1 files changed, 0 insertions, 140 deletions
diff --git a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch b/meta/recipes-devtools/python/python3/CVE-2024-7592.patch
deleted file mode 100644
index 7303a41e20..0000000000
--- a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch
+++ /dev/null
@@ -1,140 +0,0 @@
-From 3c15b8437f57fe1027171b34af88bf791cf1868c Mon Sep 17 00:00:00 2001
-From: "Miss Islington (bot)"
- <31488909+miss-islington@users.noreply.github.com>
-Date: Wed, 4 Sep 2024 17:50:36 +0200
-Subject: [PATCH 1/2] [3.10] gh-123067: Fix quadratic complexity in parsing
- "-quoted cookie values with backslashes (GH-123075) (#123106)
-This fixes CVE-2024-7592.
-(cherry picked from commit 44e458357fca05ca0ae2658d62c8c595b048b5ef)
-Upstream-Status: Backport from https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
-CVE: CVE-2024-7592
-Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
-Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
---
- Lib/http/cookies.py                           | 34 ++++-------------
- Lib/test/test_http_cookies.py                 | 38 +++++++++++++++++++
- ...-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst |  1 +
- 3 files changed, 47 insertions(+), 26 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
-diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
-index 35ac2dc6ae2..2c1f021d0ab 100644
--- a/Lib/http/cookies.py
-+++ b/Lib/http/cookies.py
-@@ -184,8 +184,13 @@ def _quote(str):
-         return '"' + str.translate(_Translator) + '"'
- 
- 
-_OctalPatt = re.compile(r"\\[0-3][0-7][0-7]")
-_QuotePatt = re.compile(r"[\\].")
-+_unquote_sub = re.compile(r'\\(?:([0-3][0-7][0-7])|(.))').sub
-+
-+def _unquote_replace(m):
-+    if m[1]:
-+        return chr(int(m[1], 8))
-+    else:
-+        return m[2]
- 
- def _unquote(str):
-     # If there aren't any doublequotes,
-@@ -205,30 +210,7 @@ def _unquote(str):
-     #    \012 --> \n
-     #    \"   --> "
-     #
-    i = 0
-    n = len(str)
-    res = []
-    while 0 <= i < n:
-        o_match = _OctalPatt.search(str, i)
-        q_match = _QuotePatt.search(str, i)
-        if not o_match and not q_match:              # Neither matched
-            res.append(str[i:])
-            break
-        # else:
-        j = k = -1
-        if o_match:
-            j = o_match.start(0)
-        if q_match:
-            k = q_match.start(0)
-        if q_match and (not o_match or k < j):     # QuotePatt matched
-            res.append(str[i:k])
-            res.append(str[k+1])
-            i = k + 2
-        else:                                      # OctalPatt matched
-            res.append(str[i:j])
-            res.append(chr(int(str[j+1:j+4], 8)))
-            i = j + 4
-    return _nulljoin(res)
-+    return _unquote_sub(_unquote_replace, str)
- 
- # The _getdate() routine is used to set the expiration time in the cookie's HTTP
- # header.  By default, _getdate() returns the current time in the appropriate
-diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
-index 6072c7e15e9..644e75cd5b7 100644
--- a/Lib/test/test_http_cookies.py
-+++ b/Lib/test/test_http_cookies.py
-@@ -5,6 +5,7 @@
- import unittest
- from http import cookies
- import pickle
-+from test import support
- 
- 
- class CookieTests(unittest.TestCase):
-@@ -58,6 +59,43 @@ def test_basic(self):
-             for k, v in sorted(case['dict'].items()):
-                 self.assertEqual(C[k].value, v)
- 
