[New-bugs-announce] [issue27547] Integer Overflow Crash On float(array.array())
pablo sacristan
report at bugs.python.org
Mon Jul 18 01:39:04 EDT 2016
New submission from pablo sacristan:
There is an integer overflow because python doesn't check the length as it does with bytearray() and it still goes on, so by doing something like:
>>> import array
>>> float(array.array("L",b"a"*0xFFFFFFFFFFFFFFF+100000**8000000000))
It returns:
Python(2179,0x7fff7ad6a000) malloc: *** mach_vm_map(size=1152921504606851072) failed (error code=3)
*** error: can't allocate region
*** set a breakpoint in malloc_error_break to debug
And then it just crashes
Or you can skip the error and just do:
>>> import array
>>> float(array.array("L",b"a"*0xFFFFFFFFFFFFFFF**10000000000**80000000000000000))
That will just make python freeze until you restart it, which is as good as crashed.
The file would be:
import array
float(array.array("L",b"a"*0xFFFFFFFFFFFFFFF**10000000000**80000000000000000))
Hope it helps ;)
----------
messages: 270700
nosy: pabstersac
priority: normal
severity: normal
status: open
title: Integer Overflow Crash On float(array.array())
versions: Python 3.5, Python 3.6
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue27547>
_______________________________________
More information about the New-bugs-announce
mailing list