Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
python-cryptography.18404
CVE-2020-36242-buffer-overflow.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2020-36242-buffer-overflow.patch of Package python-cryptography.18404
From 3fe555d8e4fb52f21fc297dea88a03d52f319306 Mon Sep 17 00:00:00 2001 From: Paul Kehrer <paul.l.kehrer@gmail.com> Date: Sun, 19 Jul 2020 00:00:18 -0500 Subject: [PATCH 1/3] chunked update_into --- .../hazmat/backends/openssl/ciphers.py | 39 ++++++++++++------- tests/hazmat/primitives/test_ciphers.py | 17 ++++++++ 2 files changed, 43 insertions(+), 13 deletions(-) Index: cryptography-2.1.4/src/cryptography/hazmat/backends/openssl/ciphers.py =================================================================== --- cryptography-2.1.4.orig/src/cryptography/hazmat/backends/openssl/ciphers.py +++ cryptography-2.1.4/src/cryptography/hazmat/backends/openssl/ciphers.py @@ -17,6 +17,7 @@ from cryptography.hazmat.primitives.ciph class _CipherContext(object): _ENCRYPT = 1 _DECRYPT = 0 + _MAX_CHUNK_SIZE = 2 ** 30 - 1 def __init__(self, backend, cipher, mode, operation): self._backend = backend @@ -121,20 +122,32 @@ class _CipherContext(object): return bytes(buf[:n]) def update_into(self, data, buf): - if len(buf) < (len(data) + self._block_size_bytes - 1): + total_data_len = len(data) + if len(buf) < (total_data_len + self._block_size_bytes - 1): raise ValueError( "buffer must be at least {0} bytes for this " "payload".format(len(data) + self._block_size_bytes - 1) ) - buf = self._backend._ffi.cast( - "unsigned char *", self._backend._ffi.from_buffer(buf) - ) + data_processed = 0 + total_out = 0 outlen = self._backend._ffi.new("int *") - res = self._backend._lib.EVP_CipherUpdate(self._ctx, buf, outlen, - data, len(data)) - self._backend.openssl_assert(res != 0) - return outlen[0] + baseoutbuf = self._backend._ffi.from_buffer(buf) + baseinbuf = self._backend._ffi.from_buffer(data) + + while data_processed != total_data_len: + outbuf = baseoutbuf + total_out + inbuf = baseinbuf + data_processed + inlen = min(self._MAX_CHUNK_SIZE, total_data_len - data_processed) + + res = self._backend._lib.EVP_CipherUpdate( + self._ctx, outbuf, outlen, inbuf, inlen + ) + self._backend.openssl_assert(res != 0) + data_processed += inlen + total_out += outlen[0] + + return total_out def finalize(self): # OpenSSL 1.0.1 on Ubuntu 12.04 (and possibly other distributions) Index: cryptography-2.1.4/tests/hazmat/primitives/test_ciphers.py =================================================================== --- cryptography-2.1.4.orig/tests/hazmat/primitives/test_ciphers.py +++ cryptography-2.1.4/tests/hazmat/primitives/test_ciphers.py @@ -277,3 +277,20 @@ class TestCipherUpdateInto(object): buf = bytearray(5) with pytest.raises(ValueError): encryptor.update_into(b"testing", buf) + + def test_update_into_auto_chunking(self, backend, monkeypatch): + key = b"\x00" * 16 + c = ciphers.Cipher(AES(key), modes.ECB(), backend) + encryptor = c.encryptor() + # Lower max chunk size so we can test chunking + monkeypatch.setattr(encryptor._ctx, "_MAX_CHUNK_SIZE", 40) + buf = bytearray(527) + pt = b"abcdefghijklmnopqrstuvwxyz012345" * 16 # 512 bytes + processed = encryptor.update_into(pt, buf) + assert processed == 512 + decryptor = c.decryptor() + # Change max chunk size to verify alternate boundaries don't matter + monkeypatch.setattr(decryptor._ctx, "_MAX_CHUNK_SIZE", 73) + decbuf = bytearray(527) + decprocessed = decryptor.update_into(buf[:processed], decbuf) + assert decbuf[:decprocessed] == pt
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor