fix CVE-2022-48566
This commit is contained in:
dongyuzhen
parent
ec918da7f6
commit
2919414988
30
backport-CVE-2022-48566.patch
Normal file
30
backport-CVE-2022-48566.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From 31729366e2bc09632e78f3896dbce0ae64914f28 Mon Sep 17 00:00:00 2001
|
||||
From: Devin Jeanpierre <jeanpierreda@google.com>
|
||||
Date: Sat, 21 Nov 2020 01:55:23 -0700
|
||||
Subject: [PATCH] bpo-40791: Make compare_digest more constant-time. (GH-20444)
|
||||
|
||||
* bpo-40791: Make compare_digest more constant-time.
|
||||
|
||||
The existing volatile `left`/`right` pointers guarantee that the reads will all occur, but does not guarantee that they will be _used_. So a compiler can still short-circuit the loop, saving e.g. the overhead of doing the xors and especially the overhead of the data dependency between `result` and the reads. That would change performance depending on where the first unequal byte occurs. This change removes that optimization.
|
||||
|
||||
(This is change #1 from https://bugs.python.org/issue40791 .)
|
||||
---
|
||||
Modules/_operator.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/Modules/_operator.c b/Modules/_operator.c
|
||||
index 51daa1f..7fff654 100644
|
||||
--- a/Modules/_operator.c
|
||||
+++ b/Modules/_operator.c
|
||||
@@ -735,7 +735,7 @@ _tscmp(const unsigned char *a, const unsigned char *b,
|
||||
volatile const unsigned char *left;
|
||||
volatile const unsigned char *right;
|
||||
Py_ssize_t i;
|
||||
- unsigned char result;
|
||||
+ volatile unsigned char result;
|
||||
|
||||
/* loop count depends on length of b */
|
||||
length = len_b;
|
||||
--
|
||||
2.33.0
|
||||
|
||||
10
python3.spec
10
python3.spec
@ -3,7 +3,7 @@ Summary: Interpreter of the Python3 programming language
|
||||
URL: https://www.python.org/
|
||||
|
||||
Version: 3.7.9
|
||||
Release: 34
|
||||
Release: 35
|
||||
License: Python-2.0
|
||||
|
||||
%global branchversion 3.7
|
||||
@ -168,6 +168,7 @@ Patch6058: backport-CVE-2022-37454.patch
|
||||
Patch6059: backport-bpo-44434-Don-t-call-PyThread_exit_thread-explicitly.patch
|
||||
Patch6060: backport-Make-urllib.parse.urlparse-enforce-that-a-scheme-mus.patch
|
||||
Patch6061: backport-CVE-2022-48565.patch
|
||||
Patch6062: backport-CVE-2022-48566.patch
|
||||
|
||||
patch9000: Don-t-override-PYTHONPATH-which-is-already-set.patch
|
||||
patch9001: add-the-sm3-method-for-obtaining-the-salt-value.patch
|
||||
@ -324,6 +325,7 @@ rm Lib/ensurepip/_bundled/*.whl
|
||||
%patch6059 -p1
|
||||
%patch6060 -p1
|
||||
%patch6061 -p1
|
||||
%patch6062 -p1
|
||||
|
||||
%patch9000 -p1
|
||||
%patch9001 -p1
|
||||
@ -929,6 +931,12 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP"
|
||||
%{_mandir}/*/*
|
||||
|
||||
%changelog
|
||||
* Wed Sep 06 2023 dongyuzhen <dongyuzhen@h-partners.com> - 3.7.9-35
|
||||
- Type:CVE
|
||||
- CVE:CVE-2022-48566
|
||||
- SUG:NA
|
||||
- DESC:fix CVE-2022-48566
|
||||
|
||||
* Tue Sep 05 2023 dongyuzhen <dongyuzhen@h-partners.com> - 3.7.9-34
|
||||
- Type:CVE
|
||||
- CVE:CVE-2022-48565
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user