summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLee Chee Yang <chee.yang.lee@intel.com>2020-07-03 23:20:37 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2020-08-04 23:17:38 +0100
commit32fa72c75db7ded0c0c15c048c91eaef483b34d3 (patch)
tree03b5a75f165bc3eb8f317c29a9add695325ff104
parentf77e7daad0711c8217a5bd18841735f0a9b623f5 (diff)
downloadpoky-32fa72c75db7ded0c0c15c048c91eaef483b34d3.tar.gz
python3: fix CVE-2020-14422
(From OE-Core rev: f12ea255a24d60c625d4e6ab4de0633df49679a5) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> [Rebased for v3.7.8] Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-devtools/python/python3/CVE-2020-14422.patch79
-rw-r--r--meta/recipes-devtools/python/python3_3.7.8.bb1
2 files changed, 80 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python3/CVE-2020-14422.patch b/meta/recipes-devtools/python/python3/CVE-2020-14422.patch
new file mode 100644
index 0000000000..31ad82d7c5
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/CVE-2020-14422.patch
@@ -0,0 +1,79 @@
1From b98e7790c77a4378ec4b1c71b84138cb930b69b7 Mon Sep 17 00:00:00 2001
2From: Tapas Kundu <39723251+tapakund@users.noreply.github.com>
3Date: Wed, 1 Jul 2020 00:50:21 +0530
4Subject: [PATCH] [3.7] bpo-41004: Resolve hash collisions for IPv4Interface
5 and IPv6Interface (GH-21033) (GH-21231)
6
7CVE-2020-14422
8The __hash__() methods of classes IPv4Interface and IPv6Interface had issue
9of generating constant hash values of 32 and 128 respectively causing hash collisions.
10The fix uses the hash() function to generate hash values for the objects
11instead of XOR operation
12(cherry picked from commit b30ee26e366bf509b7538d79bfec6c6d38d53f28)
13
14Co-authored-by: Ravi Teja P <rvteja92@gmail.com>
15
16Signed-off-by: Tapas Kundu <tkundu@vmware.com>
17
18Upstream-Status: Backport [https://github.com/python/cpython/commit/b98e7790c77a4378ec4b1c71b84138cb930b69b7]
19CVE: CVE-2020-14422
20Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
21
22---
23 Lib/ipaddress.py | 4 ++--
24 Lib/test/test_ipaddress.py | 11 +++++++++++
25 .../Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst | 1 +
26 3 files changed, 14 insertions(+), 2 deletions(-)
27 create mode 100644 Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
28
29diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py
30index 80249288d73ab..54882934c3dc1 100644
31--- a/Lib/ipaddress.py
32+++ b/Lib/ipaddress.py
33@@ -1442,7 +1442,7 @@ def __lt__(self, other):
34 return False
35
36 def __hash__(self):
37- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
38+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
39
40 __reduce__ = _IPAddressBase.__reduce__
41
42@@ -2088,7 +2088,7 @@ def __lt__(self, other):
43 return False
44
45 def __hash__(self):
46- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
47+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
48
49 __reduce__ = _IPAddressBase.__reduce__
50
51diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py
52index 455b893fb126f..1fb6a929dc2d9 100644
53--- a/Lib/test/test_ipaddress.py
54+++ b/Lib/test/test_ipaddress.py
55@@ -2091,6 +2091,17 @@ def testsixtofour(self):
56 sixtofouraddr.sixtofour)
57 self.assertFalse(bad_addr.sixtofour)
58
59+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
60+ def testV4HashIsNotConstant(self):
61+ ipv4_address1 = ipaddress.IPv4Interface("1.2.3.4")
62+ ipv4_address2 = ipaddress.IPv4Interface("2.3.4.5")
63+ self.assertNotEqual(ipv4_address1.__hash__(), ipv4_address2.__hash__())
64+
65+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
66+ def testV6HashIsNotConstant(self):
67+ ipv6_address1 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")
68+ ipv6_address2 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")
69+ self.assertNotEqual(ipv6_address1.__hash__(), ipv6_address2.__hash__())
70
71 if __name__ == '__main__':
72 unittest.main()
73diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
74new file mode 100644
75index 0000000000000..f5a9db52fff52
76--- /dev/null
77+++ b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
78@@ -0,0 +1 @@
79+CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).
diff --git a/meta/recipes-devtools/python/python3_3.7.8.bb b/meta/recipes-devtools/python/python3_3.7.8.bb
index 5230fe0ee6..b18b3cd47d 100644
--- a/meta/recipes-devtools/python/python3_3.7.8.bb
+++ b/meta/recipes-devtools/python/python3_3.7.8.bb
@@ -29,6 +29,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
29 file://0001-Use-FLAG_REF-always-for-interned-strings.patch \ 29 file://0001-Use-FLAG_REF-always-for-interned-strings.patch \
30 file://0001-test_locale.py-correct-the-test-output-format.patch \ 30 file://0001-test_locale.py-correct-the-test-output-format.patch \
31 file://0017-setup.py-do-not-report-missing-dependencies-for-disa.patch \ 31 file://0017-setup.py-do-not-report-missing-dependencies-for-disa.patch \
32 file://CVE-2020-14422.patch \
32 " 33 "
33 34
34SRC_URI_append_class-native = " \ 35SRC_URI_append_class-native = " \