Bug 848474 - crypto module function subject_name_hash returns negative numbers on 32 bit hosts
crypto module function subject_name_hash returns negative numbers on 32 bit h...
Status: CLOSED DUPLICATE of bug 1036853
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: pyOpenSSL (Show other bugs)
6.5
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Tomas Mraz
BaseOS QE Security Team
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-15 13:07 EDT by Nathanael Noblet
Modified: 2015-02-26 10:13 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-02-26 10:13:38 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Nathanael Noblet 2012-08-15 13:07:37 EDT
Description of problem:
The python module uses PyLong_FromLong instead of PyLong_FromLongLong or FromUnsignedLong which on 32 bit hosts results in integer overflow and negative integer responses. This affects programs like func which use the hashes as part of their ACL infrastructure.

See bug: https://bugzilla.redhat.com/show_bug.cgi?id=756831 for what was reported against Fedora 15 at the time. I just noticed RHEL had an older version of pyOpenSSL so figured I should report this. Its a simple backport/fix.


How reproducible:
Always ( I haven't actually tested this on RHEL just noticed the version number and figured its likely affected)

Steps to Reproduce:
1. Use pyOpenSSL on a 32bit host
  
Actual results:
integer overflow

Expected results:
proper hashes
Comment 2 RHEL Product and Program Management 2012-09-07 01:25:48 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.

Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.
Comment 3 Tomas Mraz 2015-02-26 10:13:38 EST
Fixed by the planned rebase.

*** This bug has been marked as a duplicate of bug 1036853 ***

Note You need to log in before you can comment on or make changes to this bug.