From a44efbd753fbdfe725bf9f81e743a948b339f174 Mon Sep 17 00:00:00 2001
From: renmingshuai <renmingshuai@huawei.com>
Date: Wed, 5 Jan 2022 10:00:36 +0800
Subject: [PATCH] fix CVE-2021-41496

---
 backport-CVE-2021-41496.patch | 60 +++++++++++++++++++++++++++++++++++
 numpy.spec                    |  7 +++-
 2 files changed, 66 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2021-41496.patch

diff --git a/backport-CVE-2021-41496.patch b/backport-CVE-2021-41496.patch
new file mode 100644
index 0000000..fe7ae45
--- /dev/null
+++ b/backport-CVE-2021-41496.patch
@@ -0,0 +1,60 @@
+From 271010f1037150e95017f803f4214b8861e528f2 Mon Sep 17 00:00:00 2001
+From: Warren Weckesser <warren.weckesser@gmail.com>
+Date: Mon, 20 Dec 2021 10:35:31 -0500
+Subject: [PATCH] BUG: f2py: Simplify creation of an exception message. Closes
+ gh-19000.
+
+---
+ numpy/f2py/src/fortranobject.c | 28 +++++++++++++---------------
+ 1 file changed, 13 insertions(+), 15 deletions(-)
+
+diff --git a/numpy/f2py/src/fortranobject.c b/numpy/f2py/src/fortranobject.c
+index 4a981bf..d323878 100644
+--- a/numpy/f2py/src/fortranobject.c
++++ b/numpy/f2py/src/fortranobject.c
+@@ -595,14 +595,14 @@ static int check_and_fix_dimensions(const PyArrayObject* arr,
+                                     npy_intp *dims);
+ 
+ static int
+-count_negative_dimensions(const int rank,
+-                          const npy_intp *dims) {
+-    int i=0,r=0;
+-    while (i<rank) {
+-        if (dims[i] < 0) ++r;
+-        ++i;
++find_first_negative_dimension(const int rank, const npy_intp *dims)
++{
++    for (int i = 0; i < rank; ++i) {
++        if (dims[i] < 0) {
++            return i;
++        }
+     }
+-    return r;
++    return -1;
+ }
+ 
+ #ifdef DEBUG_COPY_ND_ARRAY
+@@ -679,14 +679,12 @@ PyArrayObject* array_from_pyobj(const int type_num,
+         || ((intent & F2PY_OPTIONAL) && (obj==Py_None))
+         ) {
+         /* intent(cache), optional, intent(hide) */
+-        if (count_negative_dimensions(rank,dims) > 0) {
+-            int i;
+-            strcpy(mess, "failed to create intent(cache|hide)|optional array"
+-                   "-- must have defined dimensions but got (");
+-            for(i=0;i<rank;++i)
+-                sprintf(mess+strlen(mess),"%" NPY_INTP_FMT ",",dims[i]);
+-            strcat(mess, ")");
+-            PyErr_SetString(PyExc_ValueError,mess);
++        int i = find_first_negative_dimension(rank, dims);
++        if (i >= 0) {
++            PyErr_Format(PyExc_ValueError,
++                         "failed to create intent(cache|hide)|optional array"
++                         " -- must have defined dimensions, but dims[%d] = %"
++                         NPY_INTP_FMT, i, dims[i]);
+             return NULL;
+         }
+         arr = (PyArrayObject *)
+-- 
+2.27.0
+
diff --git a/numpy.spec b/numpy.spec
index 09f7245..ea7bf45 100644
--- a/numpy.spec
+++ b/numpy.spec
@@ -2,7 +2,7 @@
 
 Name:           numpy
 Version:        1.21.4
-Release:        1
+Release:        2
 Epoch:          1
 Summary:        A fast multidimensional array facility for Python
 
@@ -14,6 +14,8 @@ BuildRequires:  openblas-devel
 BuildRequires:  lapack-devel gcc-gfortran
 BuildRequires:  python3-Cython >= 0.29.24
 
+Patch0:         backport-CVE-2021-41496.patch
+
 %description
 NumPy is the fundamental package for scientific computing with Python. It contains among other things:
 a powerful N-dimensional array object
@@ -102,6 +104,9 @@ popd &> /dev/null
 
 
 %changelog
+* Wed Jan 05 2022 yuanxin <yuanxin24@huawei.com> - 1.21.4-2
+- fix CVE-2021-41496
+
 * Mon Dec 13 2021 shixuantong <shixuantong@huawei.com> - 1.21.4-1
 - update version to 1.21.4
 
-- 
Gitee