[Python-checkins] bpo-33720: Improve tests for the stack overflow in marshal.loads(). (GH-7336)
Serhiy Storchaka
webhook-mailer at python.org
Thu Jul 5 04:17:30 EDT 2018
https://github.com/python/cpython/commit/fc05e68d8fac70349b7ea17ec14e7e0cfa956121
commit: fc05e68d8fac70349b7ea17ec14e7e0cfa956121
branch: master
author: Serhiy Storchaka <storchaka at gmail.com>
committer: GitHub <noreply at github.com>
date: 2018-07-05T11:17:20+03:00
summary:
bpo-33720: Improve tests for the stack overflow in marshal.loads(). (GH-7336)
files:
M Lib/test/test_marshal.py
diff --git a/Lib/test/test_marshal.py b/Lib/test/test_marshal.py
index a8a43d22bc36..a20ad677c870 100644
--- a/Lib/test/test_marshal.py
+++ b/Lib/test/test_marshal.py
@@ -210,13 +210,24 @@ def test_fuzz(self):
except Exception:
pass
- def test_loads_2x_code(self):
- s = b'c' + (b'X' * 4*4) + b'{' * 2**20
- self.assertRaises(ValueError, marshal.loads, s)
-
def test_loads_recursion(self):
- s = b'c' + (b'X' * 4*5) + b'{' * 2**20
- self.assertRaises(ValueError, marshal.loads, s)
+ def run_tests(N, check):
+ # (((...None...),),)
+ check(b')\x01' * N + b'N')
+ check(b'(\x01\x00\x00\x00' * N + b'N')
+ # [[[...None...]]]
+ check(b'[\x01\x00\x00\x00' * N + b'N')
+ # {None: {None: {None: ...None...}}}
+ check(b'{N' * N + b'N' + b'0' * N)
+ # frozenset([frozenset([frozenset([...None...])])])
+ check(b'>\x01\x00\x00\x00' * N + b'N')
+ # Check that the generated marshal data is valid and marshal.loads()
+ # works for moderately deep nesting
+ run_tests(100, marshal.loads)
+ # Very deeply nested structure shouldn't blow the stack
+ def check(s):
+ self.assertRaises(ValueError, marshal.loads, s)
+ run_tests(2**20, check)
def test_recursion_limit(self):
# Create a deeply nested structure.
More information about the Python-checkins
mailing list