Issue 30502: Fix buffer handling of OBJ_obj2txt (original) (raw)

Created on 2017-05-29 07:19 by christian.heimes, last changed 2022-04-11 14:58 by admin. This issue is now closed.

Files
File name Uploaded Description Edit
issue30502-simpler.diff serhiy.storchaka,2017-05-29 12:12
Pull Requests
URL Status Linked Edit
PR 1852 closed christian.heimes,2017-05-29 07:20
PR 2909 merged serhiy.storchaka,2017-07-27 08:37
PR 3321 merged christian.heimes,2017-09-04 22:41
PR 3322 merged christian.heimes,2017-09-04 22:50
Messages (7)
msg294679 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2017-05-29 07:19
Frawser Tweedle from Red Hat's identity management team found an issue in PyCA cryptography's handling of buffers for OpenSSL OBJ_obj2txt(). Cryptography fails to handle long OIDs as used by Active Directory. https://github.com/pyca/cryptography/pull/3612/ https://bugzilla.redhat.com/show_bug.cgi?id=1455755 CPython's ssl module doesn't handle buffer allocation for OBJ_obj2txt() correctly, too. A default buffer size of 255+1 makes the bug less likely to occur, though. We should fix the problem anyway.
msg294684 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2017-05-29 09:04
Can the common code of _create_tuple_for_attribute() and asn1obj2py() be shared?
msg294687 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2017-05-29 09:46
IMO it doesn't make sense to share a couple of lines of code. It makes the code even harder to read.
msg294690 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2017-05-29 12:12
Your PR LGTM. But I think the code can be much simpler. Here is a patch that shares common code and applies other simplifications to surrounded code. PR 1852 increases the total number of lines by 37 lines, -simpler.diff -- only by 3 lines. PR 1852: 1 file changed, 49 insertions(+), 12 deletions(-) -simpler.diff: 1 file changed, 46 insertions(+), 43 deletions(-)
msg301276 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2017-09-04 22:28
New changeset e503ca52889bf66ac502702569e726caa7970299 by Christian Heimes (Serhiy Storchaka) in branch 'master': bpo-30502: Fix handling of long oids in ssl. (#2909) https://github.com/python/cpython/commit/e503ca52889bf66ac502702569e726caa7970299
msg301337 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2017-09-05 17:13
New changeset f201e886fc7aaeb50f5e945578c6aec2a59a5323 by Christian Heimes in branch '3.6': [3.6] bpo-30502: Fix handling of long oids in ssl. (GH-2909) (#3321) https://github.com/python/cpython/commit/f201e886fc7aaeb50f5e945578c6aec2a59a5323
msg301338 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2017-09-05 17:13
New changeset c9d668c0d8a6f3e8e72345e53d1dd34be172f16e by Christian Heimes in branch '2.7': [2.7] bpo-30502: Fix handling of long oids in ssl. (GH-2909). (#3322) https://github.com/python/cpython/commit/c9d668c0d8a6f3e8e72345e53d1dd34be172f16e
History
Date User Action Args
2022-04-11 14:58:47 admin set github: 74687
2017-09-05 22:38:14 christian.heimes set status: open -> closedstage: resolvedresolution: fixedversions: - Python 3.5
2017-09-05 17:13:09 christian.heimes set messages: +
2017-09-05 17:13:06 christian.heimes set messages: +
2017-09-04 22:50:01 christian.heimes set pull_requests: + <pull%5Frequest3347>
2017-09-04 22:41:48 christian.heimes set pull_requests: + <pull%5Frequest3346>
2017-09-04 22:28:55 christian.heimes set messages: +
2017-07-27 08:37:23 serhiy.storchaka set pull_requests: + <pull%5Frequest2960>
2017-05-29 12:12:08 serhiy.storchaka set files: + issue30502-simpler.diffkeywords: + patchmessages: +
2017-05-29 09:46:54 christian.heimes set messages: +
2017-05-29 09:04:59 serhiy.storchaka set nosy: + serhiy.storchakamessages: +
2017-05-29 07:20:47 christian.heimes set pull_requests: + <pull%5Frequest1935>
2017-05-29 07:19:13 christian.heimes create