diff options
author | Christian Heimes <christian@python.org> | 2021-11-09 08:56:05 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-11-09 08:56:05 (GMT) |
commit | 6a1cc8bf8a0d88af9c7891c6577508ae9f70e3ef (patch) | |
tree | 48a92b9e33da6e0c83e122e43623893fc5d3a759 | |
parent | 8fefaad242f45b3bd97e000a00f2aac16d935315 (diff) | |
download | cpython-6a1cc8bf8a0d88af9c7891c6577508ae9f70e3ef.zip cpython-6a1cc8bf8a0d88af9c7891c6577508ae9f70e3ef.tar.gz cpython-6a1cc8bf8a0d88af9c7891c6577508ae9f70e3ef.tar.bz2 |
bpo-45743: Remove workaround for zlib CVE from 2002 (GH-29457)
-rw-r--r-- | setup.py | 51 |
1 files changed, 11 insertions, 40 deletions
@@ -1633,56 +1633,27 @@ class PyBuildExt(build_ext): '-framework', 'CoreFoundation'])) def detect_compress_exts(self): - # Andrew Kuchling's zlib module. Note that some versions of zlib - # 1.1.3 have security problems. See CERT Advisory CA-2002-07: - # http://www.cert.org/advisories/CA-2002-07.html - # - # zlib 1.1.4 is fixed, but at least one vendor (RedHat) has decided to - # patch its zlib 1.1.3 package instead of upgrading to 1.1.4. For - # now, we still accept 1.1.3, because we think it's difficult to - # exploit this in Python, and we'd rather make it RedHat's problem - # than our problem <wink>. - # - # You can upgrade zlib to version 1.1.4 yourself by going to - # http://www.gzip.org/zlib/ - zlib_inc = find_file('zlib.h', [], self.inc_dirs) - have_zlib = False - if zlib_inc is not None: - zlib_h = zlib_inc[0] + '/zlib.h' - version = '"0.0.0"' - version_req = '"1.1.3"' - if MACOS and is_macosx_sdk_path(zlib_h): - zlib_h = os.path.join(macosx_sdk_root(), zlib_h[1:]) - with open(zlib_h) as fp: - while 1: - line = fp.readline() - if not line: - break - if line.startswith('#define ZLIB_VERSION'): - version = line.split()[2] - break - if version >= version_req: - if (self.compiler.find_library_file(self.lib_dirs, 'z')): - self.add(Extension('zlib', ['zlibmodule.c'], - libraries=['z'])) - have_zlib = True - else: - self.missing.append('zlib') - else: - self.missing.append('zlib') + # Andrew Kuchling's zlib module. + have_zlib = ( + find_file('zlib.h', self.inc_dirs, []) is not None and + self.compiler.find_library_file(self.lib_dirs, 'z') + ) + if have_zlib: + self.add(Extension('zlib', ['zlibmodule.c'], + libraries=['z'])) else: self.missing.append('zlib') # Helper module for various ascii-encoders. Uses zlib for an optimized # crc32 if we have it. Otherwise binascii uses its own. - extra_compile_args = [] if have_zlib: - extra_compile_args.append('-DUSE_ZLIB_CRC32') + define_macros = [('USE_ZLIB_CRC32', None)] libraries = ['z'] else: + define_macros = None libraries = [] self.add(Extension('binascii', ['binascii.c'], - extra_compile_args=extra_compile_args, + define_macros=define_macros, libraries=libraries)) # Gustavo Niemeyer's bz2 module. |