[New-bugs-announce] [issue24683] Type confusion in json encoding
paul
report at bugs.python.org
Wed Jul 22 09:01:58 CEST 2015
New submission from paul:
on-35dm-i386-linux-gnu.so`encoder_listencode_list(s=0xb6f90394, acc=0xbfc42c28, seq=0xb6f2361c, indent_level=1) + 655 at _json.c:1800
# frame #2: 0xb6e4366d _json.cpython-35dm-i386-linux-gnu.so`encoder_listencode_obj(s=0xb6f90394, acc=0xbfc42c28, obj=0xb6f2361c, indent_level=1) + 733 at _json.c:1554
# frame #3: 0xb6e3fc4f _json.cpython-35dm-i386-linux-gnu.so`encoder_call(self=0xb6f90394, args=0xb7049304, kwds=0x00000000) + 319 at _json.c:1386
# frame #4: 0x080c5758 python`PyObject_Call(func=0xb6f90394, arg=0xb7049304, kw=0x00000000) + 264 at abstract.c:2149
#
# This is a type confusion bug. encoder->markers can be initialized to an
# arbitrary object (string in this POC). PyDict_Contains trusts the caller that
# "op" is a dictionary without checking. Some callers can't be trusted :)
----------
messages: 247093
nosy: pkt
priority: normal
severity: normal
status: open
title: Type confusion in json encoding
type: crash
versions: Python 3.5
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue24683>
_______________________________________
More information about the New-bugs-announce
mailing list