From 60b363e0d123743b9f0c1bf6837dd52a7d48d9ef Mon Sep 17 00:00:00 2001 From: rwx403335 Date: Mon, 21 Feb 2022 16:15:22 +0800 Subject: [PATCH] revert CVE-2021-34141 (cherry picked from commit 96b0586268820bd060083b1ea4e691ab356a3313) --- backport-CVE-2021-34141.patch | 119 ---------------------------------- backport-CVE-2021-41495.patch | 59 +++++++++++------ numpy.spec | 8 ++- 3 files changed, 45 insertions(+), 141 deletions(-) delete mode 100644 backport-CVE-2021-34141.patch diff --git a/backport-CVE-2021-34141.patch b/backport-CVE-2021-34141.patch deleted file mode 100644 index b33ae65..0000000 --- a/backport-CVE-2021-34141.patch +++ /dev/null @@ -1,119 +0,0 @@ -From eeef9d4646103c3b1afd3085f1393f2b3f9575b2 Mon Sep 17 00:00:00 2001 -From: NectDz <54990613+NectDz@users.noreply.github.com> -Date: Tue, 10 Aug 2021 18:00:35 -0500 -Subject: [PATCH] DEP: Remove deprecated numeric style dtype strings (#19539) - -Finishes the deprecation, and effectively closes gh-18993 - -* Insecure String Comparison - -* Finished Deprecations - -* Breaks numpy types - -* Removed elements in dep_tps - -* Delete Typecode Comment - -* Deleted for loop - -* Fixed 80 characters or more issue - -* Expired Release Note - -* Updated Release Note - -* Update numpy/core/numerictypes.py - -* Update numpy/core/tests/test_deprecations.py - -Co-authored-by: Sebastian Berg ---- - doc/release/upcoming_changes/19539.expired.rst | 2 ++ - numpy/core/src/multiarray/descriptor.c | 25 ------------------------- - numpy/core/tests/test_deprecations.py | 23 ----------------------- - 3 files changed, 2 insertions(+), 48 deletions(-) - create mode 100644 doc/release/upcoming_changes/19539.expired.rst - -diff --git a/doc/release/upcoming_changes/19539.expired.rst b/doc/release/upcoming_changes/19539.expired.rst -new file mode 100644 -index 0000000..6e94f17 ---- /dev/null -+++ b/doc/release/upcoming_changes/19539.expired.rst -@@ -0,0 +1,2 @@ -+* Using the strings ``"Bytes0"``, ``"Datetime64"``, ``"Str0"``, ``"Uint32"``, -+ and ``"Uint64"`` as a dtype will now raise a ``TypeError``. -\ No newline at end of file -diff --git a/numpy/core/src/multiarray/descriptor.c b/numpy/core/src/multiarray/descriptor.c -index 50964da..90453e3 100644 ---- a/numpy/core/src/multiarray/descriptor.c -+++ b/numpy/core/src/multiarray/descriptor.c -@@ -1640,31 +1640,6 @@ finish: - } - #endif - if (item) { -- /* Check for a deprecated Numeric-style typecode */ -- if (PyBytes_Check(obj)) { -- char *type = NULL; -- Py_ssize_t len = 0; -- char *dep_tps[] = {"Bool", "Complex", "Float", "Int", -- "Object0", "String0", "Timedelta64", -- "Unicode0", "UInt", "Void0"}; -- int ndep_tps = sizeof(dep_tps) / sizeof(dep_tps[0]); -- int i; -- -- if (PyBytes_AsStringAndSize(obj, &type, &len) < 0) { -- goto error; -- } -- for (i = 0; i < ndep_tps; ++i) { -- char *dep_tp = dep_tps[i]; -- -- if (strncmp(type, dep_tp, strlen(dep_tp)) == 0) { -- if (DEPRECATE("Numeric-style type codes are " -- "deprecated and will result in " -- "an error in the future.") < 0) { -- goto fail; -- } -- } -- } -- } - return PyArray_DescrConverter(item, at); - } - } -diff --git a/numpy/core/tests/test_deprecations.py b/numpy/core/tests/test_deprecations.py -index 42e632e..44a3ed7 100644 ---- a/numpy/core/tests/test_deprecations.py -+++ b/numpy/core/tests/test_deprecations.py -@@ -371,29 +371,6 @@ class TestBinaryReprInsufficientWidthParameterForRepresentation(_DeprecationTest - self.assert_deprecated(np.binary_repr, args=args, kwargs=kwargs) - - --class TestNumericStyleTypecodes(_DeprecationTestCase): -- """ -- Deprecate the old