Created on 2014-05-22 14:42 by serhiy.storchaka, last changed 2014-06-01 14:09 by serhiy.storchaka. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| tkinter_strlen_overflow.patch | serhiy.storchaka, 2014-05-22 14:41 | review | ||
| tkinter_strlen_overflow-2.7.patch | serhiy.storchaka, 2014-05-22 14:59 | Patch for 2.7 | review | |
| tkinter_strlen_overflow_alt.patch | serhiy.storchaka, 2014-05-25 07:04 | review | ||
| Messages (3) | |||
|---|---|---|---|
| msg218898 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) *  |
Date: 2014-05-22 14:41 | |
Tkinter converts str argument to C string and then pass it to Tcl. But Tcl handles string length as int and it can overflow if strlen() returns value > INT_MAX. Proposed patch introduces special conversion functions which ensure that string length will not overflow. It also corrects error message in getint(), getdouble() and getboolean() methods (e.g. "must be int or str" instead of "must be str") and adds tests for them. |
|||
| msg219073 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2014-05-25 07:04 | |
Here is a little simpler patch. Instead of checking string length in custom converter, it is checked after invocation of PyArg_ParseTuple. Also added bigmem tests. |
|||
| msg219386 - (view) | Author: Roundup Robot (python-dev) | Date: 2014-05-30 11:39 | |
New changeset 59468bd68789 by Serhiy Storchaka in branch '2.7': Issue #21552: Fixed possible integer overflow of too long string lengths in http://hg.python.org/cpython/rev/59468bd68789 New changeset a90cddfd9e47 by Serhiy Storchaka in branch '3.4': Issue #21552: Fixed possible integer overflow of too long string lengths in http://hg.python.org/cpython/rev/a90cddfd9e47 New changeset 5b80af12ccb7 by Serhiy Storchaka in branch 'default': Issue #21552: Fixed possible integer overflow of too long string lengths in http://hg.python.org/cpython/rev/5b80af12ccb7 New changeset 8c96af2fba28 by Serhiy Storchaka in branch '2.7': Fixed possible integer overflow in getint, getdouble and getboolean too (issue #21552). http://hg.python.org/cpython/rev/8c96af2fba28 |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2014-06-01 14:09:49 | serhiy.storchaka | set | status: open -> closed resolution: fixed stage: patch review -> resolved |
| 2014-05-30 11:39:16 | python-dev | set | nosy:
+ python-dev messages: + msg219386 |
| 2014-05-25 07:04:12 | serhiy.storchaka | set | files:
+ tkinter_strlen_overflow_alt.patch messages: + msg219073 |
| 2014-05-22 14:59:13 | serhiy.storchaka | set | files: + tkinter_strlen_overflow-2.7.patch |
| 2014-05-22 14:42:02 | serhiy.storchaka | create | |