summaryrefslogtreecommitdiffstats
path: root/Modules/_sha3
diff options
context:
space:
mode:
authorChristian Heimes <christian@python.org>2021-04-18 06:39:39 (GMT)
committerGitHub <noreply@github.com>2021-04-18 06:39:39 (GMT)
commitaa6da32edc3c6ddfda5e849561e20273b8d82771 (patch)
treee543feb59a3d5e30ec01f2408d77dad5099da456 /Modules/_sha3
parentf5c5c0c362f84b3af168563ac9dec1d03cf8565a (diff)
downloadcpython-aa6da32edc3c6ddfda5e849561e20273b8d82771.zip
cpython-aa6da32edc3c6ddfda5e849561e20273b8d82771.tar.gz
cpython-aa6da32edc3c6ddfda5e849561e20273b8d82771.tar.bz2
bpo-43362: Fix invalid free and return check in _sha3 module (GH-25463)
Commit 93d50a6a8d0c5d332c11aef267e66573a09765ac / GH-21855 changed the order of variable definitions, which introduced a potential invalid free bug. Py_buffer object is now initialized earlier and the result of Keccak initialize is verified. Co-authored-by: Alex Henrie <alexhenrie24@gmail.com> Signed-off-by: Christian Heimes <christian@python.org> Co-authored-by: Alex Henrie <alexhenrie24@gmail.com>
Diffstat (limited to 'Modules/_sha3')
-rw-r--r--Modules/_sha3/sha3module.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/Modules/_sha3/sha3module.c b/Modules/_sha3/sha3module.c
index cae10f9..27f6938 100644
--- a/Modules/_sha3/sha3module.c
+++ b/Modules/_sha3/sha3module.c
@@ -193,15 +193,16 @@ static PyObject *
py_sha3_new_impl(PyTypeObject *type, PyObject *data, int usedforsecurity)
/*[clinic end generated code: output=90409addc5d5e8b0 input=bcfcdf2e4368347a]*/
{
+ HashReturn res;
+ Py_buffer buf = {NULL, NULL};
+ SHA3State *state = PyType_GetModuleState(type);
SHA3object *self = newSHA3object(type);
if (self == NULL) {
goto error;
}
- SHA3State *state = PyType_GetModuleState(type);
assert(state != NULL);
- HashReturn res;
if (type == state->sha3_224_type) {
res = Keccak_HashInitialize_SHA3_224(&self->hash_state);
} else if (type == state->sha3_256_type) {
@@ -229,7 +230,12 @@ py_sha3_new_impl(PyTypeObject *type, PyObject *data, int usedforsecurity)
goto error;
}
- Py_buffer buf = {NULL, NULL};
+ if (res != SUCCESS) {
+ PyErr_SetString(PyExc_RuntimeError,
+ "internal error in SHA3 initialize()");
+ goto error;
+ }
+
if (data) {
GET_BUFFER_VIEW_OR_ERROR(data, &buf, goto error);
if (buf.len >= HASHLIB_GIL_MINSIZE) {