Update patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=386
2023-09-16 17:04:43 +00:00 · 2023-09-16 17:04:43 +00:00 · debb82ab6f
commit debb82ab6f
parent 10bb24e527
1 changed files with 4 additions and 4 deletions
--- a/CVE-2022-48566-compare_digest-more-constant.patch
+++ b/CVE-2022-48566-compare_digest-more-constant.patch
@ -13,7 +13,7 @@ The existing volatile `left`/`right` pointers guarantee that the reads will all
 Co-authored-by: Devin Jeanpierre <jeanpierreda@google.com>
 ---
 Misc/NEWS.d/next/Security/2020-05-28-06-06-47.bpo-40791.QGZClX.rst |    1 +
- Modules/_operator.c                                                |    2 +-
+ Modules/operator.c                                                 |    2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 Misc/NEWS.d/next/Security/2020-05-28-06-06-47.bpo-40791.QGZClX.rst

@ -22,9 +22,9 @@ Co-authored-by: Devin Jeanpierre <jeanpierreda@google.com>
@@ -0,0 +1 @@
 +Add ``volatile`` to the accumulator variable in ``hmac.compare_digest``, making constant-time-defeating optimizations less likely.
 \ No newline at end of file
--- a/Modules/_operator.c
-+++ b/Modules/_operator.c
-@@ -182,7 +182,7 @@ _tscmp(const unsigned char *a, const uns
+--- a/Modules/operator.c
+++ b/Modules/operator.c
+@@ -259,7 +259,7 @@ _tscmp(const unsigned char *a, const uns
     volatile const unsigned char *left;
     volatile const unsigned char *right;
     Py_ssize_t i;