New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Patch for potential buffer overrun in tokenizer.c #41437
Comments
The fp_readl function in tokenizer.c has a potential It is also triggered by trying to generate the pycom The attached patch allows successful generation of the It is not as efficient as it might be; with a function And, of course, the patch definitely needs review. I'm |
Logged In: YES I'm attaching a new patch (tokenizer.c.2.diff), which should |
Logged In: YES I think the patch looks good. Staring at it for a while I |
Logged In: YES After thinking about it some more, I realized that fp_readl
I’m also attaching a zip file with a modified test_pep263.py |
Logged In: YES Maybe I've put the test files in the wrong spot, but what
You should probably put pep263_evilencoding.py and |
Logged In: YES You're quite right, 2.4 AV's reliably using the new |
Logged In: YES Here is another version of the patch, this version doesn't |
Logged In: YES Looks good to me. |
Logged In: YES Checked in as: |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: