[New-bugs-announce] [issue15144] Possible integer overflow in operations with addresses and sizes.
Serhiy Storchaka
report at bugs.python.org
Fri Jun 22 22:02:48 CEST 2012
New submission from Serhiy Storchaka <storchaka at gmail.com>:
In unicodeobject.c and stringlib aligned addresses and sizes are used for optimization. pointer->integer and implicit integer->integer conversions may overflow or underflow on platforms with sizeof(size_t) != sizeof(void *) or sizeof(size_t) != sizeof(int). The proposed patch fixes such unsafe things in unicodeobject.c, stringlib and some other files.
There are still a few unsafe places in libffi, but in this library Py_uintptr_t nor uintptr_t are not available.
----------
components: Interpreter Core
files: align_operations.patch
keywords: patch
messages: 163473
nosy: storchaka
priority: normal
severity: normal
status: open
title: Possible integer overflow in operations with addresses and sizes.
type: security
versions: Python 3.3
Added file: http://bugs.python.org/file26091/align_operations.patch
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue15144>
_______________________________________
More information about the New-bugs-announce
mailing list