This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Parvesh jain
Recipients Insu Yun, Parvesh jain, berker.peksag, georg.brandl, ned.deily, python-dev, vladk
Date 2016-10-07.03:57:42
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
I think patches put up in is at least not sufficient enough for Python 2.7. 
POC script( provided with the issue calls get_data with data_size = -1.
I am using Python 2.7.8 . I patched the same with the solution provided in . I was still able to reproduce the issue and it failed with 

Traceback (most recent call last):
  File "", line 25, in <module>
IOError: zipimport: can't read data
Segmentation fault (core dumped)

but I couldn't reproduce the same with latest 2.7.12:-

jchang@qasus-ubun12x64-001:~/Downloads/Python-2.7.12$ python2.7 -V
Python 2.7.12
jchang@qasus-ubun12x64-001:~/Downloads/Python-2.7.12$ python2.7
Traceback (most recent call last):
  File "", line 25, in <module>
zipimport.ZipImportError: negative data size

As we can see issue does happen in 2.7.12 because of following extra check :-

if (data_size < 0) {
        PyErr_Format(ZipImportError, "negative data size");
        return NULL;

which was merged in 

I was thinking of backporting the same to Python 2.7.8 as well to completely address this issue. Could you guys confirm if my understanding is correct on this ? Thanks
Date User Action Args
2016-10-07 03:57:44Parvesh jainsetrecipients: + Parvesh jain, georg.brandl, ned.deily, python-dev, berker.peksag, Insu Yun, vladk
2016-10-07 03:57:43Parvesh jainsetmessageid: <>
2016-10-07 03:57:43Parvesh jainlinkissue26171 messages
2016-10-07 03:57:42Parvesh jaincreate