oss-sec mailing list archives

Re: CVE Request: Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated

From: Henri Salo <henri () nerv fi>
Date: Wed, 25 Apr 2012 09:56:06 +0300

On Wed, Apr 25, 2012 at 12:37:53AM -0600, Kurt Seifried wrote:

On 04/25/2012 12:35 AM, Kurt Seifried wrote:

Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler 
aligned_end is not updated

does not appear to affect Python 2.x

memory leak/crashes/etc.

http://bugs.python.org/issue14579

Author: Serhiy Storchaka (storchaka)        Date: 2012-04-14 18:46

In the utf-16 decoder after calling
unicode_decode_call_errorhandler aligned_end is not updated. This
may potentially cause data leaks, memory damage, and crash. The bug
introduced by implementation of the issue #4868. In a similar
situation in the utf-8 decoder aligned_end is updated.

========

More discussion and links to the patches/etc. in the bug.


Please use CVE-2012-2135 for this issue.


Reported to Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670389

- Henri Salo

Current thread:

CVE Request: Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated Kurt Seifried (Apr 24)
- Re: CVE Request: Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated Kurt Seifried (Apr 24)
  - Re: CVE Request: Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated Henri Salo (Apr 24)
- <Possible follow-ups>
- CVE Request: Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated Kurt Seifried (Apr 24)
  - Re: CVE Request: Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated Florian Weimer (Apr 25)
    - Re: CVE Request: Python 3.2/3.3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated Henri Salo (Apr 25)