From 3bf1e1a8e746fa42d5068e9bc49a4fa68a170aae66de196599eddbbab8996f04 Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Sun, 18 May 2025 17:09:01 +0000 Subject: [PATCH] Revert the patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python312?expand=0&rev=122 --- CVE-2025-4516-DecodeError-handler.patch | 40 ++++++++----------------- 1 file changed, 13 insertions(+), 27 deletions(-) diff --git a/CVE-2025-4516-DecodeError-handler.patch b/CVE-2025-4516-DecodeError-handler.patch index a4c3ef1..9bcbe33 100644 --- a/CVE-2025-4516-DecodeError-handler.patch +++ b/CVE-2025-4516-DecodeError-handler.patch @@ -18,10 +18,10 @@ with _PyUnicode_DecodeUnicodeEscapeInternal(). Lib/test/test_codeccallbacks.py | 39 +++++++ Lib/test/test_codecs.py | 52 ++++++++-- Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst | 2 - Objects/bytesobject.c | 43 ++++---- + Objects/bytesobject.c | 41 ++++--- Objects/unicodeobject.c | 46 +++++--- - Parser/string_parser.c | 32 +++--- - 8 files changed, 175 insertions(+), 60 deletions(-) + Parser/string_parser.c | 28 +++-- + 8 files changed, 172 insertions(+), 57 deletions(-) Index: Python-3.12.10/Include/internal/pycore_bytesobject.h =================================================================== @@ -133,7 +133,7 @@ Index: Python-3.12.10/Lib/test/test_codeccallbacks.py Index: Python-3.12.10/Lib/test/test_codecs.py =================================================================== --- Python-3.12.10.orig/Lib/test/test_codecs.py 2025-05-17 12:00:00.357214034 +0000 -+++ Python-3.12.10/Lib/test/test_codecs.py 2025-05-18 06:12:20.505427966 +0000 ++++ Python-3.12.10/Lib/test/test_codecs.py 2025-05-17 12:00:10.380601754 +0000 @@ -1196,23 +1196,39 @@ check(br"[\1010]", b"[A0]") check(br"[\x41]", b"[A]") @@ -147,15 +147,15 @@ Index: Python-3.12.10/Lib/test/test_codecs.py if b not in b'abfnrtvx': - with self.assertWarns(DeprecationWarning): + with self.assertWarnsRegex(DeprecationWarning, -+ r"'\\%c' is an invalid escape sequence" % i): ++ r'"\\%c" is an invalid escape sequence' % i): check(b"\\" + b, b"\\" + b) - with self.assertWarns(DeprecationWarning): + with self.assertWarnsRegex(DeprecationWarning, -+ r"'\\%c' is an invalid escape sequence" % (i-32)): ++ r'"\\%c" is an invalid escape sequence' % (i-32)): check(b"\\" + b.upper(), b"\\" + b.upper()) - with self.assertWarns(DeprecationWarning): + with self.assertWarnsRegex(DeprecationWarning, -+ r"'\\8' is an invalid escape sequence"): ++ r'"\\8" is an invalid escape sequence'): check(br"\8", b"\\8") with self.assertWarns(DeprecationWarning): check(br"\9", b"\\9") @@ -197,7 +197,7 @@ Index: Python-3.12.10/Lib/test/test_codecs.py if b.upper() not in b'UN': - with self.assertWarns(DeprecationWarning): + with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\%c'" % (i-32)): ++ r'"\\%c" is an invalid escape sequence' % (i-32)): check(b"\\" + b.upper(), "\\" + chr(i-32)) - with self.assertWarns(DeprecationWarning): + with self.assertWarnsRegex(DeprecationWarning, @@ -235,7 +235,7 @@ Index: Python-3.12.10/Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133 Index: Python-3.12.10/Objects/bytesobject.c =================================================================== --- Python-3.12.10.orig/Objects/bytesobject.c 2025-04-08 11:35:47.000000000 +0000 -+++ Python-3.12.10/Objects/bytesobject.c 2025-05-17 21:07:50.280395109 +0000 ++++ Python-3.12.10/Objects/bytesobject.c 2025-05-17 12:09:18.592219783 +0000 @@ -1048,10 +1048,11 @@ } @@ -310,18 +310,16 @@ Index: Python-3.12.10/Objects/bytesobject.c if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1, - "invalid octal escape sequence '\\%.3s'", - first_invalid_escape) < 0) -+ "'\\%o' is an invalid octal escape sequence. ", ++ "invalid octal escape sequence '\\%o'", + first_invalid_escape_char) < 0) { Py_DECREF(result); return NULL; -@@ -1186,8 +1191,8 @@ - } +@@ -1187,7 +1192,7 @@ else { if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1, -- "invalid escape sequence '\\%c'", + "invalid escape sequence '\\%c'", - c) < 0) -+ "'\\%c' is an invalid escape sequence. ", + first_invalid_escape_char) < 0) { Py_DECREF(result); @@ -430,7 +428,7 @@ Index: Python-3.12.10/Objects/unicodeobject.c Index: Python-3.12.10/Parser/string_parser.c =================================================================== --- Python-3.12.10.orig/Parser/string_parser.c 2025-04-08 11:35:47.000000000 +0000 -+++ Python-3.12.10/Parser/string_parser.c 2025-05-17 21:41:25.941179624 +0000 ++++ Python-3.12.10/Parser/string_parser.c 2025-05-17 12:27:43.308776801 +0000 @@ -1,4 +1,6 @@ #include +#include "pycore_bytesobject.h" // _PyBytes_DecodeEscape() @@ -438,18 +436,6 @@ Index: Python-3.12.10/Parser/string_parser.c #include "tokenizer.h" #include "pegen.h" -@@ -25,9 +27,9 @@ - int octal = ('4' <= c && c <= '7'); - PyObject *msg = - octal -- ? PyUnicode_FromFormat("invalid octal escape sequence '\\%.3s'", -+ ? PyUnicode_FromFormat("'\\%.3s' is an invalid octal escape sequence. ", - first_invalid_escape) -- : PyUnicode_FromFormat("invalid escape sequence '\\%c'", c); -+ : PyUnicode_FromFormat("'\\%c' is an invalid escape sequence. ", c); - if (msg == NULL) { - return -1; - } @@ -181,15 +183,18 @@ len = p - buf; s = buf;