-+    def test_unquote(self):
-+        cases = [
-+            (r'a="b=\""', 'b="'),
-+            (r'a="b=\\"', 'b=\\'),
-+            (r'a="b=\="', 'b=='),
-+            (r'a="b=\n"', 'b=n'),
-+            (r'a="b=\042"', 'b="'),
-+            (r'a="b=\134"', 'b=\\'),
-+            (r'a="b=\377"', 'b=\xff'),
-+            (r'a="b=\400"', 'b=400'),
-+            (r'a="b=\42"', 'b=42'),
-+            (r'a="b=\\042"', 'b=\\042'),
-+            (r'a="b=\\134"', 'b=\\134'),
-+            (r'a="b=\\\""', 'b=\\"'),
-+            (r'a="b=\\\042"', 'b=\\"'),
-+            (r'a="b=\134\""', 'b=\\"'),
-+            (r'a="b=\134\042"', 'b=\\"'),
-+        ]
-+        for encoded, decoded in cases:
-+            with self.subTest(encoded):
-+                C = cookies.SimpleCookie()
-+                C.load(encoded)
-+                self.assertEqual(C['a'].value, decoded)
-+
-+    @support.requires_resource('cpu')
-+    def test_unquote_large(self):
-+        n = 10**6
-+        for encoded in r'\\', r'\134':
-+            with self.subTest(encoded):
-+                data = 'a="b=' + encoded*n + ';"'
-+                C = cookies.SimpleCookie()
-+                C.load(data)
-+                value = C['a'].value
-+                self.assertEqual(value[:3], 'b=\\')
-+                self.assertEqual(value[-2:], '\\;')
-+                self.assertEqual(len(value), n + 3)
-+
-     def test_load(self):
-         C = cookies.SimpleCookie()
-         C.load('Customer="WILE_E_COYOTE"; Version=1; Path=/acme')
-diff --git a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
-new file mode 100644
-index 00000000000..6a234561fe3
--- /dev/null
-+++ b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
-@@ -0,0 +1 @@
-+Fix quadratic complexity in parsing ``"``-quoted cookie values with backslashes by :mod:`http.cookies`.
-- 
-2.46.0

diff --git a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch b/meta/recipes-devtools/python/python3/CVE-2024-7592.patch deleted file mode 100644 index 7303a41e20..0000000000 --- a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch +++ /dev/null
@@ -1,140 +0,0 @@
1	From 3c15b8437f57fe1027171b34af88bf791cf1868c Mon Sep 17 00:00:00 2001
2	From: "Miss Islington (bot)"
3	<31488909+miss-islington@users.noreply.github.com>
4	Date: Wed, 4 Sep 2024 17:50:36 +0200
5	Subject: [PATCH 1/2] [3.10] gh-123067: Fix quadratic complexity in parsing
6	"-quoted cookie values with backslashes (GH-123075) (#123106)
7
8	This fixes CVE-2024-7592.
9	(cherry picked from commit 44e458357fca05ca0ae2658d62c8c595b048b5ef)
10
11	Upstream-Status: Backport from https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
12	CVE: CVE-2024-7592
13
14	Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
15	Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
16	---
17	Lib/http/cookies.py \| 34 ++++-------------
18	Lib/test/test_http_cookies.py \| 38 +++++++++++++++++++
19	...-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst \| 1 +
20	3 files changed, 47 insertions(+), 26 deletions(-)
21	create mode 100644 Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
22
23	diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
24	index 35ac2dc6ae2..2c1f021d0ab 100644
25	--- a/Lib/http/cookies.py
26	+++ b/Lib/http/cookies.py
27	@@ -184,8 +184,13 @@ def _quote(str):
28	return '"' + str.translate(_Translator) + '"'
29
30
31	-_OctalPatt = re.compile(r"\\[0-3][0-7][0-7]")
32	-_QuotePatt = re.compile(r"[\\].")
33	+_unquote_sub = re.compile(r'\\(?:([0-3][0-7][0-7])\|(.))').sub
34	+
35	+def _unquote_replace(m):
36	+ if m[1]:
37	+ return chr(int(m[1], 8))
38	+ else:
39	+ return m[2]
40
41	def _unquote(str):
42	# If there aren't any doublequotes,
43	@@ -205,30 +210,7 @@ def _unquote(str):
44	# \012 --> \n
45	# \" --> "
46	#
47	- i = 0
48	- n = len(str)
49	- res = []
50	- while 0 <= i < n:
51	- o_match = _OctalPatt.search(str, i)
52	- q_match = _QuotePatt.search(str, i)
53	- if not o_match and not q_match: # Neither matched
54	- res.append(str[i:])
55	- break
56	- # else:
57	- j = k = -1
58	- if o_match:
59	- j = o_match.start(0)
60	- if q_match:
61	- k = q_match.start(0)
62	- if q_match and (not o_match or k < j): # QuotePatt matched
63	- res.append(str[i:k])
64	- res.append(str[k+1])
65	- i = k + 2
66	- else: # OctalPatt matched
67	- res.append(str[i:j])
68	- res.append(chr(int(str[j+1:j+4], 8)))
69	- i = j + 4
70	- return _nulljoin(res)
71	+ return _unquote_sub(_unquote_replace, str)
72
73	# The _getdate() routine is used to set the expiration time in the cookie's HTTP
74	# header. By default, _getdate() returns the current time in the appropriate
75	diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
76	index 6072c7e15e9..644e75cd5b7 100644
77	--- a/Lib/test/test_http_cookies.py
78	+++ b/Lib/test/test_http_cookies.py
79	@@ -5,6 +5,7 @@
80	import unittest
81	from http import cookies
82	import pickle
83	+from test import support
84
85
86	class CookieTests(unittest.TestCase):
87	@@ -58,6 +59,43 @@ def test_basic(self):
88	for k, v in sorted(case['dict'].items()):
89	self.assertEqual(C[k].value, v)
90
91	+ def test_unquote(self):
92	+ cases = [
93	+ (r'a="b=\""', 'b="'),
94	+ (r'a="b=\\"', 'b=\\'),
95	+ (r'a="b=\="', 'b=='),
96	+ (r'a="b=\n"', 'b=n'),
97	+ (r'a="b=\042"', 'b="'),
98	+ (r'a="b=\134"', 'b=\\'),
99	+ (r'a="b=\377"', 'b=\xff'),
100	+ (r'a="b=\400"', 'b=400'),
101	+ (r'a="b=\42"', 'b=42'),
102	+ (r'a="b=\\042"', 'b=\\042'),
103	+ (r'a="b=\\134"', 'b=\\134'),
104	+ (r'a="b=\\\""', 'b=\\"'),
105	+ (r'a="b=\\\042"', 'b=\\"'),
106	+ (r'a="b=\134\""', 'b=\\"'),
107	+ (r'a="b=\134\042"', 'b=\\"'),
108	+ ]
109	+ for encoded, decoded in cases:
110	+ with self.subTest(encoded):
111	+ C = cookies.SimpleCookie()
112	+ C.load(encoded)
113	+ self.assertEqual(C['a'].value, decoded)
114	+
115	+ @support.requires_resource('cpu')
116	+ def test_unquote_large(self):
117	+ n = 10**6
118	+ for encoded in r'\\', r'\134':
119	+ with self.subTest(encoded):
120	+ data = 'a="b=' + encoded*n + ';"'
121	+ C = cookies.SimpleCookie()
122	+ C.load(data)
123	+ value = C['a'].value
124	+ self.assertEqual(value[:3], 'b=\\')
125	+ self.assertEqual(value[-2:], '\\;')
126	+ self.assertEqual(len(value), n + 3)
127	+
128	def test_load(self):
129	C = cookies.SimpleCookie()
130	C.load('Customer="WILE_E_COYOTE"; Version=1; Path=/acme')
131	diff --git a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
132	new file mode 100644
133	index 00000000000..6a234561fe3
134	--- /dev/null
135	+++ b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
136	@@ -0,0 +1 @@
137	+Fix quadratic complexity in parsing ``"``-quoted cookie values with backslashes by :mod:`http.cookies`.
138	--
139	2.46.0
140