diff options
author | Maxin B. John <maxin.john@enea.com> | 2014-02-28 12:53:33 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-02-28 14:01:15 +0000 |
commit | bbe9cb73395655f4e48804e5ab89da9fbc8f5447 (patch) | |
tree | 74535de87c9da23a7859b7d67380c67218b52384 /meta/recipes-devtools/python | |
parent | 617819a6bf723c87f776885152cfff8e98d9ffa1 (diff) | |
download | poky-bbe9cb73395655f4e48804e5ab89da9fbc8f5447.tar.gz |
python: Backport CVE-2013-1752 fix from upstream
This back ported patch fixes CVE-2013-1752 for smtplib
(From OE-Core rev: 4af111e94edc93657c94de6b584c099571b4cf40)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Reviewed-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/python')
-rw-r--r-- | meta/recipes-devtools/python/python/python-2.7.3-CVE-2013-1752-smtplib-fix.patch | 101 | ||||
-rw-r--r-- | meta/recipes-devtools/python/python_2.7.3.bb | 1 |
2 files changed, 102 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python/python-2.7.3-CVE-2013-1752-smtplib-fix.patch b/meta/recipes-devtools/python/python/python-2.7.3-CVE-2013-1752-smtplib-fix.patch new file mode 100644 index 0000000000..f34ff40ea5 --- /dev/null +++ b/meta/recipes-devtools/python/python/python-2.7.3-CVE-2013-1752-smtplib-fix.patch | |||
@@ -0,0 +1,101 @@ | |||
1 | Upstream-Status: Backport | ||
2 | |||
3 | Reference: http://bugs.python.org/issue16042 | ||
4 | |||
5 | CVE-2013-1752: smtplib: Limit amount of data read by limiting the | ||
6 | call to readline(). Original patch by Christian Heimes | ||
7 | |||
8 | Signed-off-by: Maxin B. John <maxin.john@enea.com> | ||
9 | --- | ||
10 | diff -Naur Python-2.7.3-orig/Lib/smtplib.py Python-2.7.3/Lib/smtplib.py | ||
11 | --- Python-2.7.3-orig/Lib/smtplib.py 2012-04-10 01:07:31.000000000 +0200 | ||
12 | +++ Python-2.7.3/Lib/smtplib.py 2014-02-27 14:15:24.444198465 +0100 | ||
13 | @@ -57,6 +57,7 @@ | ||
14 | SMTP_PORT = 25 | ||
15 | SMTP_SSL_PORT = 465 | ||
16 | CRLF = "\r\n" | ||
17 | +_MAXLINE = 8192 # more than 8 times larger than RFC 821, 4.5.3 | ||
18 | |||
19 | OLDSTYLE_AUTH = re.compile(r"auth=(.*)", re.I) | ||
20 | |||
21 | @@ -179,10 +180,14 @@ | ||
22 | def __init__(self, sslobj): | ||
23 | self.sslobj = sslobj | ||
24 | |||
25 | - def readline(self): | ||
26 | + def readline(self, size=-1): | ||
27 | + if size < 0: | ||
28 | + size = None | ||
29 | str = "" | ||
30 | chr = None | ||
31 | while chr != "\n": | ||
32 | + if size is not None and len(str) >= size: | ||
33 | + break | ||
34 | chr = self.sslobj.read(1) | ||
35 | if not chr: | ||
36 | break | ||
37 | @@ -351,7 +356,7 @@ | ||
38 | self.file = self.sock.makefile('rb') | ||
39 | while 1: | ||
40 | try: | ||
41 | - line = self.file.readline() | ||
42 | + line = self.file.readline(_MAXLINE + 1) | ||
43 | except socket.error as e: | ||
44 | self.close() | ||
45 | raise SMTPServerDisconnected("Connection unexpectedly closed: " | ||
46 | @@ -361,6 +366,8 @@ | ||
47 | raise SMTPServerDisconnected("Connection unexpectedly closed") | ||
