This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients larry, methane, serhiy.storchaka, thehesiod, vstinner
Date 2017-08-22.22:56:48
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1503442608.51.0.499709006583.issue31095@psf.upfronthosting.co.za>
In-reply-to
Content
In my experience, it's not that hard to crash CPython (without ctypes) if you know internals or just if you look into Lib/test/crashers/ :-)

I agree that it's a good practice to fix crashes when there is a simple known script to crash Python. The question is more where is the limit between security and bug fixes.

To be honest, the change is very safe and is very short.

@Larry: It's up to you, you are the release manager :-)

If we consider that the discussed bugs impact the security, I will ask for backports to 2.7, 3.3 and 3.4 as well.
History
Date User Action Args
2017-08-22 22:56:48vstinnersetrecipients: + vstinner, larry, methane, serhiy.storchaka, thehesiod
2017-08-22 22:56:48vstinnersetmessageid: <1503442608.51.0.499709006583.issue31095@psf.upfronthosting.co.za>
2017-08-22 22:56:48vstinnerlinkissue31095 messages
2017-08-22 22:56:48vstinnercreate