RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://github.com/python/cpython/commit/d16eaf36795da48b930b80b20d3805bc27820712 below:

Use XML_SetHashSalt in _elementtree (#9953) · python/cpython@d16eaf3 · GitHub

File tree Expand file treeCollapse file tree 4 files changed

+15

-1

lines changed

Filter options

Misc/NEWS.d/next/Security

Expand file treeCollapse file tree 4 files changed

+15

-1

lines changed Original file line number Diff line number Diff line change


 @@ -3,7 +3,7 @@

3 3 4 4


 /* note: you must import expat.h before importing this module! */

5 5 6

-
 #define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.0"

6

+
 #define PyExpat_CAPI_MAGIC "pyexpat.expat_CAPI 1.1"

7 7


 #define PyExpat_CAPSULE_NAME "pyexpat.expat_CAPI"

8 8 9 9


 struct PyExpat_CAPI


 @@ -48,6 +48,8 @@ struct PyExpat_CAPI

48 48


 enum XML_Status (*SetEncoding)(XML_Parser parser, const XML_Char *encoding);

49 49


 int (*DefaultUnknownEncodingHandler)(

50 50


 void *encodingHandlerData, const XML_Char *name, XML_Encoding *info);

51

+
 /* might be none for expat < 2.1.0 */

52

+
 int (*SetHashSalt)(XML_Parser parser, unsigned long hash_salt);

51 53


 /* always add new stuff to the end! */

52 54

};

53 55 Original file line number Diff line number Diff line change


 @@ -0,0 +1,2 @@

1

+
 CVE-2018-14647: The C accelerated _elementtree module now initializes hash

2

+
 randomization salt from _Py_HashSecret instead of libexpat's default CSPRNG.

Original file line number Diff line number Diff line change


 @@ -3259,6 +3259,11 @@ xmlparser_init(PyObject *self, PyObject *args, PyObject *kwds)

3259 3259


 PyErr_NoMemory();

3260 3260


 return -1;

3261 3261

3262

+
 /* expat < 2.1.0 has no XML_SetHashSalt() */

3263

+
 if (EXPAT(SetHashSalt) != NULL) {

3264

+
 EXPAT(SetHashSalt)(self_xp->parser,

3265

+
 (unsigned long)_Py_HashSecret.expat.hashsalt);

3266

+
 }

3262 3267 3263 3268


 if (target) {

3264 3269


 Py_INCREF(target);

Original file line number Diff line number Diff line change


 @@ -1857,6 +1857,11 @@ MODULE_INITFUNC(void)

1857 1857


 capi.SetStartDoctypeDeclHandler = XML_SetStartDoctypeDeclHandler;

1858 1858


 capi.SetEncoding = XML_SetEncoding;

1859 1859


 capi.DefaultUnknownEncodingHandler = PyUnknownEncodingHandler;

1860

+
 #if XML_COMBINED_VERSION >= 20100

1861

+
 capi.SetHashSalt = XML_SetHashSalt;

1862

+
 #else

1863

+
 capi.SetHashSalt = NULL;

1864

+
 #endif

1860 1865 1861 1866


 /* export using capsule */

1862 1867


 capi_object = PyCapsule_New(&capi, PyExpat_CAPSULE_NAME, NULL);

You can’t perform that action at this time.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4