[python/f17] fix memory leak in module _hashlib (patch 158, rhbz#836285)

Bohuslav Kabrda bkabrda at fedoraproject.org
Tue Jul 24 09:51:01 UTC 2012 

commit 07c4ce0cab7532638234d259e8c7236eb6f302ce
Author: Bohuslav Kabrda <bkabrda at redhat.com>
Date:   Tue Jul 24 08:51:00 2012 +0200

    fix memory leak in module _hashlib (patch 158, rhbz#836285)

 00146-hashlib-fips.patch     |    6 ++++--
 00158-fix-hashlib-leak.patch |   29 +++++++++++++++++++++++++++++
 python.spec                  |   15 ++++++++++++++-
 3 files changed, 47 insertions(+), 3 deletions(-)
---
diff --git a/00146-hashlib-fips.patch b/00146-hashlib-fips.patch
index 2f42857..8616296 100644
--- a/00146-hashlib-fips.patch
+++ b/00146-hashlib-fips.patch
@@ -513,7 +513,7 @@ diff -up Python-2.7.2/Modules/_hashopenssl.c.hashlib-fips Python-2.7.2/Modules/_
          return NULL;
      }
  
-@@ -484,55 +556,116 @@ EVP_new(PyObject *self, PyObject *args,
+@@ -484,55 +556,118 @@ EVP_new(PyObject *self, PyObject *args,
      digest = EVP_get_digestbyname(name);
  
      ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf,
@@ -601,6 +601,8 @@ diff -up Python-2.7.2/Modules/_hashopenssl.c.hashlib-fips Python-2.7.2/Modules/_
 +        }
 +    }
 +
++    PyBuffer_Release(&view);
++
 +    return ret_obj;
 +}
 +
@@ -658,7 +660,7 @@ diff -up Python-2.7.2/Modules/_hashopenssl.c.hashlib-fips Python-2.7.2/Modules/_
  GEN_CONSTRUCTOR(md5)
  GEN_CONSTRUCTOR(sha1)
  #ifdef _OPENSSL_SUPPORTS_SHA2
-@@ -565,13 +698,10 @@ init_hashlib(void)
+@@ -565,13 +700,10 @@ init_hashlib(void)
  {
      PyObject *m;
  
diff --git a/00158-fix-hashlib-leak.patch b/00158-fix-hashlib-leak.patch
new file mode 100644
index 0000000..e8fcf1c
--- /dev/null
+++ b/00158-fix-hashlib-leak.patch
@@ -0,0 +1,29 @@
+diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py
+--- a/Lib/test/test_hashlib.py
++++ b/Lib/test/test_hashlib.py
+@@ -108,12 +108,8 @@ class HashLibTestCase(unittest.TestCase)
+                                                 _algo.islower()]))
+ 
+     def test_unknown_hash(self):
+-        try:
+-            hashlib.new('spam spam spam spam spam')
+-        except ValueError:
+-            pass
+-        else:
+-            self.assertTrue(0 == "hashlib didn't reject bogus hash name")
++        self.assertRaises(ValueError, hashlib.new, 'spam spam spam spam spam')
++        self.assertRaises(TypeError, hashlib.new, 1)
+ 
+     def test_get_builtin_constructor(self):
+         get_builtin_constructor = hashlib.__dict__[
+diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c
+--- a/Modules/_hashopenssl.c
++++ b/Modules/_hashopenssl.c
+@@ -477,6 +477,7 @@ EVP_new(PyObject *self, PyObject *args, 
+     }
+ 
+     if (!PyArg_Parse(name_obj, "s", &name)) {
++        PyBuffer_Release(&view);
+         PyErr_SetString(PyExc_TypeError, "name must be a string");
+         return NULL;
+     }
diff --git a/python.spec b/python.spec
index b6fc2bc..b9c467f 100644
--- a/python.spec
+++ b/python.spec
@@ -110,7 +110,7 @@ Name: %{python}
 Version: 2.7.3
 # For Fedora 17 maintenance, keep the "Release" of the form 7.n so that
 # it is < that of Fedora 18:
-Release: 7.1%{?dist}
+Release: 7.2%{?dist}
 License: Python
 Group: Development/Languages
 Requires: %{python}-libs%{?_isa} = %{version}-%{release}
@@ -670,6 +670,15 @@ Patch155: 00155-avoid-ctypes-thunks.patch
 # Not yet sent upstream
 Patch156: 00156-gdb-autoload-safepath.patch
 
+# 00158
+# This patch fixes a memory leak in _hashlib module, as reported in
+# RHBZ #836285; upstream report http://bugs.python.org/issue15219.
+# The patch has been accepted upstream, so this should be commented out
+# when packaging next upstream release.
+# The fix for Fedora specific "implement_specific_EVP_new()" function
+# has been merged into patch 00146.
+Patch158: 00158-fix-hashlib-leak.patch
+
 # (New patches go here ^^^)
 #
 # When adding new patches to "python" and "python3" in Fedora 17 onwards,
@@ -991,6 +1000,7 @@ done
 # 00154: not for python 2
 %patch155 -p1
 %patch156 -p1
+%patch158 -p1
 
 
 # This shouldn't be necesarry, but is right now (2.2a3)
@@ -1821,6 +1831,9 @@ rm -fr %{buildroot}
 # ======================================================
 
 %changelog
+* Tue Jul 17 2012 Bohuslav Kabrda <bkabrda at redhat.com> - 2.7.3-7.2
+- fix memory leak in module _hashlib (patch 158, rhbz#836285)
+
 * Fri Jun 22 2012 David Malcolm <dmalcolm at redhat.com> - 2.7.3-7.1
 - use rpm macro for power64 (rhbz#834653)

More information about the scm-commits mailing list