This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients jaybosamiya, larry, leosilva, serhiy.storchaka, vstinner
Date 2017-11-29.16:05:39
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Leo kirotawa silva: "I re-did the build here for python3.4 and couldn't reach the same test fail. So I'm assuming it was a false alarm."

Python 3.4 and 3.5 seem to be also vulnerable:

PyObject *PyBytes_DecodeEscape(const char *s,
                                Py_ssize_t len,
                                const char *errors,
                                Py_ssize_t unicode,
                                const char *recode_encoding)
    Py_ssize_t newlen = recode_encoding ? 4*len:len;
    v = PyBytes_FromStringAndSize((char *)NULL, newlen);

I don't think that Python 3.6 and 3.7 are vulnerable, the code was rewritten with the _PyBytesWriter API. The code got a new _PyBytes_DecodeEscapeRecode() helper function which calls _PyBytesWriter_WriteBytes(), and this function detects properly integer overflows.
Date User Action Args
2017-11-29 16:05:39vstinnersetrecipients: + vstinner, larry, serhiy.storchaka, jaybosamiya, leosilva
2017-11-29 16:05:39vstinnersetmessageid: <>
2017-11-29 16:05:39vstinnerlinkissue30657 messages
2017-11-29 16:05:39vstinnercreate