC (GH-24920,
Subject: [PATCH 04/11] bpo-40645: use C implementation of HMAC (GH-24920,
GH-25063, GH-26079)
This backports the feature and 2 subsequent bugfixes
@ -593,7 +633,7 @@ index 62cf769..71ac832 100644
} _hashlibstate;
static inline _hashlibstate*
@@ -419,6 +421,48 @@ py_digest_by_name(PyObject *module, const char *name, enum Py_hash_type py_ht)
@@ -420,6 +422,48 @@ py_digest_by_name(PyObject *module, const char *name, enum Py_hash_type py_ht)
return digest;
}
@ -642,7 +682,7 @@ index 62cf769..71ac832 100644
static EVPobject *
newEVPobject(PyTypeObject *type)
{
@@ -1237,7 +1281,6 @@ pbkdf2_hmac_impl(PyObject *module, const char *hash_name,
@@ -1238,7 +1282,6 @@ pbkdf2_hmac_impl(PyObject *module, const char *hash_name,
PY_EVP_MD *digest = py_digest_by_name(module, hash_name, Py_ht_pbkdf2);
if (digest == NULL) {
@ -650,7 +690,7 @@ index 62cf769..71ac832 100644
goto end;
}
@@ -1442,25 +1485,21 @@ _hashlib.hmac_digest as _hashlib_hmac_singleshot
@@ -1443,25 +1486,21 @@ _hashlib.hmac_digest as _hashlib_hmac_singleshot
key: Py_buffer
msg: Py_buffer
@ -679,7 +719,7 @@ index 62cf769..71ac832 100644
if (key->len > INT_MAX) {
PyErr_SetString(PyExc_OverflowError,
"key is too long.");
@@ -1472,7 +1511,7 @@ _hashlib_hmac_singleshot_impl(PyObject *module, Py_buffer *key,
@@ -1473,7 +1512,7 @@ _hashlib_hmac_singleshot_impl(PyObject *module, Py_buffer *key,
return NULL;
}
@ -688,7 +728,7 @@ index 62cf769..71ac832 100644
if (evp == NULL) {
return NULL;
}
@@ -1504,15 +1543,15 @@ _hashlib.hmac_new
@@ -1505,15 +1544,15 @@ _hashlib.hmac_new
key: Py_buffer
msg as msg_obj: object(c_default="NULL") = b''
@ -707,7 +747,7 @@ index 62cf769..71ac832 100644
{
PyTypeObject *type = get_hashlib_state(module)->HMACtype;
PY_EVP_MD *digest;
@@ -1526,14 +1565,14 @@ _hashlib_hmac_new_impl(PyObject *module, Py_buffer *key, PyObject *msg_obj,
@@ -1527,14 +1566,14 @@ _hashlib_hmac_new_impl(PyObject *module, Py_buffer *key, PyObject *msg_obj,
return NULL;
}
@ -725,7 +765,7 @@ index 62cf769..71ac832 100644
return NULL;
}
@@ -2105,6 +2144,8 @@ hashlib_traverse(PyObject *m, visitproc visit, void *arg)
@@ -2106,6 +2145,8 @@ hashlib_traverse(PyObject *m, visitproc visit, void *arg)
#ifdef PY_OPENSSL_HAS_SHAKE
Py_VISIT(state->EVPXOFtype);
#endif
@ -734,7 +774,7 @@ index 62cf769..71ac832 100644
return 0;
}
@@ -2117,10 +2158,14 @@ hashlib_clear(PyObject *m)
@@ -2118,10 +2159,14 @@ hashlib_clear(PyObject *m)
#ifdef PY_OPENSSL_HAS_SHAKE
Py_CLEAR(state->EVPXOFtype);
#endif
@ -749,7 +789,7 @@ index 62cf769..71ac832 100644
return 0;
}
@@ -2215,6 +2260,79 @@ hashlib_init_hmactype(PyObject *module)
@@ -2216,6 +2261,79 @@ hashlib_init_hmactype(PyObject *module)
return 0;
}
@ -829,7 +869,7 @@ index 62cf769..71ac832 100644
static PyModuleDef_Slot hashlib_slots[] = {
/* OpenSSL 1.0.2 and LibreSSL */
{Py_mod_exec, hashlib_openssl_legacy_init},
@@ -2223,6 +2341,8 @@ static PyModuleDef_Slot hashlib_slots[] = {
@@ -2224,6 +2342,8 @@ static PyModuleDef_Slot hashlib_slots[] = {
{Py_mod_exec, hashlib_init_evpxoftype},
{Py_mod_exec, hashlib_init_hmactype},
{Py_mod_exec, hashlib_md_meth_names},
@ -933,7 +973,7 @@ index 68aa765..4466ec4 100644
From f7ce31ebf3200952dadff556bfcbf2876139c823 Mon Sep 17 00:00:00 2001
From: Charalampos Stratakis <cstratak@redhat.com>
Date: Thu, 12 Dec 2019 16:58:31 +0100
Subject: [PATCH 04/10] Expose blake2b and blake2s hashes from OpenSSL
Subject: [PATCH 05/11] Expose blake2b and blake2s hashes from OpenSSL
These aren't as powerful as Python's own implementation, but they can be
used under FIPS.
@ -964,7 +1004,7 @@ diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c
index 71ac832..0b2c65e 100644
--- a/Modules/_hashopenssl.c
+++ b/Modules/_hashopenssl.c
@@ -1137,6 +1137,41 @@ _hashlib_openssl_sha512_impl(PyObject *module, PyObject *data_obj,
@@ -1138,6 +1138,41 @@ _hashlib_openssl_sha512_impl(PyObject *module, PyObject *data_obj,
}
@ -1006,7 +1046,7 @@ index 71ac832..0b2c65e 100644
#ifdef PY_OPENSSL_HAS_SHA3
/*[clinic input]
@@ -2123,6 +2158,8 @@ static struct PyMethodDef EVP_functions[] = {
@@ -2124,6 +2159,8 @@ static struct PyMethodDef EVP_functions[] = {
_HASHLIB_OPENSSL_SHA256_METHODDEF
_HASHLIB_OPENSSL_SHA384_METHODDEF
_HASHLIB_OPENSSL_SHA512_METHODDEF
@ -1143,7 +1183,7 @@ index 4466ec4..54c22b2 100644
From b8956168975170b8e7a797b6aa23e0d356f5ebec Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Thu, 1 Aug 2019 17:57:05 +0200
Subject: [PATCH 05/10] Use a stronger hash in multiprocessing handshake
Subject: [PATCH 06/11] Use a stronger hash in multiprocessing handshake
Adapted from patch by David Malcolm,
https://bugs.python.org/issue17258
@ -1191,7 +1231,7 @@ index 510e4b5..b68f2fb 100644
From 20d86957b863e80d1f71b5681fccdb1fd16128b9 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Thu, 25 Jul 2019 17:19:06 +0200
Subject: [PATCH 06/10] Disable Python's hash implementations in FIPS mode,
Subject: [PATCH 07/11] Disable Python's hash implementations in FIPS mode,
forcing OpenSSL
---
@ -1452,7 +1492,7 @@ index c6023e1..371674c 100644
From 76d17b46469d642f2acda31bb5e9e636d69fe945 Mon Sep 17 00:00:00 2001
From: Charalampos Stratakis <cstratak@redhat.com>
Date: Fri, 29 Jan 2021 14:16:21 +0100
Subject: [PATCH 07/10] Use python's fall back crypto implementations only if
Subject: [PATCH 08/11] Use python's fall back crypto implementations only if
we are not in FIPS mode
---
@ -1619,7 +1659,7 @@ index 72fdc67..ac9c057 100644
From 95c861dda1659f5bc47d56bed8d096f4debbe281 Mon Sep 17 00:00:00 2001
From: Charalampos Stratakis <cstratak@redhat.com>
Date: Wed, 31 Jul 2019 15:43:43 +0200
Subject: [PATCH 08/10] Test equivalence of hashes for the various digests with
Subject: [PATCH 09/11] Test equivalence of hashes for the various digests with
usedforsecurity=True/False
---
@ -1778,7 +1818,7 @@ index ac9c057..0aa0129 100644
From 62cf5b80d205ff6d6e719286feccca6bd6fdd862 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Mon, 26 Aug 2019 19:39:48 +0200
Subject: [PATCH 09/10] Guard against Python HMAC in FIPS mode
Subject: [PATCH 10/11] Guard against Python HMAC in FIPS mode
---
Lib/hmac.py | 13 +++++++++----
@ -1895,7 +1935,7 @@ index adf52ad..41e6a14 100644
From ff7f518d32b7f1c47f35b841da78f5869470e381 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <encukou@gmail.com>
Date: Wed, 25 Aug 2021 16:44:43 +0200
Subject: [PATCH 10/10] Disable hash-based PYCs in FIPS mode
Subject: [PATCH 11/11] Disable hash-based PYCs in FIPS mode
If FIPS mode is on, we can't use siphash-based HMAC
(_Py_KeyedHash), so:
@ -2081,7 +2121,7 @@ diff --git a/Lib/test/test_py_compile.py b/Lib/test/test_py_compile.py
index b2d3dcf..7e4b0c5 100644
--- a/Lib/test/test_py_compile.py
+++ b/Lib/test/test_py_compile.py
@@ -141,13 +141,16 @@ class PyCompileTestsBase:
@@ -139,13 +139,16 @@ class PyCompileTestsBase:
importlib.util.cache_from_source(bad_coding)))
def test_source_date_epoch(self):
@ -2099,7 +2139,7 @@ index b2d3dcf..7e4b0c5 100644
expected_flags = 0b11
else:
expected_flags = 0b00
@@ -178,7 +181,8 @@ class PyCompileTestsBase:
@@ -176,7 +179,8 @@ class PyCompileTestsBase:
# Specifying optimized bytecode should lead to a path reflecting that.
self.assertIn('opt-2', py_compile.compile(self.source_path, optimize=2))
@ -2109,7 +2149,7 @@ index b2d3dcf..7e4b0c5 100644
py_compile.compile(
self.source_path,
invalidation_mode=py_compile.PycInvalidationMode.CHECKED_HASH,
@@ -187,6 +191,9 @@ class PyCompileTestsBase:
@@ -185,6 +189,9 @@ class PyCompileTestsBase:
flags = importlib._bootstrap_external._classify_pyc(
fp.read(), 'test', {})
self.assertEqual(flags, 0b11)

6
python3.9.spec
View File

@ -17,7 +17,7 @@ URL: https://www.python.org/
#global prerel ...
%global upstream_version %{general_version}%{?prerel}
Version: %{general_version}%{?prerel:~%{prerel}}
Release: 1%{?dist}
Release: 2%{?dist}
License: Python
@ -1800,6 +1800,10 @@ CheckPython optimized
# ======================================================
%changelog
* Wed Feb 09 2022 Charalampos Stratakis <cstratak@redhat.com> - 3.9.10-2
- Fix undefined behavior in Modules/_hashopenssl.c
Resolves: rhbz#1942527
* Mon Jan 17 2022 Charalampos Stratakis <cstratak@redhat.com> - 3.9.10-1
- Update to 3.9.10
- Support OpenSSL FIPS mode