mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-31 05:58:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

[3.11] gh-95778: CVE-2020-10735: Prevent DoS by very large int() (#96500)

Browse source 
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.

This PR comes fresh from a pile of work done in our private PSRT security response team repo.

This backports https://github.com/python/cpython/pull/96499 aka 511ca94520

Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).

<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->

I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
This commit is contained in:
Gregory P. Smith 2022-09-02 09:48:57 -07:00 committed by GitHub
parent 57116d5682
commit f8b71da9aa
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
27 changed files with 775 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

55
Python/clinic/sysmodule.c.h generated
View file

@ -669,6 +669,59 @@ exit:
#endif /* defined(USE_MALLOPT) */
PyDoc_STRVAR(sys_get_int_max_str_digits__doc__,
"get_int_max_str_digits($module, /)\n"
"--\n"
"\n"
"Set the maximum string digits limit for non-binary int<->str conversions.");
#define SYS_GET_INT_MAX_STR_DIGITS_METHODDEF \
{"get_int_max_str_digits", (PyCFunction)sys_get_int_max_str_digits, METH_NOARGS, sys_get_int_max_str_digits__doc__},
static PyObject *
sys_get_int_max_str_digits_impl(PyObject *module);
static PyObject *
sys_get_int_max_str_digits(PyObject *module, PyObject *Py_UNUSED(ignored))
{
return sys_get_int_max_str_digits_impl(module);
}
PyDoc_STRVAR(sys_set_int_max_str_digits__doc__,
"set_int_max_str_digits($module, /, maxdigits)\n"
"--\n"
"\n"
"Set the maximum string digits limit for non-binary int<->str conversions.");
#define SYS_SET_INT_MAX_STR_DIGITS_METHODDEF \
{"set_int_max_str_digits", _PyCFunction_CAST(sys_set_int_max_str_digits), METH_FASTCALL|METH_KEYWORDS, sys_set_int_max_str_digits__doc__},
static PyObject *
sys_set_int_max_str_digits_impl(PyObject *module, int maxdigits);
static PyObject *
sys_set_int_max_str_digits(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames)
{
PyObject *return_value = NULL;
static const char * const _keywords[] = {"maxdigits", NULL};
static _PyArg_Parser _parser = {NULL, _keywords, "set_int_max_str_digits", 0};
PyObject *argsbuf[1];
int maxdigits;
args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser, 1, 1, 0, argsbuf);
if (!args) {
goto exit;
}
maxdigits = _PyLong_AsInt(args[0]);
if (maxdigits == -1 && PyErr_Occurred()) {
goto exit;
}
return_value = sys_set_int_max_str_digits_impl(module, maxdigits);
exit:
return return_value;
}
PyDoc_STRVAR(sys_getrefcount__doc__,
"getrefcount($module, object, /)\n"
"--\n"
@ -1014,4 +1067,4 @@ sys_getandroidapilevel(PyObject *module, PyObject *Py_UNUSED(ignored))
#ifndef SYS_GETANDROIDAPILEVEL_METHODDEF
#define SYS_GETANDROIDAPILEVEL_METHODDEF
#endif /* !defined(SYS_GETANDROIDAPILEVEL_METHODDEF) */
/*[clinic end generated code: output=98efd34fd9b9b6ab input=a9049054013a1b77]*/
/*[clinic end generated code: output=21a32aa71d36a98c input=a9049054013a1b77]*/