diff options
| -rw-r--r-- | meta/recipes-devtools/python/python-native_2.7.3.bb | 1 | ||||
| -rw-r--r-- | meta/recipes-devtools/python/python/json-flaw-fix.patch | 27 | ||||
| -rw-r--r-- | meta/recipes-devtools/python/python_2.7.3.bb | 1 |
3 files changed, 29 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python-native_2.7.3.bb b/meta/recipes-devtools/python/python-native_2.7.3.bb index 0571d3a488..827654dfa2 100644 --- a/meta/recipes-devtools/python/python-native_2.7.3.bb +++ b/meta/recipes-devtools/python/python-native_2.7.3.bb @@ -19,6 +19,7 @@ SRC_URI += "\ file://parallel-makeinst-create-bindir.patch \ file://python-fix-build-error-with-Readline-6.3.patch \ file://gcc-4.8-fix-configure-Wformat.patch \ + file://json-flaw-fix.patch \ " S = "${WORKDIR}/Python-${PV}" diff --git a/meta/recipes-devtools/python/python/json-flaw-fix.patch b/meta/recipes-devtools/python/python/json-flaw-fix.patch new file mode 100644 index 0000000000..e9a6cca017 --- /dev/null +++ b/meta/recipes-devtools/python/python/json-flaw-fix.patch @@ -0,0 +1,27 @@ + +python: fix _json module arbitrary process memory read vulnerability + +Upstream-Status: submitted + +Signed-off-by: Daniel BORNAZ <daniel.bornaz@enea.com> + +--- a/Modules/_json.c 2014-07-15 15:37:17.151046356 +0200 ++++ b/Modules/_json.c 2014-07-15 15:38:37.335605042 +0200 +@@ -1491,7 +1491,7 @@ scan_once_str(PyScannerObject *s, PyObje + PyObject *res; + char *str = PyString_AS_STRING(pystr); + Py_ssize_t length = PyString_GET_SIZE(pystr); +- if (idx >= length) { ++ if ( idx < 0 || idx >= length) { + PyErr_SetNone(PyExc_StopIteration); + return NULL; + } +@@ -1578,7 +1578,7 @@ scan_once_unicode(PyScannerObject *s, Py + PyObject *res; + Py_UNICODE *str = PyUnicode_AS_UNICODE(pystr); + Py_ssize_t length = PyUnicode_GET_SIZE(pystr); +- if (idx >= length) { ++ if ( idx < 0 || idx >= length) { + PyErr_SetNone(PyExc_StopIteration); + return NULL; + } diff --git a/meta/recipes-devtools/python/python_2.7.3.bb b/meta/recipes-devtools/python/python_2.7.3.bb index 0d641720f1..5be9073829 100644 --- a/meta/recipes-devtools/python/python_2.7.3.bb +++ b/meta/recipes-devtools/python/python_2.7.3.bb @@ -36,6 +36,7 @@ SRC_URI += "\ file://python-2.7.3-CVE-2013-1752-smtplib-fix.patch \ file://python-fix-build-error-with-Readline-6.3.patch \ file://python-2.7.3-CVE-2014-1912.patch \ + file://json-flaw-fix.patch \ " S = "${WORKDIR}/Python-${PV}" |