Merged revisions 66496 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/trunk ........ r66496 | benjamin.peterson | 2008-09-17 20:22:16 -0500 (Wed, 17 Sep 2008) | 1 line fix possible integer overflows in _hashopenssl #3886 ........

Merged revisions 66496 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk ........ r66496 | benjamin.peterson | 2008-09-17 20:22:16 -0500 (Wed, 17 Sep 2008) | 1 line fix possible integer overflows in _hashopenssl #3886 ........
78cb491d · Benjamin Peterson · 1308c26c · 78cb491d · 78cb491d
Commit 78cb491d authored Sep 24, 2008 by Benjamin Peterson
Hide whitespace changes
Inline Side-by-side

Showing with 59 additions and 15 deletions

Lib/test/test_hashlib.py Lib/test/test_hashlib.py +16 -2

Modules/_hashopenssl.c Modules/_hashopenssl.c +43 -13

No files found.
--- a/Lib/test/test_hashlib.py
+++ b/Lib/test/test_hashlib.py
@@ -9,7 +9,7 @@
 import hashlib
 import unittest
 from test import support
+from test.support import _4G, precisionbigmemtest
 def hexstr(s):
    assert isinstance(s, bytes), repr(s)
@@ -55,7 +55,6 @@ class HashLibTestCase(unittest.TestCase):
            m2.update(aas + bees + cees)
            self.assertEqual(m1.digest(), m2.digest())
    def check(self, name, data, digest):
        # test the direct constructors
        computed = getattr(hashlib, name)(data).hexdigest()
@@ -76,6 +75,21 @@ class HashLibTestCase(unittest.TestCase):
                   b'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',
                   'd174ab98d277d9f5a5611c2c9f419d9f')
+    @precisionbigmemtest(size=_4G + 5, memuse=1)
+    def test_case_md5_huge(self, size):
+        if size == _4G + 5:
+            try:
+                self.check('md5', 'A'*size, 'c9af2dff37468ce5dfee8f2cfc0a9c6d')
+            except OverflowError:
+                pass # 32-bit arch
+    @precisionbigmemtest(size=_4G - 1, memuse=1)
+    def test_case_md5_uintmax(self, size):
+        if size == _4G - 1:
+            try:
+                self.check('md5', 'A'*size, '28138d306ff1b8281f1a9067e1a1a2b3')
+            except OverflowError:
+                pass # 32-bit arch
    # use the three examples from Federal Information Processing Standards
    # Publication 180-1, Secure Hash Standard,  1995 April 17

--- a/Modules/_hashopenssl.c
+++ b/Modules/_hashopenssl.c
@@ -19,6 +19,8 @@
 /* EVP is the preferred interface to hashing in OpenSSL */
 #include <openssl/evp.h>
+#define MUNCH_SIZE INT_MAX
 #ifndef HASH_OBJ_CONSTRUCTOR
 #define HASH_OBJ_CONSTRUCTOR 0
@@ -182,10 +184,17 @@ EVP_update(EVPobject *self, PyObject *args)
        return NULL;
    MY_GET_BUFFER_VIEW_OR_ERROUT(obj, &view);
+    if (view.len > 0 && view.len <= MUNCH_SIZE) {
-    EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf,
+        EVP_DigestUpdate(&self->ctx, view.buf, view.len);
-                     Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
+    } else {
+        Py_ssize_t offset = 0, len = view.len;
+        while (len) {
+            unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len;
+            EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf + offset, process);
+            len -= process;
+            offset += process;
+        }
+    }
    PyBuffer_Release(&view);
    Py_INCREF(Py_None);
@@ -284,11 +293,21 @@ EVP_tp_init(EVPobject *self, PyObject *args, PyObject *kwds)
    Py_INCREF(self->name);
    if (data_obj) {
-        EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf,
+        if (len > 0 && len <= MUNCH_SIZE) {
-                         Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
+        EVP_DigestUpdate(&self->ctx, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t,
+                                                          unsigned int));
+        } else {
+            Py_ssize_t offset = 0, len = view.len;
+            while (len) {
+                unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len;
+                EVP_DigestUpdate(&self->ctx, (unsigned char*)view.buf + offset, process);
+                len -= process;
+                offset += process;
+            }
+        }
        PyBuffer_Release(&view);
    }
    return 0;
 }
 #endif
@@ -357,7 +376,7 @@ static PyTypeObject EVPtype = {
 static PyObject *
 EVPnew(PyObject *name_obj,
       const EVP_MD *digest, const EVP_MD_CTX *initial_ctx,
-       const unsigned char *cp, unsigned int len)
+       const unsigned char *cp, Py_ssize_t len)
 {
    EVPobject *self;
@@ -375,8 +394,20 @@ EVPnew(PyObject *name_obj,
        EVP_DigestInit(&self->ctx, digest);
    }
-    if (cp && len)
+    if (cp && len) {
-        EVP_DigestUpdate(&self->ctx, cp, len);
+        if (len > 0 && len <= MUNCH_SIZE) {
+            EVP_DigestUpdate(&self->ctx, cp, Py_SAFE_DOWNCAST(len, Py_ssize_t,
+                                                              unsigned int));
+        } else {
+            Py_ssize_t offset = 0;
+            while (len) {
+                unsigned int process = len > MUNCH_SIZE ? MUNCH_SIZE : len;
+                EVP_DigestUpdate(&self->ctx, cp + offset, process);
+                len -= process;
+                offset += process;
+            }
+        }
+    }
    return (PyObject *)self;
 }
@@ -417,8 +448,7 @@ EVP_new(PyObject *self, PyObject *args, PyObject *kwdict)
    digest = EVP_get_digestbyname(name);
-    ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf,
+    ret_obj = EVPnew(name_obj, digest, NULL, (unsigned char*)view.buf, view.len);
-                        Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
    if (data_obj)
        PyBuffer_Release(&view);
@@ -452,7 +482,7 @@ EVP_new(PyObject *self, PyObject *args, PyObject *kwdict)
                    NULL, \
                    CONST_new_ ## NAME ## _ctx_p, \
                    (unsigned char*)view.buf, \
-                    Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int)); \
+                    view.len); \
     \
        if (data_obj) \
            PyBuffer_Release(&view); \