[3.4] bpo-34623: Use XML_SetHashSalt in _elementtree (#9953) · python/cpython@d16eaf3 (original) (raw)
File tree
4 files changed
lines changed
- Misc/NEWS.d/next/Security
4 files changed
lines changed
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -3,7 +3,7 @@ | ||
| 3 | 3 | |
| 4 | 4 | /* note: you must import expat.h before importing this module! */ |
| 5 | 5 | |
| 6 | -#define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.0" | |
| 6 | +#define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.1" | |
| 7 | 7 | #define PyExpat_CAPSULE_NAME "pyexpat.expat_CAPI" |
| 8 | 8 | |
| 9 | 9 | struct PyExpat_CAPI |
| @@ -48,6 +48,8 @@ struct PyExpat_CAPI | ||
| 48 | 48 | enum XML_Status (*SetEncoding)(XML_Parser parser, const XML_Char *encoding); |
| 49 | 49 | int (*DefaultUnknownEncodingHandler)( |
| 50 | 50 | void *encodingHandlerData, const XML_Char *name, XML_Encoding *info); |
| 51 | +/* might be none for expat < 2.1.0 */ | |
| 52 | +int (*SetHashSalt)(XML_Parser parser, unsigned long hash_salt); | |
| 51 | 53 | /* always add new stuff to the end! */ |
| 52 | 54 | }; |
| 53 | 55 |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| 1 | +CVE-2018-14647: The C accelerated _elementtree module now initializes hash | |
| 2 | +randomization salt from _Py_HashSecret instead of libexpat's default CSPRNG. |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -3259,6 +3259,11 @@ xmlparser_init(PyObject *self, PyObject *args, PyObject *kwds) | ||
| 3259 | 3259 | PyErr_NoMemory(); |
| 3260 | 3260 | return -1; |
| 3261 | 3261 | } |
| 3262 | +/* expat < 2.1.0 has no XML_SetHashSalt() */ | |
| 3263 | +if (EXPAT(SetHashSalt) != NULL) { | |
| 3264 | +EXPAT(SetHashSalt)(self_xp->parser, | |
| 3265 | + (unsigned long)_Py_HashSecret.expat.hashsalt); | |
| 3266 | + } | |
| 3262 | 3267 | |
| 3263 | 3268 | if (target) { |
| 3264 | 3269 | Py_INCREF(target); |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1857,6 +1857,11 @@ MODULE_INITFUNC(void) | ||
| 1857 | 1857 | capi.SetStartDoctypeDeclHandler = XML_SetStartDoctypeDeclHandler; |
| 1858 | 1858 | capi.SetEncoding = XML_SetEncoding; |
| 1859 | 1859 | capi.DefaultUnknownEncodingHandler = PyUnknownEncodingHandler; |
| 1860 | +#if XML_COMBINED_VERSION >= 20100 | |
| 1861 | +capi.SetHashSalt = XML_SetHashSalt; | |
| 1862 | +#else | |
| 1863 | +capi.SetHashSalt = NULL; | |
| 1864 | +#endif | |
| 1860 | 1865 | |
| 1861 | 1866 | /* export using capsule */ |
| 1862 | 1867 | capi_object = PyCapsule_New(&capi, PyExpat_CAPSULE_NAME, NULL); |