From c7486036b74d3e2d7808f10a42a72885179b0899 Mon Sep 17 00:00:00 2001 From: starlet_dx <15929766099@163.com> Date: Thu, 22 Jul 2021 09:44:50 +0800 Subject: [PATCH] fix CVE-2019-17626 (cherry picked from commit ec896213d5e603f4caa12551ae2f14cbe1293de6) --- CVE-2019-17626.patch | 81 +++++++++++++++++++++++++++++++++++++++++++ python-reportlab.spec | 6 +++- 2 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 CVE-2019-17626.patch diff --git a/CVE-2019-17626.patch b/CVE-2019-17626.patch new file mode 100644 index 0000000..590e1c3 --- /dev/null +++ b/CVE-2019-17626.patch @@ -0,0 +1,81 @@ +# HG changeset patch +# User mkasik@redhat.com +# Date 1580132768 -3600 +# Mon Jan 27 14:46:08 2020 +0100 +# Node ID b47055e78d8b3e49e7bb5b9cdaa55d449b996764 +# Parent 9bb6ebf1b8473e3dc11740cbdce0d5dc1a1afae2 +Parse input string of toColor.__call__ for color classes + +It constructs respective object from the string then. +This currently supports CMYKColor, PCMYKColor, CMYKColorSep +and PCMYKColorSep. + +--- a/src/reportlab/lib/colors.py ++++ b/src/reportlab/lib/colors.py +@@ -833,6 +833,53 @@ class cssParse: + + cssParse=cssParse() + ++def parseColorClassFromString(arg): ++ '''Parses known classes which holds color information from string ++ and constructs respective object. ++ It constructs CMYKColor, PCMYKColor, CMYKColorSep and PCMYKColorSep now. ++ ''' ++ ++ # Strips input string and splits it with {'(', ')', ','} delimiters ++ splitted = "".join(arg.split()).replace('(', ',').replace(')','').split(',') ++ ++ # Creates a "fingerprint" of given string made of {'(', ')', ','} characters only. ++ fingerprint = ''.join(c for c in arg if c in set('(,)')) ++ ++ if (len(splitted) > 0): ++ if (splitted[0] == 'Color'): ++ if (fingerprint == '(,,,)'): ++ try: ++ return Color(*list(map(float, splitted[1:5]))) ++ except: ++ return None ++ elif (fingerprint == '(,,)'): ++ try: ++ return Color(*list(map(float, splitted[1:4]))) ++ except: ++ return None ++ elif (splitted[0] == 'CMYKColor' and fingerprint == '(,,,)'): ++ try: ++ return CMYKColor(*list(map(float, splitted[1:5]))) ++ except: ++ return None ++ elif (splitted[0] == 'PCMYKColor' and fingerprint == '(,,,)'): ++ try: ++ return PCMYKColor(*list(map(float, splitted[1:5]))) ++ except: ++ return None ++ elif (splitted[0] == 'CMYKColorSep' and fingerprint == '(,,,)'): ++ try: ++ return CMYKColorSep(*list(map(float, splitted[1:5]))) ++ except: ++ return None ++ elif (splitted[0] == 'PCMYKColorSep' and fingerprint == '(,,,)'): ++ try: ++ return PCMYKColorSep(*list(map(float, splitted[1:5]))) ++ except: ++ return None ++ else: ++ return None ++ + class toColor: + + def __init__(self): +@@ -858,10 +905,8 @@ class toColor: + C = getAllNamedColors() + s = arg.lower() + if s in C: return C[s] +- try: +- return toColor(eval(arg)) +- except: +- pass ++ parsedColor = parseColorClassFromString(arg) ++ if (parsedColor): return parsedColor + + try: + return HexColor(arg) diff --git a/python-reportlab.spec b/python-reportlab.spec index 41d017f..a08988b 100644 --- a/python-reportlab.spec +++ b/python-reportlab.spec @@ -2,12 +2,13 @@ Name: python-reportlab Version: 3.4.0 -Release: 12 +Release: 13 Summary: ReportLab library to create PDF documents and graphic License: LGPL-2.0-only URL: https://www.reportlab.com/ Source0: https://pypi.python.org/packages/source/r/reportlab/reportlab-%{version}.tar.gz Patch0001: 0fbf25e4857423f6a38ca7f5aeee1c84acaa3fc1.patch +Patch0002: CVE-2019-17626.patch %description The ReportLab Toolkit. An Open Source Python library for generating PDFs and graphics. @@ -59,6 +60,9 @@ PYTHONPATH="`pwd`/`ls -d build/lib*`" %{__python3} docs/genAll.py %doc demos/ tools/ %changelog +* Thu Jul 22 2021 yaoxin - 3.4.0-13 +- Fix CVE-2019-17626 + * Thu Apr 22 2021 Senlin Xia - 3.4.0-12 - Remove python2-reportlab for no more buildrequire: python2-pillow -- Gitee