diff options
| -rwxr-xr-x | Lib/base64.py | 12 | ||||
| -rw-r--r-- | Misc/NEWS | 2 |
2 files changed, 8 insertions, 6 deletions
diff --git a/Lib/base64.py b/Lib/base64.py index 4042f00..6bcdff6 100755 --- a/Lib/base64.py +++ b/Lib/base64.py @@ -166,7 +166,7 @@ def b32encode(s): if leftover: s = s + bytes(5 - leftover) # Don't use += ! quanta += 1 - encoded = bytes() + encoded = bytearray() for i in range(quanta): # c1 and c2 are 16 bits wide, c3 is 8 bits wide. The intent of this # code is to process the 40 bits in units of 5 bits. So we take the 1 @@ -187,14 +187,14 @@ def b32encode(s): ]) # Adjust for any leftover partial quanta if leftover == 1: - return encoded[:-6] + b'======' + encoded[-6:] = b'======' elif leftover == 2: - return encoded[:-4] + b'====' + encoded[-4:] = b'====' elif leftover == 3: - return encoded[:-3] + b'===' + encoded[-3:] = b'===' elif leftover == 4: - return encoded[:-1] + b'=' - return encoded + encoded[-1:] = b'=' + return bytes(encoded) def b32decode(s, casefold=False, map01=None): @@ -24,6 +24,8 @@ Core and Builtins Library ------- +- Issue #17812: Fixed quadratic complexity of base64.b32encode(). + - Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099). |