diff options
author | Soumya Sambu <soumya.sambu@windriver.com> | 2025-01-20 04:32:33 +0000 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2025-01-22 19:29:37 -0500 |
commit | de8681b4a2a101b99dd2c48d89a7de2ccd9a961f (patch) | |
tree | b640224346a887e1cd28c7e2b260b034bf9bcce6 | |
parent | c028b3652715600a0bed43314c4f1b53d7e0181e (diff) | |
download | meta-openembedded-de8681b4a2a101b99dd2c48d89a7de2ccd9a961f.tar.gz |
python3-sqlparse: Fix CVE-2024-4340
Passing a heavily nested list to sqlparse.parse() leads to a Denial
of Service due to RecursionError.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-4340
Upstream-patch:
https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-python/recipes-devtools/python/python3-sqlparse/CVE-2024-4340.patch | 48 | ||||
-rw-r--r-- | meta-python/recipes-devtools/python/python3-sqlparse_0.4.2.bb | 1 |
2 files changed, 49 insertions, 0 deletions
diff --git a/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2024-4340.patch b/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2024-4340.patch new file mode 100644 index 0000000000..8d45a27dd9 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2024-4340.patch | |||
@@ -0,0 +1,48 @@ | |||
1 | From b4a39d9850969b4e1d6940d32094ee0b42a2cf03 Mon Sep 17 00:00:00 2001 | ||
2 | From: Andi Albrecht <albrecht.andi@gmail.com> | ||
3 | Date: Sat, 13 Apr 2024 13:59:00 +0200 | ||
4 | Subject: [PATCH] Raise SQLParseError instead of RecursionError. | ||
5 | |||
6 | CVE: CVE-2024-4340 | ||
7 | |||
8 | Upstream-Status: Backport [https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03] | ||
9 | |||
10 | Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> | ||
11 | --- | ||
12 | sqlparse/sql.py | 14 +++++++++----- | ||
13 | 1 file changed, 9 insertions(+), 5 deletions(-) | ||
14 | |||
15 | diff --git a/sqlparse/sql.py b/sqlparse/sql.py | ||
16 | index 6a32c26..ffffc77 100644 | ||
17 | --- a/sqlparse/sql.py | ||
18 | +++ b/sqlparse/sql.py | ||
19 | @@ -10,6 +10,7 @@ | ||
20 | import re | ||
21 | |||
22 | from sqlparse import tokens as T | ||
23 | +from sqlparse.exceptions import SQLParseError | ||
24 | from sqlparse.utils import imt, remove_quotes | ||
25 | |||
26 | |||
27 | @@ -209,11 +210,14 @@ class TokenList(Token): | ||
28 | |||
29 | This method is recursively called for all child tokens. | ||
30 | """ | ||
31 | - for token in self.tokens: | ||
32 | - if token.is_group: | ||
33 | - yield from token.flatten() | ||
34 | - else: | ||
35 | - yield token | ||
36 | + try: | ||
37 | + for token in self.tokens: | ||
38 | + if token.is_group: | ||
39 | + yield from token.flatten() | ||
40 | + else: | ||
41 | + yield token | ||
42 | + except RecursionError as err: | ||
43 | + raise SQLParseError('Maximum recursion depth exceeded') from err | ||
44 | |||
45 | def get_sublists(self): | ||
46 | for token in self.tokens: | ||
47 | -- | ||
48 | 2.40.0 | ||
diff --git a/meta-python/recipes-devtools/python/python3-sqlparse_0.4.2.bb b/meta-python/recipes-devtools/python/python3-sqlparse_0.4.2.bb index b5cc41e730..80f37b1368 100644 --- a/meta-python/recipes-devtools/python/python3-sqlparse_0.4.2.bb +++ b/meta-python/recipes-devtools/python/python3-sqlparse_0.4.2.bb | |||
@@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2b136f573f5386001ea3b7b9016222fc" | |||
7 | SRC_URI += "file://0001-sqlparse-change-shebang-to-python3.patch \ | 7 | SRC_URI += "file://0001-sqlparse-change-shebang-to-python3.patch \ |
8 | file://run-ptest \ | 8 | file://run-ptest \ |
9 | file://CVE-2023-30608.patch \ | 9 | file://CVE-2023-30608.patch \ |
10 | file://CVE-2024-4340.patch \ | ||
10 | " | 11 | " |
11 | 12 | ||
12 | SRC_URI[sha256sum] = "0c00730c74263a94e5a9919ade150dfc3b19c574389985446148402998287dae" | 13 | SRC_URI[sha256sum] = "0c00730c74263a94e5a9919ade150dfc3b19c574389985446148402998287dae" |