mirror of
https://github.com/python/cpython.git
synced 2025-11-24 12:20:42 +00:00
[3.14] gh-140471: Fix buffer overflow in AST node initialization with malformed _fields (GH-140506) (#140509)
Some checks are pending
Tests / (push) Blocked by required conditions
Tests / Windows MSI (push) Blocked by required conditions
Tests / Change detection (push) Waiting to run
Tests / Docs (push) Blocked by required conditions
Tests / Check if the ABI has changed (push) Blocked by required conditions
Tests / Check if Autoconf files are up to date (push) Blocked by required conditions
Tests / Check if generated files are up to date (push) Blocked by required conditions
Tests / Ubuntu SSL tests with OpenSSL (push) Blocked by required conditions
Tests / Android (aarch64) (push) Blocked by required conditions
Tests / Android (x86_64) (push) Blocked by required conditions
Tests / WASI (push) Blocked by required conditions
Tests / Hypothesis tests on Ubuntu (push) Blocked by required conditions
Tests / Address sanitizer (push) Blocked by required conditions
Tests / Sanitizers (push) Blocked by required conditions
Tests / Cross build Linux (push) Blocked by required conditions
Tests / CIFuzz (push) Blocked by required conditions
Tests / All required checks pass (push) Blocked by required conditions
Lint / lint (push) Waiting to run
Some checks are pending
Tests / (push) Blocked by required conditions
Tests / Windows MSI (push) Blocked by required conditions
Tests / Change detection (push) Waiting to run
Tests / Docs (push) Blocked by required conditions
Tests / Check if the ABI has changed (push) Blocked by required conditions
Tests / Check if Autoconf files are up to date (push) Blocked by required conditions
Tests / Check if generated files are up to date (push) Blocked by required conditions
Tests / Ubuntu SSL tests with OpenSSL (push) Blocked by required conditions
Tests / Android (aarch64) (push) Blocked by required conditions
Tests / Android (x86_64) (push) Blocked by required conditions
Tests / WASI (push) Blocked by required conditions
Tests / Hypothesis tests on Ubuntu (push) Blocked by required conditions
Tests / Address sanitizer (push) Blocked by required conditions
Tests / Sanitizers (push) Blocked by required conditions
Tests / Cross build Linux (push) Blocked by required conditions
Tests / CIFuzz (push) Blocked by required conditions
Tests / All required checks pass (push) Blocked by required conditions
Lint / lint (push) Waiting to run
gh-140471: Fix buffer overflow in AST node initialization with malformed `_fields` (GH-140506)
(cherry picked from commit 95953b692d)
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
This commit is contained in:
Miss Islington (bot)
GitHub
parent
29c42cc621
commit
8285bc7ea2
4 changed files with 15 additions and 4 deletions
|
|
@ -3309,6 +3309,15 @@ class ASTConstructorTests(unittest.TestCase):
|
|||
self.assertEqual(obj.a, 1)
|
||||
self.assertEqual(obj.b, 2)
|
||||
|
||||
def test_malformed_fields_with_bytes(self):
|
||||
class BadFields(ast.AST):
|
||||
_fields = (b'\xff'*64,)
|
||||
_field_types = {'a': int}
|
||||
|
||||
# This should not crash
|
||||
with self.assertWarnsRegex(DeprecationWarning, r"Field b'\\xff\\xff.*' .*"):
|
||||
obj = BadFields()
|
||||
|
||||
def test_complete_field_types(self):
|
||||
class _AllFieldTypes(ast.AST):
|
||||
_fields = ('a', 'b')
|
||||
|
|
|
|||
|
|
@ -0,0 +1,2 @@
|
|||
Fix potential buffer overflow in :class:`ast.AST` node initialization when
|
||||
encountering malformed :attr:`~ast.AST._fields` containing non-:class:`str`.
|
||||
|
|
@ -1009,7 +1009,7 @@ ast_type_init(PyObject *self, PyObject *args, PyObject *kw)
|
|||
else {
|
||||
if (PyErr_WarnFormat(
|
||||
PyExc_DeprecationWarning, 1,
|
||||
"Field '%U' is missing from %.400s._field_types. "
|
||||
"Field %R is missing from %.400s._field_types. "
|
||||
"This will become an error in Python 3.15.",
|
||||
name, Py_TYPE(self)->tp_name
|
||||
) < 0) {
|
||||
|
|
@ -1044,7 +1044,7 @@ ast_type_init(PyObject *self, PyObject *args, PyObject *kw)
|
|||
// simple field (e.g., identifier)
|
||||
if (PyErr_WarnFormat(
|
||||
PyExc_DeprecationWarning, 1,
|
||||
"%.400s.__init__ missing 1 required positional argument: '%U'. "
|
||||
"%.400s.__init__ missing 1 required positional argument: %R. "
|
||||
"This will become an error in Python 3.15.",
|
||||
Py_TYPE(self)->tp_name, name
|
||||
) < 0) {
|
||||
|
|
|
|||
4
Python/Python-ast.c
generated
4
Python/Python-ast.c
generated
|
|
@ -5293,7 +5293,7 @@ ast_type_init(PyObject *self, PyObject *args, PyObject *kw)
|
|||
else {
|
||||
if (PyErr_WarnFormat(
|
||||
PyExc_DeprecationWarning, 1,
|
||||
"Field '%U' is missing from %.400s._field_types. "
|
||||
"Field %R is missing from %.400s._field_types. "
|
||||
"This will become an error in Python 3.15.",
|
||||
name, Py_TYPE(self)->tp_name
|
||||
) < 0) {
|
||||
|
|
@ -5328,7 +5328,7 @@ ast_type_init(PyObject *self, PyObject *args, PyObject *kw)
|
|||
// simple field (e.g., identifier)
|
||||
if (PyErr_WarnFormat(
|
||||
PyExc_DeprecationWarning, 1,
|
||||
"%.400s.__init__ missing 1 required positional argument: '%U'. "
|
||||
"%.400s.__init__ missing 1 required positional argument: %R. "
|
||||
"This will become an error in Python 3.15.",
|
||||
Py_TYPE(self)->tp_name, name
|
||||
) < 0) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue