From 8a1ff65b9b4abb36af6477b5c168037be07d4f71 Mon Sep 17 00:00:00 2001 From: Martin Wilke Date: Mon, 8 Sep 2008 00:14:06 +0000 Subject: - Security fixes Multiple vulnerabilities: 1) Various integer overflow errors exist in core modules e.g. stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, mmapmodule. 2) An integer overflow in the hashlib module can lead to an unreliable cryptographic digest results. 3) Integer overflow errors in the processing of unicode strings can be exploited to cause buffer overflows on 32-bit systems. 4) An integer overflow exists in the PyOS_vsnprintf() function on architectures that do not have a "vsnprintf()" function. 5) An integer underflow error in the PyOS_vsnprintf() function when passing zero-length strings can lead to memory corruption. PR: 127172 (based on) Submitted by: bf Obtained from: python svn Security: CVE-2008-2315, CVE-2008-2316, CVE-2008-3142, CVE-2008-3144, CVE-2008-3143. (vuxml come later) --- lang/python32/files/patch-lib-test_test_strop.py | 28 ++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 lang/python32/files/patch-lib-test_test_strop.py (limited to 'lang/python32/files/patch-lib-test_test_strop.py') diff --git a/lang/python32/files/patch-lib-test_test_strop.py b/lang/python32/files/patch-lib-test_test_strop.py new file mode 100644 index 000000000000..f0e40166957a --- /dev/null +++ b/lang/python32/files/patch-lib-test_test_strop.py @@ -0,0 +1,28 @@ +--- Lib/test/test_strop.py.orig 2002-07-31 00:27:12.000000000 +0100 ++++ Lib/test/test_strop.py 2008-08-30 10:16:13.000000000 +0100 +@@ -115,6 +115,25 @@ + strop.uppercase + strop.whitespace + ++ @test_support.precisionbigmemtest(size=test_support._2G - 1, memuse=5) ++ def test_stropjoin_huge_list(self, size): ++ a = "A" * size ++ try: ++ r = strop.join([a, a], a) ++ except OverflowError: ++ pass ++ else: ++ self.assertEquals(len(r), len(a) * 3) ++ ++ @test_support.precisionbigmemtest(size=test_support._2G - 1, memuse=1) ++ def test_stropjoin_huge_tup(self, size): ++ a = "A" * size ++ try: ++ r = strop.join((a, a), a) ++ except OverflowError: ++ pass # acceptable on 32-bit ++ else: ++ self.assertEquals(len(r), len(a) * 3) + + transtable = '\000\001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037 !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`xyzdefghijklmnopqrstuvwxyz{|}~\177\200\201\202\203\204\205\206\207\210\211\212\213\214\215\216\217\220\221\222\223\224\225\226\227\230\231\232\233\234\235\236\237\240\241\242\243\244\245\246\247\250\251\252\253\254\255\256\257\260\261\262\263\264\265\266\267\270\271\272\273\274\275\276\277\300\301\302\303\304\305\306\307\310\311\312\313\314\315\316\317\320\321\322\323\324\325\326\327\330\331\332\333\334\335\336\337\340\341\342\343\344\345\346\347\350\351\352\353\354\355\356\357\360\361\362\363\364\365\366\367\370\371\372\373\374\375\376\377' + -- cgit v1.2.3