Author serhiy.storchaka
Recipients BT123, serhiy.storchaka
Date 2018-03-01.06:10:12
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1519884613.3.0.467229070634.issue32056@psf.upfronthosting.co.za>
In-reply-to
Content
I have no idea why this was classified as a vulnerability. I don't think it can crash an application. If you have an example of crashing please provide it.

I would not classify this issue even as a bug. It is obvious that invalid files can cause an exception. It may be good to detect some of errors earlier and raise more specific exception (Error would be more appropriate here than ValueError). But in general validating the wave file is not the purpose of this module, and this task can't be performed without reading the whole file, not only the header.

All changes in wave.py should be ported to aifc.py and sunau.py and needs tests.
History
Date User Action Args
2018-03-01 06:10:13serhiy.storchakasetrecipients: + serhiy.storchaka, BT123
2018-03-01 06:10:13serhiy.storchakasetmessageid: <1519884613.3.0.467229070634.issue32056@psf.upfronthosting.co.za>
2018-03-01 06:10:13serhiy.storchakalinkissue32056 messages
2018-03-01 06:10:12serhiy.storchakacreate