[issue14579] Possible vulnerability in the utf-16 decoder after error handling
Serhiy Storchaka
report at bugs.python.org
Sat Apr 14 20:46:03 CEST 2012
New submission from Serhiy Storchaka <storchaka at gmail.com>:
In the utf-16 decoder after calling unicode_decode_call_errorhandler aligned_end is not updated. This may potentially cause data leaks, memory damage, and crash. The bug introduced by implementation of the issue #4868. In a similar situation in the utf-8 decoder aligned_end is updated.
----------
files: utf16_update_after_error.patch
keywords: patch
messages: 158272
nosy: storchaka
priority: normal
severity: normal
status: open
title: Possible vulnerability in the utf-16 decoder after error handling
type: security
versions: Python 3.2, Python 3.3
Added file: http://bugs.python.org/file25213/utf16_update_after_error.patch
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue14579>
_______________________________________
More information about the Python-bugs-list
mailing list