mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-04 00:48:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Issue #24989: Fixed buffer overread in BytesIO.readline() if a position is

Browse source 
set beyond size.  Based on patch by John Leitch.
This commit is contained in:
Serhiy Storchaka 2015-09-04 01:08:03 +03:00
parent 5b6917e60d
commit 594e54c765
3 changed files with 21 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Modules/_io/bytesio.c
View file

@ -57,14 +57,18 @@ scan_eol(bytesio *self, Py_ssize_t len)
Py_ssize_t maxlen;
assert(self->buf != NULL);
assert(self->pos >= 0);
if (self->pos >= self->string_size)
return 0;
/* Move to the end of the line, up to the end of the string, s. */
start = PyBytes_AS_STRING(self->buf) + self->pos;
maxlen = self->string_size - self->pos;
if (len < 0 || len > maxlen)
len = maxlen;
if (len) {
start = PyBytes_AS_STRING(self->buf) + self->pos;
n = memchr(start, '\n', len);
if (n)
/* Get the length from the current position to the end of