[Python-checkins] bpo-42150: Avoid buffer overflow in the new parser (GH-22978)
pablogsal
webhook-mailer at python.org
Sun Oct 25 19:03:47 EDT 2020
https://github.com/python/cpython/commit/e68c67805e6a4c4ec80bea64be0e8373cc02d322
commit: e68c67805e6a4c4ec80bea64be0e8373cc02d322
branch: master
author: Pablo Galindo <Pablogsal at gmail.com>
committer: pablogsal <Pablogsal at gmail.com>
date: 2020-10-25T23:03:41Z
summary:
bpo-42150: Avoid buffer overflow in the new parser (GH-22978)
files:
A Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst
M Parser/pegen.c
diff --git a/Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst b/Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst
new file mode 100644
index 0000000000000..62fabb857aa38
--- /dev/null
+++ b/Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst
@@ -0,0 +1,2 @@
+Fix possible buffer overflow in the new parser when checking for
+continuation lines. Patch by Pablo Galindo.
diff --git a/Parser/pegen.c b/Parser/pegen.c
index efa5ed9f288ee..c7343f7f047c3 100644
--- a/Parser/pegen.c
+++ b/Parser/pegen.c
@@ -990,7 +990,8 @@ bad_single_statement(Parser *p)
/* Newlines are allowed if preceded by a line continuation character
or if they appear inside a string. */
- if (!cur || *(cur - 1) == '\\' || newline_in_string(p, cur)) {
+ if (!cur || (cur != p->tok->buf && *(cur - 1) == '\\')
+ || newline_in_string(p, cur)) {
return 0;
}
char c = *cur;
More information about the Python-checkins
mailing list