original ) (raw )
classification
Title :Pointers point out of array bound in _sre.c
Type :behavior
Stage :resolved
Components :Regular Expressions
Versions :Python 3.6, Python 3.4, Python 3.5, Python 2.7
process
Created on 2013-08-08 11:56 by serhiy.storchaka , last changed 2022-04-11 14:57 by admin . This issue is now closed .
Messages (8)
msg194661 - (view) Author: Serhiy Storchaka (serhiy.storchaka) *
Date: 2013-08-08 11:56
In _sre.c pointers can point out of boundaries of array. This is an undefined behavior and is one of causes of a bug in (end-ptr can be negative). The proposed patch change code to check if pointers will point out of boundaries before their changing.
msg201067 - (view) Author: Serhiy Storchaka (serhiy.storchaka) *
Date: 2013-10-23 20:31
Because currently there is no way to test behavior change of this patch (besides rollback a patch committed in ) I think that it worth to apply only in 3.4. When the bug will be reproduced we could backport it to maintenance releases.
msg201463 - (view) Author: Serhiy Storchaka (serhiy.storchaka) *
Date: 2013-10-27 15:26
Patch updated to tip (the code was changed since ). It no more uses division.
msg238944 - (view) Author: Serhiy Storchaka (serhiy.storchaka) *
Date: 2015-03-22 22:04
Here is recent patch.
msg246326 - (view) Author: Serhiy Storchaka (serhiy.storchaka) *
Date: 2015-07-05 17:05
May be has a reproducer, but not having Windows I can't test this.
msg246338 - (view) Author: Mark Lawrence (BreamoreBoy) *
Date: 2015-07-05 21:08
The reproducer from consistently crashed the code. Applied the patch from here and couldn't reproduce the problem. Then ran test_re for both 32 and 64 bit debug and release builds with no problems.
msg246349 - (view) Author: Serhiy Storchaka (serhiy.storchaka) *
Date: 2015-07-06 05:31
Thank you Mark.
msg246356 - (view) Author: Roundup Robot (python-dev)
Date: 2015-07-06 11:23
New changeset 0007031e0452 by Serhiy Storchaka in branch '2.7': Issue #18684 : Fixed reading out of the buffer in the re module. https://hg.python.org/cpython/rev/0007031e0452 New changeset 389795b7c703 by Serhiy Storchaka in branch '3.4': Issue #18684 : Fixed reading out of the buffer in the re module. https://hg.python.org/cpython/rev/389795b7c703 New changeset 5adf995d443f by Serhiy Storchaka in branch '3.5': Issue #18684 : Fixed reading out of the buffer in the re module. https://hg.python.org/cpython/rev/5adf995d443f New changeset bb9fc884a838 by Serhiy Storchaka in branch 'default': Issue #18684 : Fixed reading out of the buffer in the re module. https://hg.python.org/cpython/rev/bb9fc884a838
History
Date
User
Action
Args
2022-04-11 14:57:49
admin
set
github: 62884
2015-07-06 11:30:39
serhiy.storchaka
set
status: open -> closedresolution: fixedstage: commit review -> resolved
2015-07-06 11:23:59
python-dev
set
nosy: + python-dev messages: +
2015-07-06 10:52:21
serhiy.storchaka
link
issue24566 superseder
2015-07-06 05:31:17
serhiy.storchaka
set
stage: patch review -> commit reviewmessages: + versions: + Python 2.7, Python 3.4, Python 3.6
2015-07-05 21:08:21
BreamoreBoy
set
nosy: + BreamoreBoy messages: +
2015-07-05 17:05:55
serhiy.storchaka
set
messages: +
2015-03-22 22:10:50
serhiy.storchaka
set
files: + sre_ptr_out_of_bounds_4.patch
2015-03-22 22:10:08
serhiy.storchaka
set
files: - sre_ptr_out_of_bounds_4.patch
2015-03-22 22:04:23
serhiy.storchaka
set
files: + sre_ptr_out_of_bounds_4.patch messages: + versions: + Python 3.5, - Python 3.4
2013-10-31 16:15:39
vstinner
set
nosy: + vstinner
2013-10-27 15:26:24
serhiy.storchaka
set
messages: +
2013-10-23 20:32:00
serhiy.storchaka
unlink
issue18685 dependencies
2013-10-23 20:31:48
serhiy.storchaka
set
messages: + versions: - Python 2.7, Python 3.3
2013-08-29 10:13:50
serhiy.storchaka
link
issue18685 dependencies
2013-08-29 10:12:38
serhiy.storchaka
set
keywords: + needs review assignee: serhiy.storchaka
2013-08-20 05:42:56
Arfrever
set
nosy: + Arfrever
2013-08-08 11:56:24
serhiy.storchaka
create
This issue has been migrated to GitHub: https://github.com/python/cpython/issues/62884 
