Author vstinner
Recipients serhiy.storchaka, vstinner, wjq-security, xtreak
Date 2019-03-26.12:51:47
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1553604707.52.0.880250800252.issue36436@roundup.psfhosted.org>
In-reply-to
Content
> _testcapimodule.c is mostly imported as _testcapi in tests. I am not sure this is a security issue.

The function triggers a memory overflow on purpose. Handling memory allocation failure is the least of your problem if you call this function :-)

The whole module is designed to testing purpose only. "_" prefix in "_testapi" means that it must not be used. It's not documented on purpose.

Attached PR fix the bug.
History
Date User Action Args
2019-03-26 12:51:47vstinnersetrecipients: + vstinner, serhiy.storchaka, xtreak, wjq-security
2019-03-26 12:51:47vstinnersetmessageid: <1553604707.52.0.880250800252.issue36436@roundup.psfhosted.org>
2019-03-26 12:51:47vstinnerlinkissue36436 messages
2019-03-26 12:51:47vstinnercreate