From 07c4ce0cab7532638234d259e8c7236eb6f302ce Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Jul 24 2012 09:50:15 +0000 Subject: fix memory leak in module _hashlib (patch 158, rhbz#836285) --- diff --git a/00146-hashlib-fips.patch b/00146-hashlib-fips.patch index 2f42857..8616296 100644 --- a/00146-hashlib-fips.patch +++ b/00146-hashlib-fips.patch @@ -513,7 +513,7 @@ diff -up Python-2.7.2/Modules/_hashopenssl.c.hashlib-fips Python-2.7.2/Modules/_ return NULL; } -@@ -484,55 +556,116 @@ EVP_new(PyObject *self, PyObject *args, +@@ -484,55 +556,118 @@ EVP_new(PyObject *self, PyObject *args, digest = EVP_get_digestbyname(name); ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf, @@ -601,6 +601,8 @@ diff -up Python-2.7.2/Modules/_hashopenssl.c.hashlib-fips Python-2.7.2/Modules/_ + } + } + ++ PyBuffer_Release(&view); ++ + return ret_obj; +} + @@ -658,7 +660,7 @@ diff -up Python-2.7.2/Modules/_hashopenssl.c.hashlib-fips Python-2.7.2/Modules/_ GEN_CONSTRUCTOR(md5) GEN_CONSTRUCTOR(sha1) #ifdef _OPENSSL_SUPPORTS_SHA2 -@@ -565,13 +698,10 @@ init_hashlib(void) +@@ -565,13 +700,10 @@ init_hashlib(void) { PyObject *m; diff --git a/00158-fix-hashlib-leak.patch b/00158-fix-hashlib-leak.patch new file mode 100644 index 0000000..e8fcf1c --- /dev/null +++ b/00158-fix-hashlib-leak.patch @@ -0,0 +1,29 @@ +diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py +--- a/Lib/test/test_hashlib.py ++++ b/Lib/test/test_hashlib.py +@@ -108,12 +108,8 @@ class HashLibTestCase(unittest.TestCase) + _algo.islower()])) + + def test_unknown_hash(self): +- try: +- hashlib.new('spam spam spam spam spam') +- except ValueError: +- pass +- else: +- self.assertTrue(0 == "hashlib didn't reject bogus hash name") ++ self.assertRaises(ValueError, hashlib.new, 'spam spam spam spam spam') ++ self.assertRaises(TypeError, hashlib.new, 1) + + def test_get_builtin_constructor(self): + get_builtin_constructor = hashlib.__dict__[ +diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c +--- a/Modules/_hashopenssl.c ++++ b/Modules/_hashopenssl.c +@@ -477,6 +477,7 @@ EVP_new(PyObject *self, PyObject *args, + } + + if (!PyArg_Parse(name_obj, "s", &name)) { ++ PyBuffer_Release(&view); + PyErr_SetString(PyExc_TypeError, "name must be a string"); + return NULL; + } diff --git a/python.spec b/python.spec index b6fc2bc..b9c467f 100644 --- a/python.spec +++ b/python.spec @@ -110,7 +110,7 @@ Name: %{python} Version: 2.7.3 # For Fedora 17 maintenance, keep the "Release" of the form 7.n so that # it is < that of Fedora 18: -Release: 7.1%{?dist} +Release: 7.2%{?dist} License: Python Group: Development/Languages Requires: %{python}-libs%{?_isa} = %{version}-%{release} @@ -670,6 +670,15 @@ Patch155: 00155-avoid-ctypes-thunks.patch # Not yet sent upstream Patch156: 00156-gdb-autoload-safepath.patch +# 00158 +# This patch fixes a memory leak in _hashlib module, as reported in +# RHBZ #836285; upstream report http://bugs.python.org/issue15219. +# The patch has been accepted upstream, so this should be commented out +# when packaging next upstream release. +# The fix for Fedora specific "implement_specific_EVP_new()" function +# has been merged into patch 00146. +Patch158: 00158-fix-hashlib-leak.patch + # (New patches go here ^^^) # # When adding new patches to "python" and "python3" in Fedora 17 onwards, @@ -991,6 +1000,7 @@ done # 00154: not for python 2 %patch155 -p1 %patch156 -p1 +%patch158 -p1 # This shouldn't be necesarry, but is right now (2.2a3) @@ -1821,6 +1831,9 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Tue Jul 17 2012 Bohuslav Kabrda - 2.7.3-7.2 +- fix memory leak in module _hashlib (patch 158, rhbz#836285) + * Fri Jun 22 2012 David Malcolm - 2.7.3-7.1 - use rpm macro for power64 (rhbz#834653)