From 03a9d2a20b76955bcbbf40f73d024c950db9a578 Mon Sep 17 00:00:00 2001
From: Jesus Cea <jcea@jcea.es>
Date: Mon, 10 Sep 2012 21:04:42 +0200
Subject: [PATCH] Closes #15908: SHA1 crashes in 64 bits when the string to
 hash is bigger than 2**32 bytes

---
 Lib/test/test_hashlib.py |  8 ++++++++
 Misc/NEWS                |  3 +++
 Modules/shamodule.c      | 19 ++++++++++++++++---
 3 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py
index f5c242e6c9d..114b09bfbbc 100644
--- a/Lib/test/test_hashlib.py
+++ b/Lib/test/test_hashlib.py
@@ -228,6 +228,14 @@ class HashLibTestCase(unittest.TestCase):
         self.check('sha1', "a" * 1000000,
                    "34aa973cd4c4daa4f61eeb2bdbad27316534016f")
 
+    @precisionbigmemtest(size=_4G + 5, memuse=1)
+    def test_case_sha1_huge(self, size):
+        if size == _4G + 5:
+            try:
+                self.check('sha1', 'A'*size,
+                        '87d745c50e6b2879ffa0fb2c930e9fbfe0dc9a5b')
+            except OverflowError:
+                pass # 32-bit arch
 
     # use the examples from Federal Information Processing Standards
     # Publication 180-2, Secure Hash Standard,  2002 August 1
diff --git a/Misc/NEWS b/Misc/NEWS
index 680cb18fdd2..33a57f409a9 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -244,6 +244,9 @@ Library
 - Issue #14888: Fix misbehaviour of the _md5 module when called on data
   larger than 2**32 bytes.
 
+- Issue #15908: Fix misbehaviour of the sha1 module when called on data
+  larger than 2**32 bytes.
+
 - Issue #14875: Use float('inf') instead of float('1e66666') in the json module.
 
 - Issue #14572: Prevent build failures with pre-3.5.0 versions of
diff --git a/Modules/shamodule.c b/Modules/shamodule.c
index a86e722b038..df7344153f9 100644
--- a/Modules/shamodule.c
+++ b/Modules/shamodule.c
@@ -536,6 +536,8 @@ SHA_new(PyObject *self, PyObject *args, PyObject *kwdict)
     static char *kwlist[] = {"string", NULL};
     SHAobject *new;
     Py_buffer view = { 0 };
+    Py_ssize_t n;
+    unsigned char *buf;
 
     if (!PyArg_ParseTupleAndKeywords(args, kwdict, "|s*:new", kwlist,
                                      &view)) {
@@ -554,10 +556,21 @@ SHA_new(PyObject *self, PyObject *args, PyObject *kwdict)
         PyBuffer_Release(&view);
         return NULL;
     }
-    if (view.len > 0) {
-        sha_update(new, (unsigned char*)view.buf,
-                   Py_SAFE_DOWNCAST(view.len, Py_ssize_t, unsigned int));
+
+    n = view.len;
+    buf = (unsigned char *) view.buf;
+    while (n > 0) {
+        Py_ssize_t nbytes;
+        if (n > INT_MAX)
+            nbytes = INT_MAX;
+        else
+            nbytes = n;
+        sha_update(new, buf,
+                   Py_SAFE_DOWNCAST(nbytes, Py_ssize_t, unsigned int));
+        buf += nbytes;
+        n -= nbytes;
     }
+
     PyBuffer_Release(&view);
 
     return (PyObject *)new;