Message 156709 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	nadeem.vawda
Recipients	Laurent.Gautier, loewis, nadeem.vawda
Date	2012-03-24.17:33:46
SpamBayes Score	2.6697026e-06
Marked as misclassified	No
Message-id	<1332610427.29.0.895993489101.issue14398@psf.upfronthosting.co.za>
In-reply-to

Content
I have been able to reproduce it; see attached script. It happens for inputs of 2GB (decompressed), but not for ones of 1GB. It seems that bz2module.c doesn't guard against 32-bit overflows when handling the size of the decompressed data. This affects both the BZ2Decompressor object's decompress() method, and the module-level decompress() function. All python versions prior to 3.3 are affected.

I have been able to reproduce it; see attached script. It happens for
inputs of 2GB (decompressed), but not for ones of 1GB.

It seems that bz2module.c doesn't guard against 32-bit overflows when
handling the size of the decompressed data. This affects both the
BZ2Decompressor object's decompress() method, and the module-level
decompress() function. All python versions prior to 3.3 are affected.

History
Date	User	Action	Args
2012-03-24 17:33:47	nadeem.vawda	set	recipients: + nadeem.vawda, loewis, Laurent.Gautier
2012-03-24 17:33:47	nadeem.vawda	set	messageid: <1332610427.29.0.895993489101.issue14398@psf.upfronthosting.co.za>
2012-03-24 17:33:46	nadeem.vawda	link	issue14398 messages
2012-03-24 17:33:46	nadeem.vawda	create