-
Notifications
You must be signed in to change notification settings - Fork 336
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Incorrect handling of negative offsets in scan_once #98
Comments
Thanks for the report. It's certainly not the only way to read raw memory from CPython, but I'll get this fixed and take a look for other similar ssize_t issues. Those functions are intended for internal use only. |
etrepum
added a commit
that referenced
this issue
Jun 24, 2014
simplejson v3.5.3 has been released which fixes this issue. https://github.com/simplejson/simplejson/releases/tag/v3.5.3 |
jsonn
pushed a commit
to jsonn/pkgsrc
that referenced
this issue
Jul 27, 2014
Version 3.5.3 released 2014-06-24 * Fix lower bound checking in scan_once / raw_decode API simplejson/simplejson#98
philenotfound
pushed a commit
to philenotfound/buildroot-cr15wi
that referenced
this issue
Sep 23, 2014
No CVE assigned, see simplejson/simplejson#98 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
jsonn
pushed a commit
to jsonn/pkgsrc
that referenced
this issue
Oct 11, 2014
Version 3.5.3 released 2014-06-24 * Fix lower bound checking in scan_once / raw_decode API simplejson/simplejson#98
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The problem was reported as security issue for the
simplejson
version that is part of the Python standard library, see:http://bugs.python.org/issue21529
https://hackerone.com/reports/12297
The test case using
raw_decode
does not work with recentsimplejson
versions because of commit 0fb0aea. However, I could reproduce the issue with version 3.2.0 by usingscan_once
directly instead ofraw_decode
. I haven't tried more recent version, sorry, quick code inspection suggests they should still be affected.I realize that
scan_once
is not a documented API, and hence this issue, if only triggerable via it, may not be considered an issue forsimplejson
.The text was updated successfully, but these errors were encountered: