[issue36436] _testcapi.pymem_buffer_overflow() doesn't handle memory allocation failure
STINNER Victor
report at bugs.python.org
Tue Mar 26 08:51:47 EDT 2019
STINNER Victor <vstinner at redhat.com> added the comment:
> _testcapimodule.c is mostly imported as _testcapi in tests. I am not sure this is a security issue.
The function triggers a memory overflow on purpose. Handling memory allocation failure is the least of your problem if you call this function :-)
The whole module is designed to testing purpose only. "_" prefix in "_testapi" means that it must not be used. It's not documented on purpose.
Attached PR fix the bug.
----------
components: +Tests
title: Potential null pointer de-reference vulnerability -> _testcapi.pymem_buffer_overflow() doesn't handle memory allocation failure
type: security ->
versions: +Python 3.7, Python 3.8
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue36436>
_______________________________________
More information about the Python-bugs-list
mailing list