Revision - 6c004b4 - bpo-30657: Fix CVE-2017-1000158 (#4758) - origin: https://github.com/python/cpython

Staging
v0.5.1

visit type:

https://github.com/python/cpython

09 December 2020, 11:06:31 UTC

Revision 6c004b40f9d51872d848981ef1a18bb08c2dfc42 authored by Miro Hrončok on 08 December 2017, 21:34:44 UTC, committed by larryhastings on 08 December 2017, 21:34:44 UTC

bpo-30657: Fix CVE-2017-1000158 (#4758)

Fixes possible integer overflow in PyBytes_DecodeEscape.

Co-Authored-By: Jay Bosamiya <jaybosamiya@gmail.com>

1 parent 8b11e8d

Files
Changes

Permalinks

Tip revision: 6c004b40f9d51872d848981ef1a18bb08c2dfc42 authored by Miro Hrončok on 08 December 2017, 21:34:44 UTC
bpo-30657: Fix CVE-2017-1000158 (#4758)

Tip revision: 6c004b4

dynload_hpux.c


/* Support for dynamic loading of extension modules */

#include "dl.h"
#include <errno.h>

#include "Python.h"
#include "importdl.h"

#if defined(__hp9000s300)
#define FUNCNAME_PATTERN "_PyInit_%.200s"
#else
#define FUNCNAME_PATTERN "PyInit_%.200s"
#endif

const char *_PyImport_DynLoadFiletab[] = {SHLIB_EXT, NULL};

dl_funcptr _PyImport_GetDynLoadFunc(const char *shortname,
                                    const char *pathname, FILE *fp)
{
    dl_funcptr p;
    shl_t lib;
    int flags;
    char funcname[258];

    flags = BIND_FIRST | BIND_DEFERRED;
    if (Py_VerboseFlag) {
        flags = BIND_FIRST | BIND_IMMEDIATE |
            BIND_NONFATAL | BIND_VERBOSE;
        printf("shl_load %s\n",pathname);
    }
    lib = shl_load(pathname, flags, 0);
    /* XXX Chuck Blake once wrote that 0 should be BIND_NOSTART? */
    if (lib == NULL) {
        char buf[256];
        PyObject *pathname_ob = NULL;
        PyObject *buf_ob = NULL;
        PyObject *shortname_ob = NULL;

        if (Py_VerboseFlag)
            perror(pathname);
        PyOS_snprintf(buf, sizeof(buf), "Failed to load %.200s",
                      pathname);
        buf_ob = PyUnicode_FromString(buf);
        shortname_ob = PyUnicode_FromString(shortname);
        pathname_ob = PyUnicode_FromString(pathname);
        PyErr_SetImportError(buf_ob, shortname_ob, pathname_ob);
        Py_DECREF(buf_ob);
        Py_DECREF(shortname_ob);
        Py_DECREF(pathname_ob);
        return NULL;
    }
    PyOS_snprintf(funcname, sizeof(funcname), FUNCNAME_PATTERN, shortname);
    if (Py_VerboseFlag)
        printf("shl_findsym %s\n", funcname);
    if (shl_findsym(&lib, funcname, TYPE_UNDEFINED, (void *) &p) == -1) {
        shl_unload(lib);
        p = NULL;
    }
    if (p == NULL && Py_VerboseFlag)
        perror(funcname);

    return p;
}

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...