From b99a386cd1398f1272798bbe3e4fc6c1be560e36 Mon Sep 17 00:00:00 2001
From: Martin Jansa <martin.jansa@gmail.com>
Date: Tue, 10 May 2022 18:30:12 +0200
Subject: python3-cryptography: backport 3 changes to fix CVE-2020-36242

* backport the actual code change from
  https://github.com/pyca/cryptography/pull/5747
  without the docs and CI changes (which aren't applicable on old 2.8
  version) and backport 2 older changes to make this fix applicable
  on 2.8.

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 ...fer-overflows-cause-by-integer-overflow-i.patch | 37 ++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 meta-python/recipes-devtools/python/python3-cryptography/0003-correct-buffer-overflows-cause-by-integer-overflow-i.patch

(limited to 'meta-python/recipes-devtools/python/python3-cryptography/0003-correct-buffer-overflows-cause-by-integer-overflow-i.patch')

diff --git a/meta-python/recipes-devtools/python/python3-cryptography/0003-correct-buffer-overflows-cause-by-integer-overflow-i.patch b/meta-python/recipes-devtools/python/python3-cryptography/0003-correct-buffer-overflows-cause-by-integer-overflow-i.patch
new file mode 100644
index 0000000000..449dd692e6
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-cryptography/0003-correct-buffer-overflows-cause-by-integer-overflow-i.patch
@@ -0,0 +1,37 @@
+From 6d0a76521abe287f5ddb5cd1cfbc799d35f08cf9 Mon Sep 17 00:00:00 2001
+From: Alex Gaynor <alex.gaynor@gmail.com>
+Date: Sun, 7 Feb 2021 11:36:56 -0500
+Subject: [PATCH] correct buffer overflows cause by integer overflow in openssl
+ (#5747)
+
+* correct buffer overflows cause by integer overflow in openssl
+
+frustratingly, there is no test for this -- that's because testing this
+requires allocating more memory than is available in CI.
+
+fixes #5615.
+
+* backport CI fixes
+
+* another CI backport
+
+Upstream-Status: Backport [https://github.com/pyca/cryptography/commit/82b6ce28389f0a317bc55ba2091a74b346db7cae]
+
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ src/cryptography/hazmat/backends/openssl/ciphers.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py
+index 2b7da80c..7ef5f1ea 100644
+--- a/src/cryptography/hazmat/backends/openssl/ciphers.py
++++ b/src/cryptography/hazmat/backends/openssl/ciphers.py
+@@ -17,7 +17,7 @@ from cryptography.hazmat.primitives.ciphers import modes
+ class _CipherContext(object):
+     _ENCRYPT = 1
+     _DECRYPT = 0
+-    _MAX_CHUNK_SIZE = 2 ** 31 - 1
++    _MAX_CHUNK_SIZE = 2 ** 30 - 1
+ 
+     def __init__(self, backend, cipher, mode, operation):
+         self._backend = backend
-- 
cgit v1.2.3-54-g00ecf