Message341599
The CPython interpreter write out-of-bounds of allocated memory in certain edge cases in the utf-16 and utf-32 encoders.
The attached script registers two error handlers that either write one ascii character, or two bytes, and tells the encoder to start again from the start of the encoding error. The script then tries to encode an invalid codepoint in either utf-16 or utf-32. Each of the calls to encode independently cause segfaults
Since the encoder starts over again and keeps trying to append the result of the error handler, the lack of proper re-allocations leads to a buffer overflow, and corrupts the stack. |
|
Date |
User |
Action |
Args |
2019-05-06 18:51:21 | atalaba | set | recipients:
+ atalaba, vstinner, serhiy.storchaka |
2019-05-06 18:51:21 | atalaba | set | messageid: <1557168681.45.0.232948256283.issue36819@roundup.psfhosted.org> |
2019-05-06 18:51:21 | atalaba | link | issue36819 messages |
2019-05-06 18:51:21 | atalaba | create | |
|