Message 241401 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	martin.panter
Recipients	martin.panter, pitrou, python-dev, serhiy.storchaka, vstinner
Date	2015-04-18.06:14:10
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1429337650.89.0.912902935775.issue19087@psf.upfronthosting.co.za>
In-reply-to

Content
I think the changes for this issue are causing the crash and unexpected buffer expansion described in Issue 23985. Appending to a bytearray() can overstep the memory buffer because it doesn’t account for ob_start when checking for resizing. And “del” can expand the allocated memory due to an off-by-one error. Please have a look at my patches. Perhaps there are other operations that also need patching to account for ob_start.

I think the changes for this issue are causing the crash and unexpected buffer expansion described in Issue 23985. Appending to a bytearray() can overstep the memory buffer because it doesn’t account for ob_start when checking for resizing. And “del” can expand the allocated memory due to an off-by-one error. Please have a look at my patches. Perhaps there are other operations that also need patching to account for ob_start.

History
Date	User	Action	Args
2015-04-18 06:14:10	martin.panter	set	recipients: + martin.panter, pitrou, vstinner, python-dev, serhiy.storchaka
2015-04-18 06:14:10	martin.panter	set	messageid: <1429337650.89.0.912902935775.issue19087@psf.upfronthosting.co.za>
2015-04-18 06:14:10	martin.panter	link	issue19087 messages
2015-04-18 06:14:10	martin.panter	create