[issue14579] Vulnerability in the utf-16 decoder after error handling
Serhiy Storchaka
report at bugs.python.org
Thu Apr 19 23:29:39 CEST 2012
Serhiy Storchaka <storchaka at gmail.com> added the comment:
Here is the bugs in the utf-16 decoder:
1. `aligned_end` is not updated after calling error handler.
2. Possible silent reading of one byte over the bytes array limit when decoding of a surrogate pair. b'\xD8\x00\xDC'.decode('utf-16be')
3. Error handlers receive data without last byte.
4. After handling truncate data error it is impossible to continue decoding (unlike all the other decoders).
----------
title: Possible vulnerability in the utf-16 decoder after error handling -> Vulnerability in the utf-16 decoder after error handling
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue14579>
_______________________________________
More information about the Python-bugs-list
mailing list