diff options
author | Gregory P. Smith <greg@krypto.org> | 2018-11-13 21:16:54 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-11-13 21:16:54 (GMT) |
commit | 746b2d35ea47005054ed774fecaed64fab803d7d (patch) | |
tree | 95df1265514b578a9c2dcc2898bbce2f100dd064 /Misc | |
parent | 00b137c72f90fbc39a6cd7e48b37c58d19977180 (diff) | |
download | cpython-746b2d35ea47005054ed774fecaed64fab803d7d.zip cpython-746b2d35ea47005054ed774fecaed64fab803d7d.tar.gz cpython-746b2d35ea47005054ed774fecaed64fab803d7d.tar.bz2 |
bpo-35214: Fix OOB memory access in unicode escape parser (GH-10506)
Discovered using clang's MemorySanitizer when it ran python3's
test_fstring test_misformed_unicode_character_name.
An msan build will fail by simply executing: ./python -c 'u"\N"'
Diffstat (limited to 'Misc')
-rw-r--r-- | Misc/NEWS.d/next/Core and Builtins/2018-11-13-00-40-35.bpo-35214.OQBjph.rst | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-11-13-00-40-35.bpo-35214.OQBjph.rst b/Misc/NEWS.d/next/Core and Builtins/2018-11-13-00-40-35.bpo-35214.OQBjph.rst new file mode 100644 index 0000000..d462c97 --- /dev/null +++ b/Misc/NEWS.d/next/Core and Builtins/2018-11-13-00-40-35.bpo-35214.OQBjph.rst @@ -0,0 +1,3 @@ +Fixed an out of bounds memory access when parsing a truncated unicode +escape sequence at the end of a string such as ``'\N'``. It would read +one byte beyond the end of the memory allocation. |