[issue4844] ZipFile doesn't range check in _EndRecData()
report at bugs.python.org
Sun Aug 22 03:39:52 CEST 2010
Alan McIntyre <alan.mcintyre at gmail.com> added the comment:
I wrote a test for this and tried out the patch on the Python3 trunk, and it seems to work ok. I've attached an updated patch that includes the test.
It probably wouldn't hurt to go look for other places where a struct is being unpacked without checking lengths first, and see if it makes sense to add a similar check in those places, too. I may do that later if I have some more free time.
Added file: http://bugs.python.org/file18604/issue4844-with-test.diff
Python tracker <report at bugs.python.org>
More information about the Python-bugs-list