[issue42103] [security] DoS (MemError via CPU and RAM exhaustion) when processing malformed Apple Property List files in binary format
Serhiy Storchaka
report at bugs.python.org
Wed Oct 21 17:36:41 EDT 2020
Serhiy Storchaka <storchaka+cpython at gmail.com> added the comment:
There are two issues here.
The simple one is building a large format string for struct.unpack(). It has simple solution: use f'>{n}{_BINARY_FORMAT[size]}'.
The hard issue is that read(n) allocates n bytes in memory even if there are not so many bytes in the file. It affects not only plistlib and should be fixed in the file implementation itself. There is an open issue for this.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue42103>
_______________________________________
More information about the Python-bugs-list
mailing list