numeric-style dtypes, which are especially -- confusing for complex types, e.g. Complex32 -> complex64. When the -- deprecation cycle is complete, the check for the strings should be -- removed from PyArray_DescrConverter in descriptor.c, and the -- deprecated keys should not be added as capitalized aliases in -- _add_aliases in numerictypes.py. -- """ -- def test_all_dtypes(self): -- deprecated_types = [ -- 'Bool', 'Complex32', 'Complex64', 'Float16', 'Float32', 'Float64', -- 'Int8', 'Int16', 'Int32', 'Int64', 'Object0', 'Timedelta64', -- 'UInt8', 'UInt16', 'UInt32', 'UInt64', 'Void0' -- ] -- if sys.version_info[0] < 3: -- deprecated_types.extend(['Unicode0', 'String0']) -- -- for dt in deprecated_types: -- self.assert_deprecated(np.dtype, exceptions=(TypeError,), -- args=(dt,)) -- -- - class TestTestDeprecated(object): - def test_assert_deprecated(self): - test_case_instance = _DeprecationTestCase() --- -1.8.3.1 - diff --git a/backport-CVE-2021-41495.patch b/backport-CVE-2021-41495.patch index 2293135..0c4d06a 100644 --- a/backport-CVE-2021-41495.patch +++ b/backport-CVE-2021-41495.patch @@ -55,19 +55,19 @@ Co-authored-by: Sebastian Berg --- --- - numpy/core/src/multiarray/arrayobject.c | 3 +++ + numpy/core/src/multiarray/arrayobject.c | 6 ++++++ numpy/core/src/multiarray/buffer.c | 6 ++++++ - numpy/core/src/multiarray/ctors.c | 24 +++++++++++++++++++++++- - numpy/core/src/multiarray/descriptor.c | 27 ++++++++++++++++++++------- + numpy/core/src/multiarray/ctors.c | 23 +++++++++++++++++++++- + numpy/core/src/multiarray/descriptor.c | 30 ++++++++++++++++++++++------- numpy/core/src/multiarray/getset.c | 13 ++++++++----- - numpy/core/src/multiarray/methods.c | 16 ++++++++++++++++ + numpy/core/src/multiarray/methods.c | 16 +++++++++++++++ numpy/core/src/multiarray/nditer_constr.c | 11 +++++------ - numpy/core/src/multiarray/scalarapi.c | 3 +++ + numpy/core/src/multiarray/scalarapi.c | 6 ++++++ numpy/core/src/multiarray/scalartypes.c.src | 10 +++++++--- - 9 files changed, 91 insertions(+), 22 deletions(-) + 9 files changed, 99 insertions(+), 22 deletions(-) diff --git a/numpy/core/src/multiarray/arrayobject.c b/numpy/core/src/multiarray/arrayobject.c -index d20dd63..1d1d6c1 100644 +index d20dd63..e7c1ea2 100644 --- a/numpy/core/src/multiarray/arrayobject.c +++ b/numpy/core/src/multiarray/arrayobject.c @@ -1023,6 +1023,9 @@ _strings_richcompare(PyArrayObject *self, PyArrayObject *other, int cmp_op, @@ -80,6 +80,16 @@ index d20dd63..1d1d6c1 100644 unicode->elsize = PyArray_DESCR(self)->elsize << 2; new = PyArray_FromAny((PyObject *)self, unicode, 0, 0, 0, NULL); +@@ -1036,6 +1039,9 @@ _strings_richcompare(PyArrayObject *self, PyArrayObject *other, int cmp_op, + ((PyArray_DESCR(other)->type_num == NPY_STRING) || + (PyArray_ISNOTSWAPPED(self) != PyArray_ISNOTSWAPPED(other)))) { + PyArray_Descr* unicode = PyArray_DescrNew(PyArray_DESCR(self)); ++ if(unicode == NULL){ ++ return NULL; ++ } + + if (PyArray_DESCR(other)->type_num == NPY_STRING) { + unicode->elsize = PyArray_DESCR(other)->elsize << 2; diff --git a/numpy/core/src/multiarray/buffer.c b/numpy/core/src/multiarray/buffer.c index d8ad802..c633778 100644 --- a/numpy/core/src/multiarray/buffer.c @@ -104,7 +114,7 @@ index d8ad802..c633778 100644 return 1; diff --git a/numpy/core/src/multiarray/ctors.c b/numpy/core/src/multiarray/ctors.c -index e72e602..d1f7b79 100644 +index e72e602..da237e2 100644 --- a/numpy/core/src/multiarray/ctors.c +++ b/numpy/core/src/multiarray/ctors.c @@ -928,6 +928,9 @@ PyArray_NewFromDescr_int(PyTypeObject *subtype, PyArray_Descr *descr, int nd, @@ -158,7 +168,7 @@ index e72e602..d1f7b79 100644 if (PyDataType_REFCHK(type)) { PyErr_SetString(PyExc_ValueError, -@@ -3925,14 +3941,20 @@ NPY_NO_EXPORT PyObject * +@@ -3925,11 +3941,16 @@ NPY_NO_EXPORT PyObject * PyArray_FromIter(PyObject *obj, PyArray_Descr *dtype, npy_intp count) { PyObject *value; @@ -176,12 +186,8 @@ index e72e602..d1f7b79 100644 if (iter == NULL) { goto done; } -+ - if (PyDataType_ISUNSIZED(dtype)) { - PyErr_SetString(PyExc_ValueError, - "Must specify length when using variable-size data-type."); diff --git a/numpy/core/src/multiarray/descriptor.c b/numpy/core/src/multiarray/descriptor.c -index e7a4b6c..c46394b 100644 +index e7a4b6c..6e5bc19 100644 --- a/numpy/core/src/multiarray/descriptor.c +++ b/numpy/core/src/multiarray/descriptor.c @@ -1318,6 +1318,9 @@ PyArray_DescrNewFromType(int type_num) @@ -222,7 +228,7 @@ index e7a4b6c..c46394b 100644 */ if (!copied) { + PyArray_DESCR_REPLACE(conv); -+ if(conv==NULL){ ++ if (conv==NULL) { + return NULL; + } copied = NPY_TRUE; @@ -232,7 +238,17 @@ index e7a4b6c..c46394b 100644 } if ((conv->metadata != NULL)) { /* -@@ -3009,6 +3014,10 @@ PyArray_DescrNewByteorder(PyArray_Descr *self, char newendian) +@@ -2983,6 +2988,9 @@ PyArray_DescrNewByteorder(PyArray_Descr *self, char newendian) + char endian; + + new = PyArray_DescrNew(self); ++ if (new == NULL) { ++ return NULL; ++ } + endian = new->byteorder; + if (endian != NPY_IGNORE) { + if (newendian == NPY_SWAP) { +@@ -3009,6 +3017,10 @@ PyArray_DescrNewByteorder(PyArray_Descr *self, char newendian) int len, i; newfields = PyDict_New(); @@ -243,7 +259,7 @@ index e7a4b6c..c46394b 100644 /* make new dictionary with replaced PyArray_Descr Objects */ while (PyDict_Next(self->fields, &pos, &key, &value)) { if NPY_TITLE_KEY(key, value) { -@@ -3045,6 +3054,10 @@ PyArray_DescrNewByteorder(PyArray_Descr *self, char newendian) +@@ -3045,6 +3057,10 @@ PyArray_DescrNewByteorder(PyArray_Descr *self, char newendian) Py_DECREF(new->subarray->base); new->subarray->base = PyArray_DescrNewByteorder( self->subarray->base, newendian); @@ -354,11 +370,16 @@ index 18a2cc8..3462518 100644 "because of NPY_ITER_NBO\n"); /* Indicate that byte order or alignment needs fixing */ diff --git a/numpy/core/src/multiarray/scalarapi.c b/numpy/core/src/multiarray/scalarapi.c -index bc435d1..9a96184 100644 +index bc435d1..44b3a8c 100644 --- a/numpy/core/src/multiarray/scalarapi.c +++ b/numpy/core/src/multiarray/scalarapi.c -@@ -560,6 +560,9 @@ PyArray_DescrFromScalar(PyObject *sc) +@@ -558,8 +558,14 @@ PyArray_DescrFromScalar(PyObject *sc) + } + descr = PyArray_DescrFromTypeObject((PyObject *)Py_TYPE(sc)); ++ if (descr == NULL) { ++ return NULL; ++ } if (PyDataType_ISUNSIZED(descr)) { PyArray_DESCR_REPLACE(descr); + if (descr == NULL) { diff --git a/numpy.spec b/numpy.spec index a026fba..0719532 100644 --- a/numpy.spec +++ b/numpy.spec @@ -2,7 +2,7 @@ Name: numpy Version: 1.16.5 -Release: 6 +Release: 7 Epoch: 1 Summary: A fast multidimensional array facility for Python @@ -14,8 +14,7 @@ BuildRequires: openblas-devel BuildRequires: lapack-devel gcc-gfortran Cython Patch0: backport-CVE-2021-41496.patch -Patch1: backport-CVE-2021-34141.patch -Patch2: backport-CVE-2021-41495.patch +Patch1: backport-CVE-2021-41495.patch %description NumPy is the fundamental package for scientific computing with Python. It contains among other things: @@ -181,6 +180,9 @@ popd &> /dev/null %{python3_sitearch}/%{name}/f2py %changelog +* Mon Feb 21 2022 renhongxun - 1.16.5-7 +- revert CVE-2021-34141 + * Mon Feb 07 2022 renhongxun - 1.16.5-6 - fix CVE-2021-41495 -- Gitee