classification
Title: Segfault in command line processing due to buffer over-read
Type: crash Stage: resolved
Components: Interpreter Core Versions: Python 3.8, Python 3.7
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: cgohlke, miss-islington, vstinner
Priority: critical Keywords: patch

Created on 2018-05-31 06:31 by cgohlke, last changed 2018-05-31 14:14 by vstinner. This issue is now closed.

Files
File name Uploaded Description Edit
master...cgohlke patch-1.diff cgohlke, 2018-05-31 06:31
Pull Requests
URL Status Linked Edit
PR 7283 merged vstinner, 2018-05-31 12:57
PR 7284 merged miss-islington, 2018-05-31 13:09
Messages (4)
msg318260 - (view) Author: Christoph Gohlke (cgohlke) Date: 2018-05-31 06:31
When testing Python 3.7.0b5 x64 (and betas before) on Windows 10, I occasionally get segfaults when passing a program as string on the command line. The shortest command to reproduce this on my system is `python.exe -c 1` with heap detection turned on but that might not be reproducible on other systems.

It turns out there is a buffer over-read when copying the `PyOS_optarg` string in `main.c`. The attached patch fixes the segfault on my system.
msg318302 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2018-05-31 13:09
New changeset 58d1683255abb0df4fc70960da6121aeaa41e1d1 by Victor Stinner in branch 'master':
bpo-33706: Fix pymain_parse_cmdline_impl() (GH-7283)
https://github.com/python/cpython/commit/58d1683255abb0df4fc70960da6121aeaa41e1d1
msg318310 - (view) Author: miss-islington (miss-islington) Date: 2018-05-31 13:43
New changeset c6de46e180e81508a3b43341791b56418bd811f9 by Miss Islington (bot) in branch '3.7':
bpo-33706: Fix pymain_parse_cmdline_impl() (GH-7283)
https://github.com/python/cpython/commit/c6de46e180e81508a3b43341791b56418bd811f9
msg318315 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2018-05-31 14:14
Thank you Christoph Gohlke for your bug report and your fix! I fixed 3.7 and master branches.
History
Date User Action Args
2018-05-31 14:14:27vstinnersetstatus: open -> closed
resolution: fixed
messages: + msg318315

stage: patch review -> resolved
2018-05-31 13:43:23miss-islingtonsetnosy: + miss-islington
messages: + msg318310
2018-05-31 13:09:56miss-islingtonsetpull_requests: + pull_request6910
2018-05-31 13:09:30vstinnersetmessages: + msg318302
2018-05-31 12:57:05vstinnersetstage: patch review
pull_requests: + pull_request6909
2018-05-31 07:30:41serhiy.storchakasetpriority: normal -> critical
nosy: + vstinner

components: + Interpreter Core
versions: + Python 3.8
2018-05-31 07:02:53cgohlkesettype: crash
2018-05-31 06:31:10cgohlkecreate