[issue4844] ZipFile doesn't range check in _EndRecData()

Alan McIntyre report at bugs.python.org
Sun Aug 22 03:39:52 CEST 2010


Alan McIntyre <alan.mcintyre at gmail.com> added the comment:

I wrote a test for this and tried out the patch on the Python3 trunk, and it seems to work ok.  I've attached an updated patch that includes the test.

It probably wouldn't hurt to go look for other places where a struct is being unpacked without checking lengths first, and see if it makes sense to add a similar check in those places, too.  I may do that later if I have some more free time.

----------
Added file: http://bugs.python.org/file18604/issue4844-with-test.diff

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue4844>
_______________________________________


More information about the Python-bugs-list mailing list