Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
python-doc.8246
python-2.7.14-CVE-2017-1000158.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File python-2.7.14-CVE-2017-1000158.patch of Package python-doc.8246
From c3c9db89273fabc62ea1b48389d9a3000c1c03ae Mon Sep 17 00:00:00 2001 From: Jay Bosamiya <jaybosamiya@gmail.com> Date: Sun, 18 Jun 2017 22:11:03 +0530 Subject: [PATCH] [2.7] bpo-30657: Check & prevent integer overflow in PyString_DecodeEscape (#2174) --- Misc/ACKS | 1 + Misc/NEWS | 3 +++ Objects/stringobject.c | 8 +++++++- 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/Objects/stringobject.c b/Objects/stringobject.c index c78e19316a..59d22e7694 100644 --- a/Objects/stringobject.c +++ b/Objects/stringobject.c @@ -612,7 +612,13 @@ PyObject *PyString_DecodeEscape(const char *s, char *p, *buf; const char *end; PyObject *v; - Py_ssize_t newlen = recode_encoding ? 4*len:len; + Py_ssize_t newlen; + /* Check for integer overflow */ + if (recode_encoding && (len > PY_SSIZE_T_MAX / 4)) { + PyErr_SetString(PyExc_OverflowError, "string is too large"); + return NULL; + } + newlen = recode_encoding ? 4*len:len; v = PyString_FromStringAndSize((char *)NULL, newlen); if (v == NULL) return NULL; -- 2.16.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor