python 3.x: Fix broken _sha3 based on XKCP (CVE-2022-37454).

ok kmos sthen
2022-10-21 16:04:46 +00:00 · 2022-10-21 16:04:46 +00:00 · 12c0e7a6d6
commit 12c0e7a6d6
parent 8374946eb7
6 changed files with 112 additions and 0 deletions
--- a/lang/python/3.10/Makefile
+++ b/lang/python/3.10/Makefile
@ -7,6 +7,7 @@ FULL_VERSION =		3.10.8
 SHARED_LIBS =		python3.10 0.0
 VERSION_SPEC =		>=3.10,<3.11
 PORTROACH =		limit:^3\.10
+REVISION-main =		0

 # -tkinter in 7.2-stable must be kept a higher version than 7.1-stable
 # due to dep changes (Tcl/Tk 8.5 -> 8.6); 7.2-current must be kept at same
--- a/lang/python/3.10/files/CHANGES.OpenBSD
+++ b/lang/python/3.10/files/CHANGES.OpenBSD
@ -19,5 +19,8 @@ compiler as passed to ports builds is /usr/bin/cc.
 6.  Use closefrom(2) instead of looping through all the file descriptors
 and calling close(2) on them.

+7.  Fix broken keccak implementation by pulling in the applicable part
+of the fix of CVE-2022-37454. 
+
 These changes are available in the OpenBSD CVS repository
 <http://www.openbsd.org/anoncvs.html> in ports/lang/python/3.10.
--- a/lang/python/3.10/patches/patch-Modules__sha3_kcp_KeccakSponge_inc
+++ b/lang/python/3.10/patches/patch-Modules__sha3_kcp_KeccakSponge_inc
@ -0,0 +1,52 @@
+SHA-3 buffer overflows (CVE-2022-37454)
+https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a
+https://github.com/python/cpython/pull/98519
+
+Index: Modules/_sha3/kcp/KeccakSponge.inc
+--- Modules/_sha3/kcp/KeccakSponge.inc.orig
+++ Modules/_sha3/kcp/KeccakSponge.inc
+@@ -171,7 +171,7 @@ int SpongeAbsorb(SpongeInstance *instance, const unsig
+     i = 0;
+     curData = data;
+     while(i < dataByteLen) {
+-        if ((instance->byteIOIndex == 0) && (dataByteLen >= (i + rateInBytes))) {
+        if ((instance->byteIOIndex == 0) && (dataByteLen-i >= rateInBytes)) {
+ #ifdef SnP_FastLoop_Absorb
+             /* processing full blocks first */
+ 
+@@ -199,10 +199,10 @@ int SpongeAbsorb(SpongeInstance *instance, const unsig
+         }
+         else {
+             /* normal lane: using the message queue */
+-
+-            partialBlock = (unsigned int)(dataByteLen - i);
+-            if (partialBlock+instance->byteIOIndex > rateInBytes)
+            if (dataByteLen-i > rateInBytes-instance->byteIOIndex)
+                 partialBlock = rateInBytes-instance->byteIOIndex;
+            else
+                partialBlock = (unsigned int)(dataByteLen - i);
+             #ifdef KeccakReference
+             displayBytes(1, "Block to be absorbed (part)", curData, partialBlock);
+             #endif
+@@ -281,7 +281,7 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned c
+     i = 0;
+     curData = data;
+     while(i < dataByteLen) {
+-        if ((instance->byteIOIndex == rateInBytes) && (dataByteLen >= (i + rateInBytes))) {
+        if ((instance->byteIOIndex == rateInBytes) && (dataByteLen-i >= rateInBytes)) {
+             for(j=dataByteLen-i; j>=rateInBytes; j-=rateInBytes) {
+                 SnP_Permute(instance->state);
+                 SnP_ExtractBytes(instance->state, curData, 0, rateInBytes);
+@@ -299,9 +299,10 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned c
+                 SnP_Permute(instance->state);
+                 instance->byteIOIndex = 0;
+             }
+-            partialBlock = (unsigned int)(dataByteLen - i);
+-            if (partialBlock+instance->byteIOIndex > rateInBytes)
+            if (dataByteLen-i > rateInBytes-instance->byteIOIndex)
+                 partialBlock = rateInBytes-instance->byteIOIndex;
+            else
+                partialBlock = (unsigned int)(dataByteLen - i);
+             i += partialBlock;
+ 
+             SnP_ExtractBytes(instance->state, curData, instance->byteIOIndex, partialBlock);
--- a/lang/python/3.9/Makefile
+++ b/lang/python/3.9/Makefile
@ -7,6 +7,7 @@ FULL_VERSION =		3.9.15
 SHARED_LIBS =		python3.9 0.0
 VERSION_SPEC =		>=3.9,<3.10
 PORTROACH =		limit:^3\.9
+REVISION-main =		0

