python-python-rpm-spec/avoid-DoS-on-carefully-crafted-spec-files.patch

Index: python-rpm-spec-0.14.1/pyrpm/spec.py
===================================================================
--- python-rpm-spec-0.14.1.orig/pyrpm/spec.py
+++ python-rpm-spec-0.14.1/pyrpm/spec.py
@@ -490,7 +490,7 @@ class Spec:
         return spec
 
 
-def replace_macros(string: str, spec: Spec) -> str:
+def replace_macros(string: str, spec: Spec, max_attempts: int = 1000) -> str:
     """Replace all macros in given string with corresponding values.
 
     For example, a string '%{name}-%{version}.tar.gz' will be transformed to 'foo-2.0.tar.gz'.
@@ -552,10 +552,12 @@ def replace_macros(string: str, spec: Sp
 
         return match.string[match.start() : match.end()]
 
-    # Recursively expand macros
+    # Recursively expand macros, respecting the limit imposed by 'max_attempts'
     # Note: If macros are not defined in the spec file, this won't try to
     # expand them.
-    while True:
+    attempt = 0
+    while attempt < max_attempts:
+        attempt += 1
         ret = re.sub(_macro_pattern, get_replacement_string, string)
         if ret != string:
             string = ret
Accepting request 1110811 from home:mschreiner:branches:devel:languages:python - Add avoid-ddos-on-carefully-crafted-spec-files.patch. - This patch fixes an endless loop that could be triggered by carefully crafting a malicious RPM spec file. - Issue was reported by David Anes, who also contributed the patch. - More details on the .spec file. - Update to v0.14.1. - For a full changelog here, please check the .changes file. OBS-URL: https://build.opensuse.org/request/show/1110811 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-python-rpm-spec?expand=0&rev=12 2023-09-13 07:38:28 +00:00			`Index: python-rpm-spec-0.14.1/pyrpm/spec.py`
			`===================================================================`
			`--- python-rpm-spec-0.14.1.orig/pyrpm/spec.py`
			`+++ python-rpm-spec-0.14.1/pyrpm/spec.py`
			`@@ -490,7 +490,7 @@ class Spec:`
			`return spec`


			`-def replace_macros(string: str, spec: Spec) -> str:`
			`+def replace_macros(string: str, spec: Spec, max_attempts: int = 1000) -> str:`
			`"""Replace all macros in given string with corresponding values.`

			`For example, a string '%{name}-%{version}.tar.gz' will be transformed to 'foo-2.0.tar.gz'.`
			`@@ -552,10 +552,12 @@ def replace_macros(string: str, spec: Sp`

			`return match.string[match.start() : match.end()]`

			`- # Recursively expand macros`
			`+ # Recursively expand macros, respecting the limit imposed by 'max_attempts'`
			`# Note: If macros are not defined in the spec file, this won't try to`
			`# expand them.`
			`- while True:`
			`+ attempt = 0`
			`+ while attempt < max_attempts:`
			`+ attempt += 1`
			`ret = re.sub(_macro_pattern, get_replacement_string, string)`
			`if ret != string:`
			`string = ret`