➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2017-04-12 17:13 by serhiy.storchaka, last changed 2022-04-11 14:58 by admin. This issue is now closed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 1095 | merged | serhiy.storchaka, 2017-04-12 17:20 | |
| PR 3973 | merged | python-dev, 2017-10-12 19:19 | |
| PR 3976 | merged | serhiy.storchaka, 2017-10-12 20:20 | |
| Messages (6) | |||
|---|---|---|---|
| msg291563 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) *  |
Date: 2017-04-12 17:13 | |
The first parameter of kqueue.control() is documented as an iterable. But actually it should have a length. kqueue.control() uses PyObject_Size() for allocating an array and PyObject_GetIter()+PyIter_Next() for iterating kevent objects and filling the array. If the length and the iterator are not consistent this can lead to writing past the end of the array. |
|||
| msg291565 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2017-04-12 17:21 | |
Proposed patch presumably fixes the issue. But since this is *BSD specific I can't even check that it is compiled. |
|||
| msg304281 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2017-10-12 18:56 | |
I have tested it on FreeBSD, found and fixed one bug. |
|||
| msg304282 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2017-10-12 19:17 | |
New changeset de072100775cc29e6cd93a75466cecbd1086f258 by Serhiy Storchaka in branch 'master': bpo-30058: Fixed buffer overflow in select.kqueue.control(). (#1095) https://github.com/python/cpython/commit/de072100775cc29e6cd93a75466cecbd1086f258 |
|||
| msg304286 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2017-10-12 20:20 | |
New changeset c923da188bc055e4f3001a6daf1caf54f2b10e40 by Serhiy Storchaka (Miss Islington (bot)) in branch '3.6': [3.6] bpo-30058: Fixed buffer overflow in select.kqueue.control(). (GH-1095) (#3973) https://github.com/python/cpython/commit/c923da188bc055e4f3001a6daf1caf54f2b10e40 |
|||
| msg304289 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2017-10-12 21:13 | |
New changeset 9aa60245a0ff929e528b4521da7af20dacd4145b by Serhiy Storchaka in branch '2.7': [2.7] bpo-30058: Fixed buffer overflow in select.kqueue.control(). (GH-1095). (#3976) https://github.com/python/cpython/commit/9aa60245a0ff929e528b4521da7af20dacd4145b |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:58:45 | admin | set | github: 74244 |
| 2017-10-12 21:13:33 | serhiy.storchaka | set | status: open -> closed resolution: fixed stage: patch review -> resolved |
| 2017-10-12 21:13:13 | serhiy.storchaka | set | messages: + msg304289 |
| 2017-10-12 20:20:46 | serhiy.storchaka | set | messages: + msg304286 |
| 2017-10-12 20:20:04 | serhiy.storchaka | set | pull_requests: + pull_request3952 |
| 2017-10-12 19:19:00 | python-dev | set | keywords:
+ patch pull_requests: + pull_request3951 |
| 2017-10-12 19:17:48 | serhiy.storchaka | set | messages: + msg304282 |
| 2017-10-12 18:56:00 | serhiy.storchaka | set | assignee: serhiy.storchaka messages: + msg304281 versions: - Python 3.5 |
| 2017-04-12 17:21:44 | serhiy.storchaka | set | messages:
+ msg291565 stage: patch review |
| 2017-04-12 17:20:05 | serhiy.storchaka | set | pull_requests: + pull_request1237 |
| 2017-04-12 17:13:38 | serhiy.storchaka | create | |