This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author atalaba
Recipients atalaba, serhiy.storchaka, vstinner
Date 2019-05-06.18:51:21
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1557168681.45.0.232948256283.issue36819@roundup.psfhosted.org>
In-reply-to
Content
The CPython interpreter write out-of-bounds of allocated memory in certain edge cases in the utf-16 and utf-32 encoders. 

The attached script registers two error handlers that either write one ascii character, or two bytes, and tells the encoder to start again from the start of the encoding error. The script then tries to encode an invalid codepoint in either utf-16 or utf-32. Each of the calls to encode independently cause segfaults

Since the encoder starts over again and keeps trying to append the result of the error handler, the lack of proper re-allocations leads to a buffer overflow, and corrupts the stack.
History
Date User Action Args
2019-05-06 18:51:21atalabasetrecipients: + atalaba, vstinner, serhiy.storchaka
2019-05-06 18:51:21atalabasetmessageid: <1557168681.45.0.232948256283.issue36819@roundup.psfhosted.org>
2019-05-06 18:51:21atalabalinkissue36819 messages
2019-05-06 18:51:21atalabacreate