[python] fix memory leak in module _hashlib (patch 158, rhbz#836285)

Bohuslav Kabrda bkabrda at fedoraproject.org
Tue Jul 24 07:32:49 UTC 2012 

commit 5fd54b3bd3ca30415289504e359ebb21dfe862c8
Author: Bohuslav Kabrda <bkabrda at redhat.com>
Date:   Tue Jul 24 08:51:00 2012 +0200

    fix memory leak in module _hashlib (patch 158, rhbz#836285)

 00146-hashlib-fips.patch     |    6 ++++--
 00158-fix-hashlib-leak.patch |   29 +++++++++++++++++++++++++++++
 python.spec                  |   15 ++++++++++++++-
 3 files changed, 47 insertions(+), 3 deletions(-)
---
diff --git a/00146-hashlib-fips.patch b/00146-hashlib-fips.patch
index 2f42857..8616296 100644
--- a/00146-hashlib-fips.patch
+++ b/00146-hashlib-fips.patch
@@ -513,7 +513,7 @@ diff -up Python-2.7.2/Modules/_hashopenssl.c.hashlib-fips Python-2.7.2/Modules/_
          return NULL;
      }
  
-@@ -484,55 +556,116 @@ EVP_new(PyObject *self, PyObject *args,
+@@ -484,55 +556,118 @@ EVP_new(PyObject *self, PyObject *args,
      digest = EVP_get_digestbyname(name);
  
      ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf,
@@ -601,6 +601,8 @@ diff -up Python-2.7.2/Modules/_hashopenssl.c.hashlib-fips Python-2.7.2/Modules/_
 +        }
 +    }
 +
++    PyBuffer_Release(&view);
++
 +    return ret_obj;
 +}
 +
@@ -658,7 +660,7 @@ diff -up Python-2.7.2/Modules/_hashopenssl.c.hashlib-fips Python-2.7.2/Modules/_
  GEN_CONSTRUCTOR(md5)
  GEN_CONSTRUCTOR(sha1)
  #ifdef _OPENSSL_SUPPORTS_SHA2
-@@ -565,13 +698,10 @@ init_hashlib(void)
+@@ -565,13 +700,10 @@ init_hashlib(void)
  {
      PyObject *m;
  
diff --git a/00158-fix-hashlib-leak.patch b/00158-fix-hashlib-leak.patch
new file mode 100644
index 0000000..e8fcf1c
--- /dev/null
+++ b/00158-fix-hashlib-leak.patch
@@ -0,0 +1,29 @@
+diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py
+--- a/Lib/test/test_hashlib.py
++++ b/Lib/test/test_hashlib.py
+@@ -108,12 +108,8 @@ class HashLibTestCase(unittest.TestCase)
+                                                 _algo.islower()]))
+ 
+     def test_unknown_hash(self):
+-        try:
+-            hashlib.new('spam spam spam spam spam')
+-        except ValueError:
+-            pass
+-        else:
+-            self.assertTrue(0 == "hashlib didn't reject bogus hash name")
++        self.assertRaises(ValueError, hashlib.new, 'spam spam spam spam spam')
++        self.assertRaises(TypeError, hashlib.new, 1)
+ 
+     def test_get_builtin_constructor(self):
+         get_builtin_constructor = hashlib.__dict__[
+diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c
+--- a/Modules/_hashopenssl.c
++++ b/Modules/_hashopenssl.c
+@@ -477,6 +477,7 @@ EVP_new(PyObject *self, PyObject *args, 
+     }
+ 
+     if (!PyArg_Parse(name_obj, "s", &name)) {
++        PyBuffer_Release(&view);
+         PyErr_SetString(PyExc_TypeError, "name must be a string");
+         return NULL;
+     }
diff --git a/python.spec b/python.spec
index 6a37977..701c1c6 100644
--- a/python.spec
+++ b/python.spec
@@ -108,7 +108,7 @@ Summary: An interpreted, interactive, object-oriented programming language
 Name: %{python}
 # Remember to also rebase python-docs when changing this:
 Version: 2.7.3
-Release: 10%{?dist}
+Release: 11%{?dist}
 License: Python
 Group: Development/Languages
 Requires: %{python}-libs%{?_isa} = %{version}-%{release}
@@ -684,6 +684,15 @@ Patch156: 00156-gdb-autoload-safepath.patch
 # (rhbz#697470)
 Patch157: 00157-uid-gid-overflows.patch
 
+# 00158
+# This patch fixes a memory leak in _hashlib module, as reported in
+# RHBZ #836285; upstream report http://bugs.python.org/issue15219.
+# The patch has been accepted upstream, so this should be commented out
+# when packaging next upstream release.
+# The fix for Fedora specific "implement_specific_EVP_new()" function
+# has been merged into patch 00146.
+Patch158: 00158-fix-hashlib-leak.patch
+
 # (New patches go here ^^^)
 #
 # When adding new patches to "python" and "python3" in Fedora 17 onwards,
@@ -1006,6 +1015,7 @@ done
 %patch155 -p1
 %patch156 -p1
 %patch157 -p1 -b .uid-gid-overflows
+%patch158 -p1
 
 
 # This shouldn't be necesarry, but is right now (2.2a3)
@@ -1836,6 +1846,9 @@ rm -fr %{buildroot}
 # ======================================================
 
 %changelog
+* Tue Jul 17 2012 Bohuslav Kabrda <bkabrda at redhat.com> - 2.7.3-11
+- fix memory leak in module _hashlib (patch 158, rhbz#836285)
+
 * Tue Jun 26 2012 David Malcolm <dmalcolm at redhat.com> - 2.7.3-10
 - fix missing include in uid/gid handling patch (patch 157; rhbz#830405)

More information about the scm-commits mailing list