48 | if self.debuglevel > 0: | ||
49 | print>>stderr, 'reply:', repr(line) | ||
50 | + if len(line) > _MAXLINE: | ||
51 | + raise SMTPResponseException(500, "Line too long.") | ||
52 | resp.append(line[4:].strip()) | ||
53 | code = line[:3] | ||
54 | # Check that the error code is syntactically correct. | ||
55 | diff -Naur Python-2.7.3-orig/Lib/test/test_smtplib.py Python-2.7.3/Lib/test/test_smtplib.py | ||
56 | --- Python-2.7.3-orig/Lib/test/test_smtplib.py 2012-04-10 01:07:32.000000000 +0200 | ||
57 | +++ Python-2.7.3/Lib/test/test_smtplib.py 2014-02-27 14:15:24.448198293 +0100 | ||
58 | @@ -292,6 +292,33 @@ | ||
59 | HOST, self.port, 'localhost', 3) | ||
60 | |||
61 | |||
62 | +@unittest.skipUnless(threading, 'Threading required for this test.') | ||
63 | +class TooLongLineTests(unittest.TestCase): | ||
64 | + respdata = '250 OK' + ('.' * smtplib._MAXLINE * 2) + '\n' | ||
65 | + | ||
66 | + def setUp(self): | ||
67 | + self.old_stdout = sys.stdout | ||
68 | + self.output = StringIO.StringIO() | ||
69 | + sys.stdout = self.output | ||
70 | + | ||
71 | + self.evt = threading.Event() | ||
72 | + self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | ||
73 | + self.sock.settimeout(15) | ||
74 | + self.port = test_support.bind_port(self.sock) | ||
75 | + servargs = (self.evt, self.respdata, self.sock) | ||
76 | + threading.Thread(target=server, args=servargs).start() | ||
77 | + self.evt.wait() | ||
78 | + self.evt.clear() | ||
79 | + | ||
80 | + def tearDown(self): | ||
81 | + self.evt.wait() | ||
82 | + sys.stdout = self.old_stdout | ||
83 | + | ||
84 | + def testLineTooLong(self): | ||
85 | + self.assertRaises(smtplib.SMTPResponseException, smtplib.SMTP, | ||
86 | + HOST, self.port, 'localhost', 3) | ||
87 | + | ||
88 | + | ||
89 | sim_users = {'Mr.A@somewhere.com':'John A', | ||
90 | 'Ms.B@somewhere.com':'Sally B', | ||
91 | 'Mrs.C@somewhereesle.com':'Ruth C', | ||
92 | @@ -511,7 +538,8 @@ | ||
93 | def test_main(verbose=None): | ||
94 | test_support.run_unittest(GeneralTests, DebuggingServerTests, | ||
95 | NonConnectingTests, | ||
96 | - BadHELOServerTests, SMTPSimTests) | ||
97 | + BadHELOServerTests, SMTPSimTests, | ||
98 | + TooLongLineTests) | ||
99 | |||
100 | if __name__ == '__main__': | ||
101 | test_main() | ||
diff --git a/meta/recipes-devtools/python/python_2.7.3.bb b/meta/recipes-devtools/python/python_2.7.3.bb index ae4a1a6575..aaa72e5e10 100644 --- a/meta/recipes-devtools/python/python_2.7.3.bb +++ b/meta/recipes-devtools/python/python_2.7.3.bb | |||
@@ -33,6 +33,7 @@ SRC_URI += "\ | |||
33 | file://CVE-2013-4073_py27.patch \ | 33 | file://CVE-2013-4073_py27.patch \ |
34 | file://pypirc-secure.patch \ | 34 | file://pypirc-secure.patch \ |
35 | file://parallel-makeinst-create-bindir.patch \ | 35 | file://parallel-makeinst-create-bindir.patch \ |
36 | file://python-2.7.3-CVE-2013-1752-smtplib-fix.patch \ | ||
36 | " | 37 | " |
37 | 38 | ||
38 | S = "${WORKDIR}/Python-${PV}" | 39 | S = "${WORKDIR}/Python-${PV}" |