[issue19279] UTF-7 to UTF-8 decoding crash
Serhiy Storchaka
report at bugs.python.org
Thu Oct 17 18:29:57 CEST 2013
Serhiy Storchaka added the comment:
Here is a patch for 3.3+.
Other versions are affected too. They don't raise SystemError, but produce illegal unicode string on wide build.
E.g. in Python 2.7:
>>> 'a+/,+IKw-b'.decode('utf-7', 'replace')
u'a\ufffd\U003f20acb'
\U003f20ac is illegal code.
As encoding and encoded data can come from external source, this can be used in secure attacks.
----------
keywords: +patch
nosy: +barry, benjamin.peterson, georg.brandl, larry
priority: normal -> release blocker
stage: needs patch -> patch review
type: crash -> security
versions: +Python 2.6, Python 2.7, Python 3.2
Added file: http://bugs.python.org/file32156/utf7_errors.patch
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue19279>
_______________________________________
More information about the Python-bugs-list
mailing list