From 0b290dd2171e745d94f48298cafb2327eb2de17c Mon Sep 17 00:00:00 2001 From: "Miss Skeleton (bot)" <31488909+miss-islington@users.noreply.github.com> Date: Sun, 25 Oct 2020 16:24:56 -0700 Subject: bpo-42150: Avoid buffer overflow in the new parser (GH-22978) (cherry picked from commit e68c67805e6a4c4ec80bea64be0e8373cc02d322) Co-authored-by: Pablo Galindo --- .../next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst | 2 ++ Parser/pegen/pegen.c | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst diff --git a/Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst b/Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst new file mode 100644 index 0000000..62fabb8 --- /dev/null +++ b/Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst @@ -0,0 +1,2 @@ +Fix possible buffer overflow in the new parser when checking for +continuation lines. Patch by Pablo Galindo. diff --git a/Parser/pegen/pegen.c b/Parser/pegen/pegen.c index 2c435fb..a7643fc 100644 --- a/Parser/pegen/pegen.c +++ b/Parser/pegen/pegen.c @@ -989,7 +989,8 @@ bad_single_statement(Parser *p) /* Newlines are allowed if preceded by a line continuation character or if they appear inside a string. */ - if (!cur || *(cur - 1) == '\\' || newline_in_string(p, cur)) { + if (!cur || (cur != p->tok->buf && *(cur - 1) == '\\') + || newline_in_string(p, cur)) { return 0; } char c = *cur; -- cgit v0.12