diff options
author | Dengke Du <dengke.du@windriver.com> | 2017-09-01 03:37:19 -0400 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-09-02 00:52:10 +0100 |
commit | dcebade36d4cd19189ff419d4c1d54752f8d39cb (patch) | |
tree | 9b3f9f6affaaedf44cdf6983899590e8fff53cec | |
parent | 91f9752cf1cd6a7caa34bccc4f929d243f1a51ac (diff) | |
download | poky-dcebade36d4cd19189ff419d4c1d54752f8d39cb.tar.gz |
python-numpy, python3-numpy: Fix CVE-2017-12852
Backport upstream patch to fix CVE-2017-12852
(From OE-Core rev: 85bad28c553ba35df57a3f2a6fe67c520046ac74)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
3 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python-numpy/files/0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch b/meta/recipes-devtools/python-numpy/files/0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch new file mode 100644 index 0000000000..b9e585610f --- /dev/null +++ b/meta/recipes-devtools/python-numpy/files/0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch | |||
@@ -0,0 +1,45 @@ | |||
1 | From 4170b98e0d5864ef4db1c5704a6e9428c3be9fb8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Iryna Shcherbina <ishcherb@redhat.com> | ||
3 | Date: Thu, 24 Aug 2017 18:01:43 +0200 | ||
4 | Subject: [PATCH] BUG: fix infinite loop when creating np.pad on an empty array | ||
5 | |||
6 | Upstream-Status: Backport [https://github.com/numpy/numpy/pull/9599/commits/6f9ea0abbd305d53f9017debab3a3a591fe0e249] | ||
7 | CVE: CVE-2017-12852 | ||
8 | Signed-off-by: Dengke Du <dengke.du@windriver.com> | ||
9 | --- | ||
10 | numpy/lib/arraypad.py | 3 +++ | ||
11 | numpy/lib/tests/test_arraypad.py | 4 ++++ | ||
12 | 2 files changed, 7 insertions(+) | ||
13 | |||
14 | diff --git a/numpy/lib/arraypad.py b/numpy/lib/arraypad.py | ||
15 | index 2dad99c..294a689 100644 | ||
16 | --- a/numpy/lib/arraypad.py | ||
17 | +++ b/numpy/lib/arraypad.py | ||
18 | @@ -1406,6 +1406,9 @@ def pad(array, pad_width, mode, **kwargs): | ||
19 | newmat = _append_min(newmat, pad_after, chunk_after, axis) | ||
20 | |||
21 | elif mode == 'reflect': | ||
22 | + if narray.size == 0: | ||
23 | + raise ValueError("There aren't any elements to reflect in `array`") | ||
24 | + | ||
25 | for axis, (pad_before, pad_after) in enumerate(pad_width): | ||
26 | # Recursive padding along any axis where `pad_amt` is too large | ||
27 | # for indexing tricks. We can only safely pad the original axis | ||
28 | diff --git a/numpy/lib/tests/test_arraypad.py b/numpy/lib/tests/test_arraypad.py | ||
29 | index 056aa45..0f71d32 100644 | ||
30 | --- a/numpy/lib/tests/test_arraypad.py | ||
31 | +++ b/numpy/lib/tests/test_arraypad.py | ||
32 | @@ -1014,6 +1014,10 @@ class ValueError1(TestCase): | ||
33 | assert_raises(ValueError, pad, arr, ((-2, 3), (3, 2)), | ||
34 | **kwargs) | ||
35 | |||
36 | + def test_check_empty_array(self): | ||
37 | + assert_raises(ValueError, pad, [], 4, mode='reflect') | ||
38 | + assert_raises(ValueError, pad, np.ndarray(0), 4, mode='reflect') | ||
39 | + | ||
40 | |||
41 | class ValueError2(TestCase): | ||
42 | def test_check_negative_pad_amount(self): | ||
43 | -- | ||
44 | 2.8.1 | ||
45 | |||
diff --git a/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb b/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb index 63821d30fa..13e8f4fa23 100644 --- a/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb +++ b/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb | |||
@@ -9,6 +9,7 @@ SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${S | |||
9 | file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \ | 9 | file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \ |
10 | file://remove-build-path-in-comments.patch \ | 10 | file://remove-build-path-in-comments.patch \ |
11 | file://fix_shebang_f2py.patch \ | 11 | file://fix_shebang_f2py.patch \ |
12 | file://0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch \ | ||
12 | ${CONFIGFILESURI} " | 13 | ${CONFIGFILESURI} " |
13 | 14 | ||
14 | SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92" | 15 | SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92" |
diff --git a/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb b/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb index 0bf9e914f9..29874b8842 100644 --- a/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb +++ b/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb | |||
@@ -9,6 +9,7 @@ SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${S | |||
9 | file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \ | 9 | file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \ |
10 | file://remove-build-path-in-comments.patch \ | 10 | file://remove-build-path-in-comments.patch \ |
11 | file://fix_shebang_f2py.patch \ | 11 | file://fix_shebang_f2py.patch \ |
12 | file://0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch \ | ||
12 | ${CONFIGFILESURI} " | 13 | ${CONFIGFILESURI} " |
13 | SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92" | 14 | SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92" |
14 | SRC_URI[sha256sum] = "de020ec06f1e9ce1115a50161a38bf8d4c2525379900f9cb478cc613a1e7cd93" | 15 | SRC_URI[sha256sum] = "de020ec06f1e9ce1115a50161a38bf8d4c2525379900f9cb478cc613a1e7cd93" |