[bitbake-devel][kirkstone,langdale,master][PATCH] utils/ply: Update md5 to better report errors with hashlib

All of lore.kernel.org
 help / color / mirror / Atom feed

* [bitbake-devel][kirkstone,langdale,master][PATCH] utils/ply: Update md5 to better report errors with hashlib
@ 2022-10-06 21:53 Mark Hatle
  2022-10-07 11:01 ` Ross Burton
  0 siblings, 1 reply; 3+ messages in thread
From: Mark Hatle @ 2022-10-06 21:53 UTC (permalink / raw)
  To: bitbake-devel

In the case where hashlib is not available, the try would fail and fall
through resulting in a backtrace on the usage of the 'sig'.  The backtrace
itself was confusing and made it difficult to determine what went wrong.

Update the import to be in it's own try block with an appropriate
message to indicate what went wrong.

Note, the current version of ply all of this code has been restructured
so this is not applicable upstream.

Additionally, some versions of hashlib don't appear to implement the
second FIPS related argument.  Detect this and support both versions.

Signed-off-by: Mark Hatle <mark.hatle@amd.com>
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
---
This was found on an internal Ubuntu 18.04 container.  Unfortunately I
don't have access to the container itself but this resolves the issue.

 bitbake/lib/bb/utils.py | 7 ++++++-
 bitbake/lib/ply/yacc.py | 7 +++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/lib/bb/utils.py b/lib/bb/utils.py
index e6e21e20fe..64a004d0d8 100644
--- a/lib/bb/utils.py
+++ b/lib/bb/utils.py
@@ -547,7 +547,12 @@ def md5_file(filename):
     Return the hex string representation of the MD5 checksum of filename.
     """
     import hashlib
-    return _hasher(hashlib.new('MD5', usedforsecurity=False), filename)
+    try:
+        sig = hashlib.new('MD5', usedforsecurity=False)
+    except TypeError:
+        # Some configurations don't appear to support two arguments
+        sig = hashlib.new('MD5')
+    return _hasher(sig, filename)
 
 def sha256_file(filename):
     """
diff --git a/lib/ply/yacc.py b/lib/ply/yacc.py
index 767c4e4674..381b50cf0b 100644
--- a/lib/ply/yacc.py
+++ b/lib/ply/yacc.py
@@ -2798,7 +2798,14 @@ class ParserReflect(object):
     def signature(self):
         try:
             import hashlib
+        except ImportError:
+            raise RuntimeError("Unable to import hashlib")
+        try:
             sig = hashlib.new('MD5', usedforsecurity=False)
+        except TypeError:
+            # Some configurations don't appear to support two arguments
+            sig = hashlib.new('MD5')
+        try:
             if self.start:
                 sig.update(self.start.encode('latin-1'))
             if self.prec:
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [bitbake-devel][kirkstone,langdale,master][PATCH] utils/ply: Update md5 to better report errors with hashlib
  2022-10-06 21:53 [bitbake-devel][kirkstone,langdale,master][PATCH] utils/ply: Update md5 to better report errors with hashlib Mark Hatle
@ 2022-10-07 11:01 ` Ross Burton
  0 siblings, 0 replies; 3+ messages in thread
From: Ross Burton @ 2022-10-07 11:01 UTC (permalink / raw)
  To: mark.hatle@kernel.crashing.org; +Cc: bitbake-devel@lists.openembedded.org

> On 6 Oct 2022, at 22:53, Mark Hatle via lists.openembedded.org <mark.hatle=kernel.crashing.org@lists.openembedded.org> wrote:
> 
> Additionally, some versions of hashlib don't appear to implement the
> second FIPS related argument.  Detect this and support both versions.

FWIW

Changed in version 3.9: All hashlib constructors take a keyword-only argument usedforsecurity with default value True. A false value allows the use of insecure and blocked hashing algorithms in restricted environments. False indicates that the hashing algorithm is not used in a security context, e.g. as a non-cryptographic one-way compression function.

Ross

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [bitbake-devel][kirkstone,langdale,master][PATCH] utils/ply: Update md5 to better report errors with hashlib
       [not found] <171B99736E534D59.1795@lists.openembedded.org>
@ 2022-10-25 21:36 ` Mark Hatle
  0 siblings, 0 replies; 3+ messages in thread
From: Mark Hatle @ 2022-10-25 21:36 UTC (permalink / raw)
  To: bitbake-devel

Ping on this one.

On 10/6/22 4:53 PM, Mark Hatle wrote:
> In the case where hashlib is not available, the try would fail and fall
> through resulting in a backtrace on the usage of the 'sig'.  The backtrace
> itself was confusing and made it difficult to determine what went wrong.
> 
> Update the import to be in it's own try block with an appropriate
> message to indicate what went wrong.
> 
> Note, the current version of ply all of this code has been restructured
> so this is not applicable upstream.
> 
> Additionally, some versions of hashlib don't appear to implement the
> second FIPS related argument.  Detect this and support both versions.
> 
> Signed-off-by: Mark Hatle <mark.hatle@amd.com>
> Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
> ---
> This was found on an internal Ubuntu 18.04 container.  Unfortunately I
> don't have access to the container itself but this resolves the issue.
> 
>   bitbake/lib/bb/utils.py | 7 ++++++-
>   bitbake/lib/ply/yacc.py | 7 +++++++
>   2 files changed, 13 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/bb/utils.py b/lib/bb/utils.py
> index e6e21e20fe..64a004d0d8 100644
> --- a/lib/bb/utils.py
> +++ b/lib/bb/utils.py
> @@ -547,7 +547,12 @@ def md5_file(filename):
>       Return the hex string representation of the MD5 checksum of filename.
>       """
>       import hashlib
> -    return _hasher(hashlib.new('MD5', usedforsecurity=False), filename)
> +    try:
> +        sig = hashlib.new('MD5', usedforsecurity=False)
> +    except TypeError:
> +        # Some configurations don't appear to support two arguments
> +        sig = hashlib.new('MD5')
> +    return _hasher(sig, filename)
>   
>   def sha256_file(filename):
>       """
> diff --git a/lib/ply/yacc.py b/lib/ply/yacc.py
> index 767c4e4674..381b50cf0b 100644
> --- a/lib/ply/yacc.py
> +++ b/lib/ply/yacc.py
> @@ -2798,7 +2798,14 @@ class ParserReflect(object):
>       def signature(self):
>           try:
>               import hashlib
> +        except ImportError:
> +            raise RuntimeError("Unable to import hashlib")
> +        try:
>               sig = hashlib.new('MD5', usedforsecurity=False)
> +        except TypeError:
> +            # Some configurations don't appear to support two arguments
> +            sig = hashlib.new('MD5')
> +        try:
>               if self.start:
>                   sig.update(self.start.encode('latin-1'))
>               if self.prec:
> 
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#14027): https://lists.openembedded.org/g/bitbake-devel/message/14027
> Mute This Topic: https://lists.openembedded.org/mt/94168114/3616948
> Group Owner: bitbake-devel+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/bitbake-devel/unsub [mark.hatle@kernel.crashing.org]
> -=-=-=-=-=-=-=-=-=-=-=-
> 


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2022-10-25 21:36 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-10-06 21:53 [bitbake-devel][kirkstone,langdale,master][PATCH] utils/ply: Update md5 to better report errors with hashlib Mark Hatle
2022-10-07 11:01 ` Ross Burton
     [not found] <171B99736E534D59.1795@lists.openembedded.org>
2022-10-25 21:36 ` Mark Hatle

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.