Bug 1270318

Summary: pbkdf2 with a 74 byte result crashes
Product: Red Hat Enterprise Linux 7 Reporter: Matěj Cepl <mcepl>
Component: m2cryptoAssignee: Miloslav Trmač <mitr>
Status: CLOSED DUPLICATE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.2CC: mstuchli
Target Milestone: rcKeywords: Security
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-10-30 10:13:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
backtrace and reproduction none

Description Matěj Cepl 2015-10-09 15:16:35 UTC 
Created attachment 1081377 [details]
backtrace and reproduction

Description of problem:

Python 2.7.5 (default, Sep 15 2015, 04:43:27) 
[GCC 4.8.3 20140911 (Red Hat 4.8.3-9)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import M2Crypto
>>> M2Crypto.EVP.pbkdf2('foo', 'abc', 1, 74)

leads to crash with the attached backtrace

Version-Release number of selected component (if applicable):
python-2.7.5-33.el7.x86_64
m2crypto-0.21.1-17.el7.x86_64
Comment 2 Stefan Cornelius 2015-10-30 10:13:41 UTC 
Product Security will take over in bug 1271165

*** This bug has been marked as a duplicate of bug 1271165 ***