RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://github.com/python/cpython/commit/41b48e71ac8a71f56694b548f118bd20ce203410 below:

Use XML_SetHashSalt in _elementtree (#9933) · python/cpython@41b48e7 · GitHub

File tree Expand file treeCollapse file tree 4 files changed

+15

-1

lines changed

Filter options

Misc/NEWS.d/next/Security

Expand file treeCollapse file tree 4 files changed

+15

-1

lines changed Original file line number Diff line number Diff line change


 @@ -3,7 +3,7 @@

3 3 4 4


 /* note: you must import expat.h before importing this module! */

5 5 6

-
 #define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.0"

6

+
 #define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.1"

7 7


 #define PyExpat_CAPSULE_NAME "pyexpat.expat_CAPI"

8 8 9 9


 struct PyExpat_CAPI


 @@ -48,6 +48,8 @@ struct PyExpat_CAPI

48 48


 enum XML_Status (*SetEncoding)(XML_Parser parser, const XML_Char *encoding);

49 49


 int (*DefaultUnknownEncodingHandler)(

50 50


 void *encodingHandlerData, const XML_Char *name, XML_Encoding *info);

51

+
 /* might be none for expat < 2.1.0 */

52

+
 int (*SetHashSalt)(XML_Parser parser, unsigned long hash_salt);

51 53


 /* always add new stuff to the end! */

52 54

};

53 55 Original file line number Diff line number Diff line change


 @@ -0,0 +1,2 @@

1

+
 CVE-2018-14647: The C accelerated _elementtree module now initializes hash

2

+
 randomization salt from _Py_HashSecret instead of libexpat's default CSPRNG.

Original file line number Diff line number Diff line change


 @@ -3282,6 +3282,11 @@ _elementtree_XMLParser___init___impl(XMLParserObject *self, PyObject *html,

3282 3282


 PyErr_NoMemory();

3283 3283


 return -1;

3284 3284

3285

+
 /* expat < 2.1.0 has no XML_SetHashSalt() */

3286

+
 if (EXPAT(SetHashSalt) != NULL) {

3287

+
 EXPAT(SetHashSalt)(self->parser,

3288

+
 (unsigned long)_Py_HashSecret.expat.hashsalt);

3289

+
 }

3285 3290 3286 3291


 if (target) {

3287 3292


 Py_INCREF(target);

Original file line number Diff line number Diff line change


 @@ -1882,6 +1882,11 @@ MODULE_INITFUNC(void)

1882 1882


 capi.SetStartDoctypeDeclHandler = XML_SetStartDoctypeDeclHandler;

1883 1883


 capi.SetEncoding = XML_SetEncoding;

1884 1884


 capi.DefaultUnknownEncodingHandler = PyUnknownEncodingHandler;

1885

+
 #if XML_COMBINED_VERSION >= 20100

1886

+
 capi.SetHashSalt = XML_SetHashSalt;

1887

+
 #else

1888

+
 capi.SetHashSalt = NULL;

1889

+
 #endif

1885 1890 1886 1891


 /* export using capsule */

1887 1892


 capi_object = PyCapsule_New(&capi, PyExpat_CAPSULE_NAME, NULL);

You can’t perform that action at this time.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4