benjamin.peterson
2008-09-24 22:53:34 UTC
Author: benjamin.peterson
Date: Thu Sep 25 00:53:33 2008
New Revision: 66615
Log:
Merged revisions 66496 via svnmerge from
svn+ssh://pythondev at svn.python.org/python/trunk
........
r66496 | benjamin.peterson | 2008-09-17 20:22:16 -0500 (Wed, 17 Sep 2008) | 1 line
fix possible integer overflows in _hashopenssl #3886
........
Modified:
python/branches/py3k/ (props changed)
python/branches/py3k/Lib/test/test_hashlib.py
python/branches/py3k/Modules/_hashopenssl.c
Modified: python/branches/py3k/Lib/test/test_hashlib.py
==============================================================================
--- python/branches/py3k/Lib/test/test_hashlib.py (original)
+++ python/branches/py3k/Lib/test/test_hashlib.py Thu Sep 25 00:53:33 2008
@@ -9,7 +9,7 @@
import hashlib
import unittest
from test import support
-
+from test.support import _4G, precisionbigmemtest
def hexstr(s):
assert isinstance(s, bytes), repr(s)
@@ -55,7 +55,6 @@
m2.update(aas + bees + cees)
self.assertEqual(m1.digest(), m2.digest())
-
def check(self, name, data, digest):
# test the direct constructors
computed = getattr(hashlib, name)(data).hexdigest()
@@ -76,6 +75,21 @@
b'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',
'd174ab98d277d9f5a5611c2c9f419d9f')
+ @precisionbigmemtest(size=_4G + 5, memuse=1)
+ def test_case_md5_huge(self, size):
+ if size == _4G + 5:
+ try:
+ self.check('md5', 'A'*size, 'c9af2dff37468ce5dfee8f2cfc0a9c6d')
+ except OverflowError:
+ pass # 32-bit arch
+
+ @precisionbigmemtest(size=_4G - 1, memuse=1)
+ def test_case_md5_uintmax(self, size):
+ if size == _4G - 1:
+ try:
+ self.check('md5', 'A'*size, '28138d306ff1b8281f1a9067e1a1a2b3')
+ except OverflowError:
+ pass # 32-bit arch
# use the three examples from Federal Information Processing Standards
# Publication 180-1, Secure Hash Standard, 1995 April 17
Modified: python/branches/py3k/Modules/_hashopenssl.c
==============================================================================
--- python/branches/py3k/Modules/_hashopenssl.c (original)
+++ python/branches/py3k/Modules/_hashopenssl.c Thu Sep 25 00:53:33 2008
@@ -19,6 +19,8 @@
/* EVP is the preferred interface to hashing in OpenSSL */
#include <openssl/evp.h>
+#define MUNCH_SIZE INT_MAX
+
#ifndef HASH_OBJ_CONSTRUCTOR
#define HASH_OBJ_CONSTRUCTOR 0
@@ -182,10 +184,17 @@
return NULL;
MY_GET_BUFFER_VIEW_OR_ERROUT(obj, &view);
-
- EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf,
- Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
-
+ if (view.len > 0 && view.len <= MUNCH_SIZE) {
+ EVP_DigestUpdate(&self->ctx, view.buf, view.len);
+ } else {
+ Py_ssize_t offset = 0, len = view.len;
+ while (len) {
+ unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len;
+ EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf + offset, process);
+ len -= process;
+ offset += process;
+ }
+ }
PyBuffer_Release(&view);
Py_INCREF(Py_None);
@@ -284,11 +293,21 @@
Py_INCREF(self->name);
if (data_obj) {
- EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf,
- Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
+ if (len > 0 && len <= MUNCH_SIZE) {
+ EVP_DigestUpdate(&self->ctx, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t,
+ unsigned int));
+ } else {
+ Py_ssize_t offset = 0, len = view.len;
+ while (len) {
+ unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len;
+ EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf + offset, process);
+ len -= process;
+ offset += process;
+ }
+ }
PyBuffer_Release(&view);
}
-
+
return 0;
}
#endif
@@ -357,7 +376,7 @@
static PyObject *
EVPnew(PyObject *name_obj,
const EVP_MD *digest, const EVP_MD_CTX *initial_ctx,
- const unsigned char *cp, unsigned int len)
+ const unsigned char *cp, Py_ssize_t len)
{
EVPobject *self;
@@ -375,8 +394,20 @@
EVP_DigestInit(&self->ctx, digest);
}
- if (cp && len)
- EVP_DigestUpdate(&self->ctx, cp, len);
+ if (cp && len) {
+ if (len > 0 && len <= MUNCH_SIZE) {
+ EVP_DigestUpdate(&self->ctx, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t,
+ unsigned int));
+ } else {
+ Py_ssize_t offset = 0;
+ while (len) {
+ unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len;
+ EVP_DigestUpdate(&self->ctx, cp + offset, process);
+ len -= process;
+ offset += process;
+ }
+ }
+ }
return (PyObject *)self;
}
@@ -417,8 +448,7 @@
digest = EVP_get_digestbyname(name);
- ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf,
- Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
+ ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf, view.len);
if (data_obj)
PyBuffer_Release(&view);
@@ -452,7 +482,7 @@
NULL, \
CONST_new_ ## NAME ## _ctx_p, \
(unsigned char*)view.buf, \
- Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int)); \
+ view.len); \
\
if (data_obj) \
PyBuffer_Release(&view); \
Date: Thu Sep 25 00:53:33 2008
New Revision: 66615
Log:
Merged revisions 66496 via svnmerge from
svn+ssh://pythondev at svn.python.org/python/trunk
........
r66496 | benjamin.peterson | 2008-09-17 20:22:16 -0500 (Wed, 17 Sep 2008) | 1 line
fix possible integer overflows in _hashopenssl #3886
........
Modified:
python/branches/py3k/ (props changed)
python/branches/py3k/Lib/test/test_hashlib.py
python/branches/py3k/Modules/_hashopenssl.c
Modified: python/branches/py3k/Lib/test/test_hashlib.py
==============================================================================
--- python/branches/py3k/Lib/test/test_hashlib.py (original)
+++ python/branches/py3k/Lib/test/test_hashlib.py Thu Sep 25 00:53:33 2008
@@ -9,7 +9,7 @@
import hashlib
import unittest
from test import support
-
+from test.support import _4G, precisionbigmemtest
def hexstr(s):
assert isinstance(s, bytes), repr(s)
@@ -55,7 +55,6 @@
m2.update(aas + bees + cees)
self.assertEqual(m1.digest(), m2.digest())
-
def check(self, name, data, digest):
# test the direct constructors
computed = getattr(hashlib, name)(data).hexdigest()
@@ -76,6 +75,21 @@
b'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',
'd174ab98d277d9f5a5611c2c9f419d9f')
+ @precisionbigmemtest(size=_4G + 5, memuse=1)
+ def test_case_md5_huge(self, size):
+ if size == _4G + 5:
+ try:
+ self.check('md5', 'A'*size, 'c9af2dff37468ce5dfee8f2cfc0a9c6d')
+ except OverflowError:
+ pass # 32-bit arch
+
+ @precisionbigmemtest(size=_4G - 1, memuse=1)
+ def test_case_md5_uintmax(self, size):
+ if size == _4G - 1:
+ try:
+ self.check('md5', 'A'*size, '28138d306ff1b8281f1a9067e1a1a2b3')
+ except OverflowError:
+ pass # 32-bit arch
# use the three examples from Federal Information Processing Standards
# Publication 180-1, Secure Hash Standard, 1995 April 17
Modified: python/branches/py3k/Modules/_hashopenssl.c
==============================================================================
--- python/branches/py3k/Modules/_hashopenssl.c (original)
+++ python/branches/py3k/Modules/_hashopenssl.c Thu Sep 25 00:53:33 2008
@@ -19,6 +19,8 @@
/* EVP is the preferred interface to hashing in OpenSSL */
#include <openssl/evp.h>
+#define MUNCH_SIZE INT_MAX
+
#ifndef HASH_OBJ_CONSTRUCTOR
#define HASH_OBJ_CONSTRUCTOR 0
@@ -182,10 +184,17 @@
return NULL;
MY_GET_BUFFER_VIEW_OR_ERROUT(obj, &view);
-
- EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf,
- Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
-
+ if (view.len > 0 && view.len <= MUNCH_SIZE) {
+ EVP_DigestUpdate(&self->ctx, view.buf, view.len);
+ } else {
+ Py_ssize_t offset = 0, len = view.len;
+ while (len) {
+ unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len;
+ EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf + offset, process);
+ len -= process;
+ offset += process;
+ }
+ }
PyBuffer_Release(&view);
Py_INCREF(Py_None);
@@ -284,11 +293,21 @@
Py_INCREF(self->name);
if (data_obj) {
- EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf,
- Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
+ if (len > 0 && len <= MUNCH_SIZE) {
+ EVP_DigestUpdate(&self->ctx, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t,
+ unsigned int));
+ } else {
+ Py_ssize_t offset = 0, len = view.len;
+ while (len) {
+ unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len;
+ EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf + offset, process);
+ len -= process;
+ offset += process;
+ }
+ }
PyBuffer_Release(&view);
}
-
+
return 0;
}
#endif
@@ -357,7 +376,7 @@
static PyObject *
EVPnew(PyObject *name_obj,
const EVP_MD *digest, const EVP_MD_CTX *initial_ctx,
- const unsigned char *cp, unsigned int len)
+ const unsigned char *cp, Py_ssize_t len)
{
EVPobject *self;
@@ -375,8 +394,20 @@
EVP_DigestInit(&self->ctx, digest);
}
- if (cp && len)
- EVP_DigestUpdate(&self->ctx, cp, len);
+ if (cp && len) {
+ if (len > 0 && len <= MUNCH_SIZE) {
+ EVP_DigestUpdate(&self->ctx, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t,
+ unsigned int));
+ } else {
+ Py_ssize_t offset = 0;
+ while (len) {
+ unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len;
+ EVP_DigestUpdate(&self->ctx, cp + offset, process);
+ len -= process;
+ offset += process;
+ }
+ }
+ }
return (PyObject *)self;
}
@@ -417,8 +448,7 @@
digest = EVP_get_digestbyname(name);
- ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf,
- Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
+ ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf, view.len);
if (data_obj)
PyBuffer_Release(&view);
@@ -452,7 +482,7 @@
NULL, \
CONST_new_ ## NAME ## _ctx_p, \
(unsigned char*)view.buf, \
- Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int)); \
+ view.len); \
\
if (data_obj) \
PyBuffer_Release(&view); \