| Message ID | 20221027202728.397273-1-joe.slater@windriver.com |
|---|---|
| State | New |
| Headers | show |
| Series | [1/1] python: fix CVE-2022-37454 | expand |
On Thu, Oct 27, 2022 at 1:27 PM Joe Slater <joe.slater@windriver.com> wrote: > Import a patch from github.com/cpython/cpython.git Reference: https://github.com/python/cpython/issues/98517 I'd (MUCH) rather see us upgrade 'master' to 3.11 with Alex's patch, for many other reasons (including toml). https://lore.kernel.org/openembedded-core/20221027201611.3644334-23-alex@linutronix.de/T/#u Per https://github.com/python/cpython/issues/98517 "CVE-2022-37454 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454> affects Python versions prior to 3.11. The fix discussed in XKCP's advisory <https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658> can be adapted to these versions. The discoverer's writeup <https://mouha.be/sha-3-buffer-overflow/> contains code that might be turned into regression tests. Python 3.11 and later switched to using tiny_sha3 in GH-32060 <https://github.com/python/cpython/pull/32060>, so they should not be affected." For kirkstone and langdale, we should upgrade to an appropriate dot release which includes the fix, although this would apply for 3.10. https://github.com/python/cpython/pull/98519 For 'dunfell' we may need to wait for https://github.com/python/cpython/pull/98527 > > > Signed-off-by: Joe Slater <joe.slater@windriver.com> > --- > .../python/python3/cve-2022-37454.patch | 108 ++++++++++++++++++ > .../recipes-devtools/python/python3_3.10.6.bb | 1 + > 2 files changed, 109 insertions(+) > create mode 100644 > meta/recipes-devtools/python/python3/cve-2022-37454.patch > > diff --git a/meta/recipes-devtools/python/python3/cve-2022-37454.patch > b/meta/recipes-devtools/python/python3/cve-2022-37454.patch > new file mode 100644 > index 0000000000..c019151a64 > --- /dev/null > +++ b/meta/recipes-devtools/python/python3/cve-2022-37454.patch > @@ -0,0 +1,108 @@ > +From 1f66b714c5f2fef80ec5389456ac31756dbfff0e Mon Sep 17 00:00:00 2001 > +From: Theo Buehler <botovq@users.noreply.github.com> > +Date: Fri, 21 Oct 2022 21:26:01 +0200 > +Subject: [PATCH] gh-98517: Fix buffer overflows in _sha3 module (#98519) > + > +This is a port of the applicable part of XKCP's fix [1] for > +CVE-2022-37454 and avoids the segmentation fault and the infinite > +loop in the test cases published in [2]. > + > +[1]: > https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a > +[2]: https://mouha.be/sha-3-buffer-overflow/ > + > +Regression test added by: Gregory P. Smith [Google LLC] <greg@krypto.org> > +--- > + > +Patch applied without modification. > + > +CVE: CVE-2022-37454 > + > +Upstream-Status: Backport [github.com/cpython/cpython.git 0e4e058602d...] > + > +Signed-off-by: Joe Slater <joe.slater@windriver.com> > +--- > + Lib/test/test_hashlib.py | 9 +++++++++ > + .../2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst | 1 + > + Modules/_sha3/kcp/KeccakSponge.inc | 15 ++++++++------- > + 3 files changed, 18 insertions(+), 7 deletions(-) > + create mode 100644 > Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst > + > +diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py > +index ea31f8b..65330e1 100644 > +--- a/Lib/test/test_hashlib.py > ++++ b/Lib/test/test_hashlib.py > +@@ -491,6 +491,15 @@ class HashLibTestCase(unittest.TestCase): > + def test_case_md5_uintmax(self, size): > + self.check('md5', b'A'*size, '28138d306ff1b8281f1a9067e1a1a2b3') > + > ++ @unittest.skipIf(sys.maxsize < _4G - 1, 'test cannot run on 32-bit > systems') > ++ @bigmemtest(size=_4G - 1, memuse=1, dry_run=False) > ++ def test_sha3_update_overflow(self, size): > ++ """Regression test for gh-98517 CVE-2022-37454.""" > ++ h = hashlib.sha3_224() > ++ h.update(b'\x01') > ++ h.update(b'\x01'*0xffff_ffff) > ++ self.assertEqual(h.hexdigest(), > '80762e8ce6700f114fec0f621fd97c4b9c00147fa052215294cceeed') > ++ > + # use the three examples from Federal Information Processing > Standards > + # Publication 180-1, Secure Hash Standard, 1995 April 17 > + # http://www.itl.nist.gov/div897/pubs/fip180-1.htm > +diff --git > a/Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst > b/Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst > +new file mode 100644 > +index 0000000..2d23a6a > +--- /dev/null > ++++ > b/Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst > +@@ -0,0 +1 @@ > ++Port XKCP's fix for the buffer overflows in SHA-3 (CVE-2022-37454). > +diff --git a/Modules/_sha3/kcp/KeccakSponge.inc > b/Modules/_sha3/kcp/KeccakSponge.inc > +index e10739d..cf92e4d 100644 > +--- a/Modules/_sha3/kcp/KeccakSponge.inc > ++++ b/Modules/_sha3/kcp/KeccakSponge.inc > +@@ -171,7 +171,7 @@ int SpongeAbsorb(SpongeInstance *instance, const > unsigned char *data, size_t dat > + i = 0; > + curData = data; > + while(i < dataByteLen) { > +- if ((instance->byteIOIndex == 0) && (dataByteLen >= (i + > rateInBytes))) { > ++ if ((instance->byteIOIndex == 0) && (dataByteLen-i >= > rateInBytes)) { > + #ifdef SnP_FastLoop_Absorb > + /* processing full blocks first */ > + > +@@ -199,10 +199,10 @@ int SpongeAbsorb(SpongeInstance *instance, const > unsigned char *data, size_t dat > + } > + else { > + /* normal lane: using the message queue */ > +- > +- partialBlock = (unsigned int)(dataByteLen - i); > +- if (partialBlock+instance->byteIOIndex > rateInBytes) > ++ if (dataByteLen-i > rateInBytes-instance->byteIOIndex) > + partialBlock = rateInBytes-instance->byteIOIndex; > ++ else > ++ partialBlock = (unsigned int)(dataByteLen - i); > + #ifdef KeccakReference > + displayBytes(1, "Block to be absorbed (part)", curData, > partialBlock); > + #endif > +@@ -281,7 +281,7 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned > char *data, size_t dataByte > + i = 0; > + curData = data; > + while(i < dataByteLen) { > +- if ((instance->byteIOIndex == rateInBytes) && (dataByteLen >= (i > + rateInBytes))) { > ++ if ((instance->byteIOIndex == rateInBytes) && (dataByteLen-i >= > rateInBytes)) { > + for(j=dataByteLen-i; j>=rateInBytes; j-=rateInBytes) { > + SnP_Permute(instance->state); > + SnP_ExtractBytes(instance->state, curData, 0, > rateInBytes); > +@@ -299,9 +299,10 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned > char *data, size_t dataByte > + SnP_Permute(instance->state); > + instance->byteIOIndex = 0; > + } > +- partialBlock = (unsigned int)(dataByteLen - i); > +- if (partialBlock+instance->byteIOIndex > rateInBytes) > ++ if (dataByteLen-i > rateInBytes-instance->byteIOIndex) > + partialBlock = rateInBytes-instance->byteIOIndex; > ++ else > ++ partialBlock = (unsigned int)(dataByteLen - i); > + i += partialBlock; > + > + SnP_ExtractBytes(instance->state, curData, > instance->byteIOIndex, partialBlock); > +-- > +2.32.0 > + > diff --git a/meta/recipes-devtools/python/python3_3.10.6.bb > b/meta/recipes-devtools/python/python3_3.10.6.bb > index 1f8b60a7a5..116d9ea670 100644 > --- a/meta/recipes-devtools/python/python3_3.10.6.bb > +++ b/meta/recipes-devtools/python/python3_3.10.6.bb > @@ -36,6 +36,7 @@ SRC_URI = " > http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ > file://deterministic_imports.patch \ > file://0001-Avoid-shebang-overflow-on-python-config.py.patch \ > file://0001-Mitigate-the-race-condition-in-testSockName.patch \ > + file://cve-2022-37454.patch \ > " > > SRC_URI:append:class-native = " \ > -- > 2.25.1 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#172228): > https://lists.openembedded.org/g/openembedded-core/message/172228 > Mute This Topic: https://lists.openembedded.org/mt/94613155/924729 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > ticotimo@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
diff --git a/meta/recipes-devtools/python/python3/cve-2022-37454.patch b/meta/recipes-devtools/python/python3/cve-2022-37454.patch new file mode 100644 index 0000000000..c019151a64 --- /dev/null +++ b/meta/recipes-devtools/python/python3/cve-2022-37454.patch @@ -0,0 +1,108 @@ +From 1f66b714c5f2fef80ec5389456ac31756dbfff0e Mon Sep 17 00:00:00 2001 +From: Theo Buehler <botovq@users.noreply.github.com> +Date: Fri, 21 Oct 2022 21:26:01 +0200 +Subject: [PATCH] gh-98517: Fix buffer overflows in _sha3 module (#98519) + +This is a port of the applicable part of XKCP's fix [1] for +CVE-2022-37454 and avoids the segmentation fault and the infinite +loop in the test cases published in [2]. + +[1]: https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a +[2]: https://mouha.be/sha-3-buffer-overflow/ + +Regression test added by: Gregory P. Smith [Google LLC] <greg@krypto.org> +--- + +Patch applied without modification. + +CVE: CVE-2022-37454 + +Upstream-Status: Backport [github.com/cpython/cpython.git 0e4e058602d...] + +Signed-off-by: Joe Slater <joe.slater@windriver.com> +--- + Lib/test/test_hashlib.py | 9 +++++++++ + .../2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst | 1 + + Modules/_sha3/kcp/KeccakSponge.inc | 15 ++++++++------- + 3 files changed, 18 insertions(+), 7 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst + +diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py +index ea31f8b..65330e1 100644 +--- a/Lib/test/test_hashlib.py ++++ b/Lib/test/test_hashlib.py +@@ -491,6 +491,15 @@ class HashLibTestCase(unittest.TestCase): + def test_case_md5_uintmax(self, size): + self.check('md5', b'A'*size, '28138d306ff1b8281f1a9067e1a1a2b3') + ++ @unittest.skipIf(sys.maxsize < _4G - 1, 'test cannot run on 32-bit systems') ++ @bigmemtest(size=_4G - 1, memuse=1, dry_run=False) ++ def test_sha3_update_overflow(self, size): ++ """Regression test for gh-98517 CVE-2022-37454.""" ++ h = hashlib.sha3_224() ++ h.update(b'\x01') ++ h.update(b'\x01'*0xffff_ffff) ++ self.assertEqual(h.hexdigest(), '80762e8ce6700f114fec0f621fd97c4b9c00147fa052215294cceeed') ++ + # use the three examples from Federal Information Processing Standards + # Publication 180-1, Secure Hash Standard, 1995 April 17 + # http://www.itl.nist.gov/div897/pubs/fip180-1.htm +diff --git a/Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst b/Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst +new file mode 100644 +index 0000000..2d23a6a +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2022-10-21-13-31-47.gh-issue-98517.SXXGfV.rst +@@ -0,0 +1 @@ ++Port XKCP's fix for the buffer overflows in SHA-3 (CVE-2022-37454). +diff --git a/Modules/_sha3/kcp/KeccakSponge.inc b/Modules/_sha3/kcp/KeccakSponge.inc +index e10739d..cf92e4d 100644 +--- a/Modules/_sha3/kcp/KeccakSponge.inc ++++ b/Modules/_sha3/kcp/KeccakSponge.inc +@@ -171,7 +171,7 @@ int SpongeAbsorb(SpongeInstance *instance, const unsigned char *data, size_t dat + i = 0; + curData = data; + while(i < dataByteLen) { +- if ((instance->byteIOIndex == 0) && (dataByteLen >= (i + rateInBytes))) { ++ if ((instance->byteIOIndex == 0) && (dataByteLen-i >= rateInBytes)) { + #ifdef SnP_FastLoop_Absorb + /* processing full blocks first */ + +@@ -199,10 +199,10 @@ int SpongeAbsorb(SpongeInstance *instance, const unsigned char *data, size_t dat + } + else { + /* normal lane: using the message queue */ +- +- partialBlock = (unsigned int)(dataByteLen - i); +- if (partialBlock+instance->byteIOIndex > rateInBytes) ++ if (dataByteLen-i > rateInBytes-instance->byteIOIndex) + partialBlock = rateInBytes-instance->byteIOIndex; ++ else ++ partialBlock = (unsigned int)(dataByteLen - i); + #ifdef KeccakReference + displayBytes(1, "Block to be absorbed (part)", curData, partialBlock); + #endif +@@ -281,7 +281,7 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned char *data, size_t dataByte + i = 0; + curData = data; + while(i < dataByteLen) { +- if ((instance->byteIOIndex == rateInBytes) && (dataByteLen >= (i + rateInBytes))) { ++ if ((instance->byteIOIndex == rateInBytes) && (dataByteLen-i >= rateInBytes)) { + for(j=dataByteLen-i; j>=rateInBytes; j-=rateInBytes) { + SnP_Permute(instance->state); + SnP_ExtractBytes(instance->state, curData, 0, rateInBytes); +@@ -299,9 +299,10 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned char *data, size_t dataByte + SnP_Permute(instance->state); + instance->byteIOIndex = 0; + } +- partialBlock = (unsigned int)(dataByteLen - i); +- if (partialBlock+instance->byteIOIndex > rateInBytes) ++ if (dataByteLen-i > rateInBytes-instance->byteIOIndex) + partialBlock = rateInBytes-instance->byteIOIndex; ++ else ++ partialBlock = (unsigned int)(dataByteLen - i); + i += partialBlock; + + SnP_ExtractBytes(instance->state, curData, instance->byteIOIndex, partialBlock); +-- +2.32.0 + diff --git a/meta/recipes-devtools/python/python3_3.10.6.bb b/meta/recipes-devtools/python/python3_3.10.6.bb index 1f8b60a7a5..116d9ea670 100644 --- a/meta/recipes-devtools/python/python3_3.10.6.bb +++ b/meta/recipes-devtools/python/python3_3.10.6.bb @@ -36,6 +36,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://deterministic_imports.patch \ file://0001-Avoid-shebang-overflow-on-python-config.py.patch \ file://0001-Mitigate-the-race-condition-in-testSockName.patch \ + file://cve-2022-37454.patch \ " SRC_URI:append:class-native = " \
Import a patch from github.com/cpython/cpython.git Signed-off-by: Joe Slater <joe.slater@windriver.com> --- .../python/python3/cve-2022-37454.patch | 108 ++++++++++++++++++ .../recipes-devtools/python/python3_3.10.6.bb | 1 + 2 files changed, 109 insertions(+) create mode 100644 meta/recipes-devtools/python/python3/cve-2022-37454.patch