New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Potential buffer overflow in PyArray_NewFromDescr_int of ctors.c #18939
Comments
|
I think this is probably safe at the call sites, but adding an assert to |
|
Thanks for your reply. |
|
Yes you're right, numpy/numpy/core/src/multiarray/ctors.c Lines 2819 to 2828 in 623bc1f
|
|
It might be a bit hard to abuse, but the check for |
…fer_overflow BUG: fix potential buffer overflow(#18939)
BUG: fix potential buffer overflow, backport to 1.19.* (#18939)
Reproducing code example:
Snippet:
Error message:
When we run our analysis tool on NumPy, a potential buffer-overflow problem was reported. See details below:
File: numpy/core/src/multiarray/ctors.c
Function: PyArray_NewFromDescr_int
Details in description
Possible call path:
1. array_new -> PyArray_NewFromDescr_int
2. PyArray_Zeros -> PyArray_NewFromDescr_int
3. array_fromfile -> PyArray_FromFile -> PyArray_NewFromDescr_int
NumPy/Python version information:
The main branch of NumPy
The text was updated successfully, but these errors were encountered: