python-numpy, python3-numpy: Fix CVE-2017-12852

Backport upstream patch to fix CVE-2017-12852 (From OE-Core rev: 85bad28c553ba35df57a3f2a6fe67c520046ac74) Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Dengke Du <dengke.du@windriver.com> 2017-09-01 03:37:19 -0400
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-09-02 00:52:10 +0100
commit: dcebade36d4cd19189ff419d4c1d54752f8d39cb (patch)
tree: 9b3f9f6affaaedf44cdf6983899590e8fff53cec /meta/recipes-devtools/python-numpy
parent: 91f9752cf1cd6a7caa34bccc4f929d243f1a51ac (diff)
download: poky-dcebade36d4cd19189ff419d4c1d54752f8d39cb.tar.gz
3 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python-numpy/files/0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch b/meta/recipes-devtools/python-numpy/files/0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch
new file mode 100644
index 0000000000..b9e585610f
--- /dev/null
+++ b/meta/recipes-devtools/python-numpy/files/0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch
@@ -0,0 +1,45 @@
+From 4170b98e0d5864ef4db1c5704a6e9428c3be9fb8 Mon Sep 17 00:00:00 2001
+From: Iryna Shcherbina <ishcherb@redhat.com>
+Date: Thu, 24 Aug 2017 18:01:43 +0200
+Subject: [PATCH] BUG: fix infinite loop when creating np.pad on an empty array
+Upstream-Status: Backport [https://github.com/numpy/numpy/pull/9599/commits/6f9ea0abbd305d53f9017debab3a3a591fe0e249]
+CVE: CVE-2017-12852
+Signed-off-by: Dengke Du <dengke.du@windriver.com>
+---
+ numpy/lib/arraypad.py            | 3 +++
+ numpy/lib/tests/test_arraypad.py | 4 ++++
+ 2 files changed, 7 insertions(+)
+diff --git a/numpy/lib/arraypad.py b/numpy/lib/arraypad.py
+index 2dad99c..294a689 100644
+--- a/numpy/lib/arraypad.py
+++ b/numpy/lib/arraypad.py
+@@ -1406,6 +1406,9 @@ def pad(array, pad_width, mode, **kwargs):
+             newmat = _append_min(newmat, pad_after, chunk_after, axis)
+ 
+     elif mode == 'reflect':
+        if narray.size == 0:
+            raise ValueError("There aren't any elements to reflect in `array`")
+
+         for axis, (pad_before, pad_after) in enumerate(pad_width):
+             # Recursive padding along any axis where `pad_amt` is too large
+             # for indexing tricks. We can only safely pad the original axis
+diff --git a/numpy/lib/tests/test_arraypad.py b/numpy/lib/tests/test_arraypad.py
+index 056aa45..0f71d32 100644
+--- a/numpy/lib/tests/test_arraypad.py
+++ b/numpy/lib/tests/test_arraypad.py
+@@ -1014,6 +1014,10 @@ class ValueError1(TestCase):
+         assert_raises(ValueError, pad, arr, ((-2, 3), (3, 2)),
+                       **kwargs)
+ 
+    def test_check_empty_array(self):
+        assert_raises(ValueError, pad, [], 4, mode='reflect')
+        assert_raises(ValueError, pad, np.ndarray(0), 4, mode='reflect')
+
+ 
+ class ValueError2(TestCase):
+     def test_check_negative_pad_amount(self):
+-- 
+2.8.1
diff --git a/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb b/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb
index 63821d30fa..13e8f4fa23 100644
--- a/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb
+++ b/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb
@@ -9,6 +9,7 @@ SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${S
           file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \
           file://remove-build-path-in-comments.patch \
           file://fix_shebang_f2py.patch \
+           file://0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch \
           ${CONFIGFILESURI} "
 SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92"
diff --git a/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb b/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb
index 0bf9e914f9..29874b8842 100644
--- a/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb
+++ b/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb
@@ -9,6 +9,7 @@ SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${S
           file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \
           file://remove-build-path-in-comments.patch \
           file://fix_shebang_f2py.patch \
+           file://0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch \
           ${CONFIGFILESURI} "
 SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92"
 SRC_URI[sha256sum] = "de020ec06f1e9ce1115a50161a38bf8d4c2525379900f9cb478cc613a1e7cd93"
author	Dengke Du <dengke.du@windriver.com>	2017-09-01 03:37:19 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-02 00:52:10 +0100
commit	dcebade36d4cd19189ff419d4c1d54752f8d39cb (patch)
tree	9b3f9f6affaaedf44cdf6983899590e8fff53cec /meta/recipes-devtools/python-numpy
parent	91f9752cf1cd6a7caa34bccc4f929d243f1a51ac (diff)
download	poky-dcebade36d4cd19189ff419d4c1d54752f8d39cb.tar.gz

diff --git a/meta/recipes-devtools/python-numpy/files/0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch b/meta/recipes-devtools/python-numpy/files/0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch new file mode 100644 index 0000000000..b9e585610f --- /dev/null +++ b/meta/recipes-devtools/python-numpy/files/0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch
@@ -0,0 +1,45 @@
		1	From 4170b98e0d5864ef4db1c5704a6e9428c3be9fb8 Mon Sep 17 00:00:00 2001
		2	From: Iryna Shcherbina <ishcherb@redhat.com>
		3	Date: Thu, 24 Aug 2017 18:01:43 +0200
		4	Subject: [PATCH] BUG: fix infinite loop when creating np.pad on an empty array
		5
		6	Upstream-Status: Backport [https://github.com/numpy/numpy/pull/9599/commits/6f9ea0abbd305d53f9017debab3a3a591fe0e249]
		7	CVE: CVE-2017-12852
		8	Signed-off-by: Dengke Du <dengke.du@windriver.com>
		9	---
		10	numpy/lib/arraypad.py \| 3 +++
		11	numpy/lib/tests/test_arraypad.py \| 4 ++++
		12	2 files changed, 7 insertions(+)
		13
		14	diff --git a/numpy/lib/arraypad.py b/numpy/lib/arraypad.py
		15	index 2dad99c..294a689 100644
		16	--- a/numpy/lib/arraypad.py
		17	+++ b/numpy/lib/arraypad.py
		18	@@ -1406,6 +1406,9 @@ def pad(array, pad_width, mode, **kwargs):
		19	newmat = _append_min(newmat, pad_after, chunk_after, axis)
		20
		21	elif mode == 'reflect':
		22	+ if narray.size == 0:
		23	+ raise ValueError("There aren't any elements to reflect in `array`")
		24	+
		25	for axis, (pad_before, pad_after) in enumerate(pad_width):
		26	# Recursive padding along any axis where `pad_amt` is too large
		27	# for indexing tricks. We can only safely pad the original axis
		28	diff --git a/numpy/lib/tests/test_arraypad.py b/numpy/lib/tests/test_arraypad.py
		29	index 056aa45..0f71d32 100644
		30	--- a/numpy/lib/tests/test_arraypad.py
		31	+++ b/numpy/lib/tests/test_arraypad.py
		32	@@ -1014,6 +1014,10 @@ class ValueError1(TestCase):
		33	assert_raises(ValueError, pad, arr, ((-2, 3), (3, 2)),
		34	**kwargs)
		35
		36	+ def test_check_empty_array(self):
		37	+ assert_raises(ValueError, pad, [], 4, mode='reflect')
		38	+ assert_raises(ValueError, pad, np.ndarray(0), 4, mode='reflect')
		39	+
		40
		41	class ValueError2(TestCase):
		42	def test_check_negative_pad_amount(self):
		43	--
		44	2.8.1
		45


diff --git a/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb b/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb index 63821d30fa..13e8f4fa23 100644 --- a/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb +++ b/meta/recipes-devtools/python-numpy/python-numpy_1.13.1.bb
@@ -9,6 +9,7 @@ SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${S
9	file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \	9	file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \
10	file://remove-build-path-in-comments.patch \	10	file://remove-build-path-in-comments.patch \
11	file://fix_shebang_f2py.patch \	11	file://fix_shebang_f2py.patch \
		12	file://0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch \
12	${CONFIGFILESURI} "	13	${CONFIGFILESURI} "
13		14
14	SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92"	15	SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92"


diff --git a/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb b/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb index 0bf9e914f9..29874b8842 100644 --- a/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb +++ b/meta/recipes-devtools/python-numpy/python3-numpy_1.13.1.bb
@@ -9,6 +9,7 @@ SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${S
9	file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \	9	file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \
10	file://remove-build-path-in-comments.patch \	10	file://remove-build-path-in-comments.patch \
11	file://fix_shebang_f2py.patch \	11	file://fix_shebang_f2py.patch \
		12	file://0001-BUG-fix-infinite-loop-when-creating-np.pad-on-an-emp.patch \
12	${CONFIGFILESURI} "	13	${CONFIGFILESURI} "
13	SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92"	14	SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92"
14	SRC_URI[sha256sum] = "de020ec06f1e9ce1115a50161a38bf8d4c2525379900f9cb478cc613a1e7cd93"	15	SRC_URI[sha256sum] = "de020ec06f1e9ce1115a50161a38bf8d4c2525379900f9cb478cc613a1e7cd93"