[issue28563] Arbitrary code execution in gettext.c2py
Serhiy Storchaka
report at bugs.python.org
Tue Nov 8 03:58:07 EST 2016
Serhiy Storchaka added the comment:
Just for reference:
https://www.gnu.org/software/gettext/manual/gettext.html#Plural-forms
http://git.savannah.gnu.org/cgit/gettext.git/tree/gettext-runtime/intl/plural.y
Yet one security issue is that too deep recursion can cause MemoryError or even a crash in Python compiler. My patch creates too much nested parenthesis. Updated patch minimize using parenthesis to minimum and adds guards against too deep recursion.
----------
Added file: http://bugs.python.org/file45387/gettext-parse-plural-2.patch
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue28563>
_______________________________________
More information about the Python-bugs-list
mailing list