This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

classification
Title: Crash when calling zipimport.zipimporter.__new__().()
Type: Stage: resolved
Components: Extension Modules Versions: Python 3.6, Python 3.5, Python 2.7
process
Status: closed Resolution: out of date
Dependencies: Superseder:
Assigned To: Nosy List: Alexandre Hamelin, iritkatriel, serhiy.storchaka
Priority: normal Keywords:

Created on 2019-07-27 20:52 by Alexandre Hamelin, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Messages (3)
msg348563 - (view) Author: Alexandre Hamelin (Alexandre Hamelin) Date: 2019-07-27 20:52 
Found a crash with zipimport.zipimporter. Might or might not be related to Issue31723 which I've found searching the issues afterwards.

    import zipimport
    zipimport.zipimporter.__new__(zipimport.zipimporter).find_module('')

Python 2.7 and 3.6. Seems to be 'fixed' in 3.7+ (Linux, x86-64); reports that __init__ hasn't been called yet.

Found during manual testing in a break-the-python-jail CTF-like challenge.

Backtrace for Python 2.7
Python 2.7.15 (default, Oct 10 2018, 09:10:43)
[GCC 6.4.0] on linux2

$ gdb -q python2
Reading symbols from python2...(no debugging symbols found)...done.
(gdb) run zipcrash.py
Starting program: /usr/bin/python2 zipcrash.py
process 11106 is executing new program: /usr/bin/python2.7
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7a86695 in PyString_AsString () from /usr/lib64/libpython2.7.so.1.0
(gdb) bt
#0  0x00007ffff7a86695 in PyString_AsString () from /usr/lib64/libpython2.7.so.1.0
#1  0x00007ffff7b20269 in ?? () from /usr/lib64/libpython2.7.so.1.0
#2  0x00007ffff7b20400 in ?? () from /usr/lib64/libpython2.7.so.1.0
#3  0x00007ffff7adb3e7 in PyEval_EvalFrameEx () from /usr/lib64/libpython2.7.so.1.0
#4  0x00007ffff7adca6c in PyEval_EvalCodeEx () from /usr/lib64/libpython2.7.so.1.0
#5  0x00007ffff7adcb59 in PyEval_EvalCode () from /usr/lib64/libpython2.7.so.1.0
#6  0x00007ffff7af60df in ?? () from /usr/lib64/libpython2.7.so.1.0
#7  0x00007ffff7af7322 in PyRun_FileExFlags () from /usr/lib64/libpython2.7.so.1.0
#8  0x00007ffff7af8535 in PyRun_SimpleFileExFlags () from /usr/lib64/libpython2.7.so.1.0
#9  0x00007ffff7b0a537 in Py_Main () from /usr/lib64/libpython2.7.so.1.0
#10 0x00007ffff74281db in __libc_start_main () from /lib64/libc.so.6
#11 0x00005555555547ca in _start ()
(gdb)


Backtrace for Python 3.6
Python 3.6.5 (default, Jul 16 2018, 11:40:44)
[GCC 6.4.0] on linux

$ gdb -q python3
Reading symbols from python3...(no debugging symbols found)...done.
(gdb) run zipcrash.py
Starting program: /usr/bin/python3 zipcrash.py
process 11149 is executing new program: /usr/bin/python3.6m
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7aa5eea in ?? () from /usr/lib64/libpython3.6m.so.1.0
(gdb) bt
#0  0x00007ffff7aa5eea in ?? () from /usr/lib64/libpython3.6m.so.1.0
#1  0x00007ffff7aa6a92 in ?? () from /usr/lib64/libpython3.6m.so.1.0
#2  0x00007ffff7aa6c9c in ?? () from /usr/lib64/libpython3.6m.so.1.0
#3  0x00007ffff7aa6f49 in ?? () from /usr/lib64/libpython3.6m.so.1.0
#4  0x00007ffff79a8d49 in _PyCFunction_FastCallDict () from /usr/lib64/libpython3.6m.so.1.0
#5  0x00007ffff7a1d0d5 in ?? () from /usr/lib64/libpython3.6m.so.1.0
#6  0x00007ffff7a20dea in _PyEval_EvalFrameDefault () from /usr/lib64/libpython3.6m.so.1.0
#7  0x00007ffff7a1cc3c in ?? () from /usr/lib64/libpython3.6m.so.1.0
#8  0x00007ffff7a1d1ce in PyEval_EvalCodeEx () from /usr/lib64/libpython3.6m.so.1.0
#9  0x00007ffff7a1d1fb in PyEval_EvalCode () from /usr/lib64/libpython3.6m.so.1.0
#10 0x00007ffff7a478b4 in ?? () from /usr/lib64/libpython3.6m.so.1.0
#11 0x00007ffff7a49f35 in PyRun_FileExFlags () from /usr/lib64/libpython3.6m.so.1.0
#12 0x00007ffff7a4a0a5 in PyRun_SimpleFileExFlags () from /usr/lib64/libpython3.6m.so.1.0
#13 0x00007ffff7a610a3 in Py_Main () from /usr/lib64/libpython3.6m.so.1.0
#14 0x0000555555554b99 in main ()
(gdb)
msg400954 - (view) Author: Irit Katriel (iritkatriel) * (Python committer) Date: 2021-09-02 20:38 
Closing as 2.7 and 3.6 are no longer maintained, and you say the crash was gone in 3.7+. 


On 3.11 it indeed doesn't crash:

>>> zipimport.zipimporter.__new__(zipimport.zipimporter).find_module('')
<frozen zipimport>:158: DeprecationWarning: zipimporter.find_module() is deprecated and slated for removal in Python 3.12; use find_spec() instead
<frozen zipimport>:122: DeprecationWarning: zipimporter.find_loader() is deprecated and slated for removal in Python 3.12; use find_spec() instead
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "<frozen zipimport>", line 161, in find_module
  File "<frozen zipimport>", line 125, in find_loader
  File "<frozen zipimport>", line 372, in _get_module_info
  File "<frozen zipimport>", line 359, in _get_module_path
AttributeError: 'zipimporter' object has no attribute 'prefix'
msg400981 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2021-09-03 07:13 
Because the zipimport module is now implemented in Python.
History
Date User Action Args
2022-04-11 14:59:18adminsetgithub: 81875
2021-09-03 07:13:36serhiy.storchakasetmessages: + msg400981
2021-09-02 20:38:02iritkatrielsetstatus: open -> closed

nosy: + iritkatriel
messages: + msg400954

resolution: out of date
stage: resolved
2019-07-27 23:00:15xtreaksetnosy: + serhiy.storchaka
2019-07-27 20:52:03Alexandre Hamelincreate