1 files changed, 54 insertions, 0 deletions
diff --git a/meta-python/recipes-devtools/python/python-urllib3/CVE-2020-7212.patch b/meta-python/recipes-devtools/python/python-urllib3/CVE-2020-7212.patch
new file mode 100644
index 000000000..a2bb0fb5b
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python-urllib3/CVE-2020-7212.patch
@@ -0,0 +1,54 @@
+From aff951b7a41eb5b958b32c49eaa00da02adc9c2d Mon Sep 17 00:00:00 2001
+From: Quentin Pradet <quentin.pradet@gmail.com>
+Date: Tue, 21 Jan 2020 22:32:56 +0400
+Subject: [PATCH] Optimize _encode_invalid_chars (#1787)
+Co-authored-by: Seth Michael Larson <sethmichaellarson@gmail.com>
+Upstream-Status: Backport
+[from git://github.com/urllib3/urllib3.git commit:a2697e7c6b]
+Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
+---
+ src/urllib3/util/url.py | 15 ++++++---------
+ 1 file changed, 6 insertions(+), 9 deletions(-)
+diff --git a/src/urllib3/util/url.py b/src/urllib3/util/url.py
+index 9675f74..e353937 100644
+--- a/src/urllib3/util/url.py
+++ b/src/urllib3/util/url.py
+@@ -216,18 +216,15 @@ def _encode_invalid_chars(component, allowed_chars, encoding="utf-8"):
+ 
+     component = six.ensure_text(component)
+ 
+    # Normalize existing percent-encoded bytes.
+     # Try to see if the component we're encoding is already percent-encoded
+     # so we can skip all '%' characters but still encode all others.
+-    percent_encodings = PERCENT_RE.findall(component)
+-
+-    # Normalize existing percent-encoded bytes.
+-    for enc in percent_encodings:
+-        if not enc.isupper():
+-            component = component.replace(enc, enc.upper())
+    component, percent_encodings = PERCENT_RE.subn(
+        lambda match: match.group(0).upper(), component
+    )
+ 
+     uri_bytes = component.encode("utf-8", "surrogatepass")
+-    is_percent_encoded = len(percent_encodings) == uri_bytes.count(b"%")
+-
+    is_percent_encoded = percent_encodings == uri_bytes.count(b"%")
+     encoded_component = bytearray()
+ 
+     for i in range(0, len(uri_bytes)):
+@@ -237,7 +234,7 @@ def _encode_invalid_chars(component, allowed_chars, encoding="utf-8"):
+         if (is_percent_encoded and byte == b"%") or (
+             byte_ord < 128 and byte.decode() in allowed_chars
+         ):
+-            encoded_component.extend(byte)
+            encoded_component += byte
+             continue
+         encoded_component.extend(b"%" + (hex(byte_ord)[2:].encode().zfill(2).upper()))
+ 
+-- 
+2.23.0

diff --git a/meta-python/recipes-devtools/python/python-urllib3/CVE-2020-7212.patch b/meta-python/recipes-devtools/python/python-urllib3/CVE-2020-7212.patch new file mode 100644 index 000000000..a2bb0fb5b --- /dev/null +++ b/meta-python/recipes-devtools/python/python-urllib3/CVE-2020-7212.patch
@@ -0,0 +1,54 @@
	1	From aff951b7a41eb5b958b32c49eaa00da02adc9c2d Mon Sep 17 00:00:00 2001
	2	From: Quentin Pradet <quentin.pradet@gmail.com>
	3	Date: Tue, 21 Jan 2020 22:32:56 +0400
	4	Subject: [PATCH] Optimize _encode_invalid_chars (#1787)
	5
	6	Co-authored-by: Seth Michael Larson <sethmichaellarson@gmail.com>
	7
	8	Upstream-Status: Backport
	9	[from git://github.com/urllib3/urllib3.git commit:a2697e7c6b]
	10	Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
	11	---
	12	src/urllib3/util/url.py \| 15 ++++++---------
	13	1 file changed, 6 insertions(+), 9 deletions(-)
	14
	15	diff --git a/src/urllib3/util/url.py b/src/urllib3/util/url.py
	16	index 9675f74..e353937 100644
	17	--- a/src/urllib3/util/url.py
	18	+++ b/src/urllib3/util/url.py
	19	@@ -216,18 +216,15 @@ def _encode_invalid_chars(component, allowed_chars, encoding="utf-8"):
	20
	21	component = six.ensure_text(component)
	22
	23	+ # Normalize existing percent-encoded bytes.
	24	# Try to see if the component we're encoding is already percent-encoded
	25	# so we can skip all '%' characters but still encode all others.
	26	- percent_encodings = PERCENT_RE.findall(component)
	27	-
	28	- # Normalize existing percent-encoded bytes.
	29	- for enc in percent_encodings:
	30	- if not enc.isupper():
	31	- component = component.replace(enc, enc.upper())
	32	+ component, percent_encodings = PERCENT_RE.subn(
	33	+ lambda match: match.group(0).upper(), component
	34	+ )
	35
	36	uri_bytes = component.encode("utf-8", "surrogatepass")
	37	- is_percent_encoded = len(percent_encodings) == uri_bytes.count(b"%")
	38	-
	39	+ is_percent_encoded = percent_encodings == uri_bytes.count(b"%")
	40	encoded_component = bytearray()
	41
	42	for i in range(0, len(uri_bytes)):
	43	@@ -237,7 +234,7 @@ def _encode_invalid_chars(component, allowed_chars, encoding="utf-8"):
	44	if (is_percent_encoded and byte == b"%") or (
	45	byte_ord < 128 and byte.decode() in allowed_chars
	46	):
	47	- encoded_component.extend(byte)
	48	+ encoded_component += byte
	49	continue
	50	encoded_component.extend(b"%" + (hex(byte_ord)[2:].encode().zfill(2).upper()))
	51
	52	--
	53	2.23.0
	54