diff options
| author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-08-14 00:59:39 +0100 |
|---|---|---|
| committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-08-29 19:44:03 -0400 |
| commit | 220d5534d34c16d996dd3eb9c3dcc94591f5ded4 (patch) | |
| tree | 9576094c44a78d81de247a95922d23d4aad8fb43 /poky/meta/recipes-devtools/python/python/CVE-2018-1000030-1.patch | |
| parent | 8845f92d5dc18f9b0792c43621c96f4036393aac (diff) | |
| download | talos-openbmc-220d5534d34c16d996dd3eb9c3dcc94591f5ded4.tar.gz talos-openbmc-220d5534d34c16d996dd3eb9c3dcc94591f5ded4.zip | |
poky: sumo refresh 874976b..45ef387
Update poky to sumo HEAD.
Alexander Kanavin (1):
openssl: fix upstream version check for 1.0 version
Andre McCurdy (19):
openssl_1.1: avoid using += with an over-ride
openssl_1.1: minor recipe formatting tweaks etc
openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe
openssl_1.0: minor recipe formatting tweaks etc
openssl_1.0: drop curly brackets from shell local variables
openssl_1.0: fix cryptodev-linux PACKAGECONFIG support
openssl_1.0: drop leading "-" from no-ssl3 config option
openssl_1.0: avoid running make twice for target do_compile()
openssl: remove uclibc remnants
openssl: support musl-x32 build
openssl: minor indent fixes
openssl_1.0: drop obsolete ca.patch
openssl_1.0: drop obsolete exporting of AS, EX_LIBS and DIRS
openssl_1.0: drop unmaintained darwin support
openssl_1.0: add PACKAGECONFIG option to control manpages
openssl_1.0: squash whitespace in CC_INFO
openssl: fix missing dependency on hostperl-runtime-native
openssl_1.0: drop unnecessary dependency on makedepend-native
openssl_1.0: drop unnecessary call to perlpath.pl from do_configure()
Andrej Valek (3):
openssl-1.1: fix c_rehash perl errors
openssl: update 1.0.2o -> 1.0.2p
openssl: update 1.1.0h -> 1.1.0i
Anuj Mittal (1):
wic/qemux86: don't pass ip parameter to kernel in wks
Changqing Li (1):
unzip: fix CVE-2018-1000035
Hongxu Jia (2):
nasm: fix CVE-2018-8883 & CVE-2018-8882 & CVE-2018-10316
patch: fix CVE-2018-6952
Jagadeesh Krishnanjanappa (19):
libvorbis: CVE-2017-14160 CVE-2018-10393
libvorbis: CVE-2018-10392
flac: CVE-2017-6888
libarchive: CVE-2017-14503
libsndfile1: CVE-2017-14245 CVE-2017-14246
libsndfile1: CVE-2017-14634
coreutils: CVE-2017-18018
libgcrypt: CVE-2018-0495
git: CVE-2018-11235
gnupg: CVE-2018-12020
shadow: CVE-2018-7169
procps: CVE-2018-1124
python: CVE-2018-1000030
qemu: CVE-2018-7550
qemu: CVE-2018-12617
perl: CVE-2018-6798
perl: CVE-2018-6797
perl: CVE-2018-6913
perl: CVE-2018-12015
Joshua Watt (2):
alsa-lib: Cleanup packaging
swig: Remove superfluous python dependency
Ovidiu Panait (1):
openssl-nativesdk: Fix "can't open config file" warning
Ross Burton (6):
bzip2: use Yocto Project mirror for SRC_URI
classes: sanity-check LIC_FILES_CHKSUM
openssl: disable ccache usage
unzip: fix symlink problem
bitbake: utils/md5_file: don't iterate line-by-line
bitbake: checksum: sanity check path when recursively checksumming
Change-Id: I262a451f483cb276343ae6f02c272af053d33d7a
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-devtools/python/python/CVE-2018-1000030-1.patch')
| -rw-r--r-- | poky/meta/recipes-devtools/python/python/CVE-2018-1000030-1.patch | 138 |
1 files changed, 138 insertions, 0 deletions
diff --git a/poky/meta/recipes-devtools/python/python/CVE-2018-1000030-1.patch b/poky/meta/recipes-devtools/python/python/CVE-2018-1000030-1.patch new file mode 100644 index 000000000..06ad4c695 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python/CVE-2018-1000030-1.patch @@ -0,0 +1,138 @@ +From 6401e5671781eb217ee1afb4603cc0d1b0367ae6 Mon Sep 17 00:00:00 2001 +From: Serhiy Storchaka <storchaka@gmail.com> +Date: Fri, 10 Nov 2017 12:58:55 +0200 +Subject: [PATCH] [2.7] bpo-31530: Stop crashes when iterating over a file on + multiple threads. (#3672) + +CVE: CVE-2018-1000030 +Upstream-Status: Backport [https://github.com/python/cpython/commit/6401e5671781eb217ee1afb4603cc0d1b0367ae6] + +Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> +--- + Lib/test/test_file2k.py | 32 ++++++++++++++++++++++ + .../2017-09-20-18-28-09.bpo-31530.CdLOM7.rst | 4 +++ + Objects/fileobject.c | 19 +++++++++++-- + 3 files changed, 52 insertions(+), 3 deletions(-) + create mode 100644 Misc/NEWS.d/next/Core and Builtins/2017-09-20-18-28-09.bpo-31530.CdLOM7.rst + +diff --git a/Lib/test/test_file2k.py b/Lib/test/test_file2k.py +index e39ef7042e..d8966e034e 100644 +--- a/Lib/test/test_file2k.py ++++ b/Lib/test/test_file2k.py +@@ -652,6 +652,38 @@ class FileThreadingTests(unittest.TestCase): + self.f.writelines('') + self._test_close_open_io(io_func) + ++ def test_iteration_torture(self): ++ # bpo-31530: Crash when concurrently iterate over a file. ++ with open(self.filename, "wb") as fp: ++ for i in xrange(2**20): ++ fp.write(b"0"*50 + b"\n") ++ with open(self.filename, "rb") as f: ++ def iterate(): ++ try: ++ for l in f: ++ pass ++ except IOError: ++ pass ++ self._run_workers(iterate, 10) ++ ++ def test_iteration_seek(self): ++ # bpo-31530: Crash when concurrently seek and iterate over a file. ++ with open(self.filename, "wb") as fp: ++ for i in xrange(10000): ++ fp.write(b"0"*50 + b"\n") ++ with open(self.filename, "rb") as f: ++ it = iter([1] + [0]*10) # one thread reads, others seek ++ def iterate(): ++ try: ++ if next(it): ++ for l in f: ++ pass ++ else: ++ for i in range(100): ++ f.seek(i*100, 0) ++ except IOError: ++ pass ++ self._run_workers(iterate, 10) + + @unittest.skipUnless(os.name == 'posix', 'test requires a posix system.') + class TestFileSignalEINTR(unittest.TestCase): +diff --git a/Misc/NEWS.d/next/Core and Builtins/2017-09-20-18-28-09.bpo-31530.CdLOM7.rst b/Misc/NEWS.d/next/Core and Builtins/2017-09-20-18-28-09.bpo-31530.CdLOM7.rst +new file mode 100644 +index 0000000000..a6cb6c9e9b +--- /dev/null ++++ b/Misc/NEWS.d/next/Core and Builtins/2017-09-20-18-28-09.bpo-31530.CdLOM7.rst +@@ -0,0 +1,4 @@ ++Fixed crashes when iterating over a file on multiple threads. ++seek() and next() methods of file objects now raise an exception during ++concurrent operation on the same file object. ++A lock can be used to prevent the error. +diff --git a/Objects/fileobject.c b/Objects/fileobject.c +index 7e07a5376f..2f63c374d1 100644 +--- a/Objects/fileobject.c ++++ b/Objects/fileobject.c +@@ -430,7 +430,7 @@ close_the_file(PyFileObject *f) + if (f->ob_refcnt > 0) { + PyErr_SetString(PyExc_IOError, + "close() called during concurrent " +- "operation on the same file object."); ++ "operation on the same file object"); + } else { + /* This should not happen unless someone is + * carelessly playing with the PyFileObject +@@ -438,7 +438,7 @@ close_the_file(PyFileObject *f) + * pointer. */ + PyErr_SetString(PyExc_SystemError, + "PyFileObject locking error in " +- "destructor (refcnt <= 0 at close)."); ++ "destructor (refcnt <= 0 at close)"); + } + return NULL; + } +@@ -762,6 +762,12 @@ file_seek(PyFileObject *f, PyObject *args) + + if (f->f_fp == NULL) + return err_closed(); ++ if (f->unlocked_count > 0) { ++ PyErr_SetString(PyExc_IOError, ++ "seek() called during concurrent " ++ "operation on the same file object"); ++ return NULL; ++ } + drop_readahead(f); + whence = 0; + if (!PyArg_ParseTuple(args, "O|i:seek", &offobj, &whence)) +@@ -2238,6 +2244,7 @@ readahead(PyFileObject *f, Py_ssize_t bufsize) + { + Py_ssize_t chunksize; + ++ assert(f->unlocked_count == 0); + if (f->f_buf != NULL) { + if( (f->f_bufend - f->f_bufptr) >= 1) + return 0; +@@ -2279,6 +2286,12 @@ readahead_get_line_skip(PyFileObject *f, Py_ssize_t skip, Py_ssize_t bufsize) + char *buf; + Py_ssize_t len; + ++ if (f->unlocked_count > 0) { ++ PyErr_SetString(PyExc_IOError, ++ "next() called during concurrent " ++ "operation on the same file object"); ++ return NULL; ++ } + if (f->f_buf == NULL) + if (readahead(f, bufsize) < 0) + return NULL; +@@ -2692,7 +2705,7 @@ int PyObject_AsFileDescriptor(PyObject *o) + } + else { + PyErr_SetString(PyExc_TypeError, +- "argument must be an int, or have a fileno() method."); ++ "argument must be an int, or have a fileno() method"); + return -1; + } + +-- +2.13.3 + |
