NotificationsYou must be signed in to change notification settings
Fork32k
Star67.2k

Commitb98e779

authored

[3.7]bpo-41004: Resolve hash collisions for IPv4Interface and IPv6Interface (GH-21033) (GH-21231)

CVE-2020-14422The __hash__() methods of classes IPv4Interface and IPv6Interface had issueof generating constant hash values of 32 and 128 respectively causing hash collisions.The fix uses the hash() function to generate hash values for the objectsinstead of XOR operation(cherry picked from commitb30ee26)Co-authored-by: Ravi Teja P <rvteja92@gmail.com>Signed-off-by: Tapas Kundu <tkundu@vmware.com>

1 parent4fdc175 commitb98e779Copy full SHA for b98e779

File tree

3 files changed

+14

-2

lines changed

Lib
- ipaddress.py
- test
  - test_ipaddress.py
Misc/NEWS.d/next/Security
- 2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst

3 files changed

+14

-2

lines changed

`‎Lib/ipaddress.py`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -1442,7 +1442,7 @@ def __lt__(self, other):`
`1442`	`1442`	`returnFalse`
`1443`	`1443`
`1444`	`1444`	`def__hash__(self):`
`1445`		`-returnself._ip^self._prefixlen^int(self.network.network_address)`
	`1445`	`+returnhash((self._ip,self._prefixlen,int(self.network.network_address)))`
`1446`	`1446`
`1447`	`1447`	`__reduce__=_IPAddressBase.__reduce__`
`1448`	`1448`
`@@ -2088,7 +2088,7 @@ def __lt__(self, other):`
`2088`	`2088`	`returnFalse`
`2089`	`2089`
`2090`	`2090`	`def__hash__(self):`
`2091`		`-returnself._ip^self._prefixlen^int(self.network.network_address)`
	`2091`	`+returnhash((self._ip,self._prefixlen,int(self.network.network_address)))`
`2092`	`2092`
`2093`	`2093`	`__reduce__=_IPAddressBase.__reduce__`
`2094`	`2094`

`‎Lib/test/test_ipaddress.py`

Lines changed: 11 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -2091,6 +2091,17 @@ def testsixtofour(self):`
`2091`	`2091`	`sixtofouraddr.sixtofour)`
`2092`	`2092`	`self.assertFalse(bad_addr.sixtofour)`
`2093`	`2093`
	`2094`	`+# issue41004 Hash collisions in IPv4Interface and IPv6Interface`
	`2095`	`+deftestV4HashIsNotConstant(self):`
	`2096`	`+ipv4_address1=ipaddress.IPv4Interface("1.2.3.4")`
	`2097`	`+ipv4_address2=ipaddress.IPv4Interface("2.3.4.5")`
	`2098`	`+self.assertNotEqual(ipv4_address1.__hash__(),ipv4_address2.__hash__())`
	`2099`	`+`
	`2100`	`+# issue41004 Hash collisions in IPv4Interface and IPv6Interface`
	`2101`	`+deftestV6HashIsNotConstant(self):`
	`2102`	`+ipv6_address1=ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")`
	`2103`	`+ipv6_address2=ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")`
	`2104`	`+self.assertNotEqual(ipv6_address1.__hash__(),ipv6_address2.__hash__())`
`2094`	`2105`
`2095`	`2106`	`if__name__=='__main__':`
`2096`	`2107`	`unittest.main()`

`‎Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commitb98e779

File tree

3 files changed

3 files changed

`‎Lib/ipaddress.py`

`‎Lib/test/test_ipaddress.py`

`‎Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst`

0 commit comments