Author stestagg
Recipients Erik-Lamers1, pmpp, stestagg
Date 2020-12-10.21:34:01
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1607636041.53.0.900192875057.issue42609@roundup.psfhosted.org>
In-reply-to
Content
In python 3.7/8, It's a stack overflow in the constant folding code.

On master, the overflow seems to come out of validate_expr.c.

* thread #1, name = 'python3', stop reason = signal SIGSEGV: invalid address (fault address: 0x7fffff7feff8)
    frame #0: 0x00005555557aadba python3`validate_expr(exp=0x00005555602617c0, ctx=Load) at ast.c:224:16
   221          }
   222          return validate_exprs(exp->v.BoolOp.values, Load, 0);
   223      case BinOp_kind:
-> 224          return validate_expr(exp->v.BinOp.left, Load) &&
   225              validate_expr(exp->v.BinOp.right, Load);
   226      case UnaryOp_kind:
   227          return validate_expr(exp->v.UnaryOp.operand, Load);


300,000 ish stack frames of this:

    frame #70832: 0x00005555557aadbf python3`validate_expr(exp=0x000055556150af40, ctx=Load) at ast.c:224:16
    frame #70833: 0x00005555557aadbf python3`validate_expr(exp=0x000055556150b050, ctx=Load) at ast.c:224:16
    frame #70834: 0x00005555557aadbf python3`validate_expr(exp=0x000055556150b160, ctx=Load) at ast.c:224:16
    frame #70835: 0x00005555557aadbf python3`validate_expr(exp=0x000055556150b270, ctx=Load) at ast.c:224:16
    frame #70836: 0x00005555557aadbf python3`validate_expr(exp=0x000055556150b380, ctx=Load) at ast.c:224:16
    frame #70837: 0x00005555557aadbf python3`validate_expr(exp=0x000055556150b490, ctx=Load) at ast.c:224:16
    frame #70838: 0x00005555557aadbf python3`validate_expr(exp=0x000055556150b5a0, ctx=Load) at ast.c:224:16
    frame #70839: 0x00005555557aadbf python3`validate_expr(exp=0x000055556150b6b0, ctx=Load) at ast.c:224:16


On the one hand, pure python code should never segfault, on the other hand, `eval`ling untrusted input has bigger problems than a segfault on carefully crafted input.
History
Date User Action Args
2020-12-10 21:34:01stestaggsetrecipients: + stestagg, pmpp, Erik-Lamers1
2020-12-10 21:34:01stestaggsetmessageid: <1607636041.53.0.900192875057.issue42609@roundup.psfhosted.org>
2020-12-10 21:34:01stestagglinkissue42609 messages
2020-12-10 21:34:01stestaggcreate