➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2022-02-01 12:38 by a-shvedov, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| issue-file_asanlog.log | a-shvedov, 2022-02-01 12:38 | AddressSanitizer logfile | ||
| Messages (2) | |||
|---|---|---|---|
| msg412251 - (view) | Author: A-Shvedov (a-shvedov) | Date: 2022-02-01 12:38 | |
Hello. Got an error with AFLplusplus, with crafted sample: https://github.com/a-shvedov/res/blob/master/fuzzing/python/crashes/id:000000%2Csig:11%2Csrc:009074%2Ctime:446401660%2Cexecs:16120011%2Cop:arith8%2Cpos:16%2Cval:-21 Compiled with: clang (version 6.0.0-3) ; Configure params: --enable-optimizations --prefix= . Package version: Python-3.9.9 ; Builded binary info: python: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, not stripped ; Stderr with run crafted sample: Segmentation fault ; AddressSanitizer run: Objects/object.c:767:24: runtime error: member access within null pointer of type 'PyObject' (aka 'struct _object') ; AddressSanitizer log attached in logfile. |
|||
| msg412282 - (view) | Author: Christian Heimes (christian.heimes) *  |
Date: 2022-02-01 15:48 | |
The crash occurs inside marshal module (Python/marshal.c). The marshal module is unsafe and cannot safely parse malicious code. Bad marshal code is expected to crash the interpreter. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:55 | admin | set | github: 90757 |
| 2022-02-01 15:48:04 | christian.heimes | set | status: open -> closed nosy: + christian.heimes messages: + msg412282 resolution: wont fix stage: resolved |
| 2022-02-01 12:38:41 | a-shvedov | create | |