 # -tkinter in 7.2-stable must be kept a higher version than 7.1-stable
 # due to dep changes (Tcl/Tk 8.5 -> 8.6); 7.2-current must be kept at same
--- a/lang/python/3.9/files/CHANGES.OpenBSD
+++ b/lang/python/3.9/files/CHANGES.OpenBSD
@ -19,5 +19,8 @@ compiler as passed to ports builds is /usr/bin/cc.
 6.  Use closefrom(2) instead of looping through all the file descriptors
 and calling close(2) on them.

+7.  Fix broken keccak implementation by pulling in the applicable part
+    of the fix of CVE-2022-37454. 
+
 These changes are available in the OpenBSD CVS repository
 <http://www.openbsd.org/anoncvs.html> in ports/lang/python/3.9.
--- a/lang/python/3.9/patches/patch-Modules__sha3_kcp_KeccakSponge_inc
+++ b/lang/python/3.9/patches/patch-Modules__sha3_kcp_KeccakSponge_inc
@ -0,0 +1,52 @@
+SHA-3 buffer overflows (CVE-2022-37454)
+https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a
+https://github.com/python/cpython/pull/98519
+
+Index: Modules/_sha3/kcp/KeccakSponge.inc
+--- Modules/_sha3/kcp/KeccakSponge.inc.orig
+++ Modules/_sha3/kcp/KeccakSponge.inc
+@@ -171,7 +171,7 @@ int SpongeAbsorb(SpongeInstance *instance, const unsig
+     i = 0;
+     curData = data;
+     while(i < dataByteLen) {
+-        if ((instance->byteIOIndex == 0) && (dataByteLen >= (i + rateInBytes))) {
+        if ((instance->byteIOIndex == 0) && (dataByteLen-i >= rateInBytes)) {
+ #ifdef SnP_FastLoop_Absorb
+             /* processing full blocks first */
+ 
+@@ -199,10 +199,10 @@ int SpongeAbsorb(SpongeInstance *instance, const unsig
+         }
+         else {
+             /* normal lane: using the message queue */
+-
+-            partialBlock = (unsigned int)(dataByteLen - i);
+-            if (partialBlock+instance->byteIOIndex > rateInBytes)
+            if (dataByteLen-i > rateInBytes-instance->byteIOIndex)
+                 partialBlock = rateInBytes-instance->byteIOIndex;
+            else
+                partialBlock = (unsigned int)(dataByteLen - i);
+             #ifdef KeccakReference
+             displayBytes(1, "Block to be absorbed (part)", curData, partialBlock);
+             #endif
+@@ -281,7 +281,7 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned c
+     i = 0;
+     curData = data;
+     while(i < dataByteLen) {
+-        if ((instance->byteIOIndex == rateInBytes) && (dataByteLen >= (i + rateInBytes))) {
+        if ((instance->byteIOIndex == rateInBytes) && (dataByteLen-i >= rateInBytes)) {
+             for(j=dataByteLen-i; j>=rateInBytes; j-=rateInBytes) {
+                 SnP_Permute(instance->state);
+                 SnP_ExtractBytes(instance->state, curData, 0, rateInBytes);
+@@ -299,9 +299,10 @@ int SpongeSqueeze(SpongeInstance *instance, unsigned c
+                 SnP_Permute(instance->state);
+                 instance->byteIOIndex = 0;
+             }
+-            partialBlock = (unsigned int)(dataByteLen - i);
+-            if (partialBlock+instance->byteIOIndex > rateInBytes)
+            if (dataByteLen-i > rateInBytes-instance->byteIOIndex)
+                 partialBlock = rateInBytes-instance->byteIOIndex;
+            else
+                partialBlock = (unsigned int)(dataByteLen - i);
+             i += partialBlock;
+ 
+             SnP_ExtractBytes(instance->state, curData, instance->byteIOIndex, partialBlock);