Message 338880 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	serhiy.storchaka, vstinner, wjq-security, xtreak
Date	2019-03-26.12:51:47
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1553604707.52.0.880250800252.issue36436@roundup.psfhosted.org>
In-reply-to

Content
> _testcapimodule.c is mostly imported as _testcapi in tests. I am not sure this is a security issue. The function triggers a memory overflow on purpose. Handling memory allocation failure is the least of your problem if you call this function :-) The whole module is designed to testing purpose only. "_" prefix in "_testapi" means that it must not be used. It's not documented on purpose. Attached PR fix the bug.

> _testcapimodule.c is mostly imported as _testcapi in tests. I am not sure this is a security issue.

The function triggers a memory overflow on purpose. Handling memory allocation failure is the least of your problem if you call this function :-)

The whole module is designed to testing purpose only. "_" prefix in "_testapi" means that it must not be used. It's not documented on purpose.

Attached PR fix the bug.

History
Date	User	Action	Args
2019-03-26 12:51:47	vstinner	set	recipients: + vstinner, serhiy.storchaka, xtreak, wjq-security
2019-03-26 12:51:47	vstinner	set	messageid: <1553604707.52.0.880250800252.issue36436@roundup.psfhosted.org>
2019-03-26 12:51:47	vstinner	link	issue36436 messages
2019-03-26 12:51:47	vstinner	create