Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-10-31 05:31:20 +00:00
Code Issues Projects Releases Packages Wiki Activity

When unmarshalling, add test for negative lengths on strings, tuples

Browse source 
and lists; if the size is negative, raise an exception.  Also raise an
exception when an undefined type is found -- all this to increase the
chance that garbage input causes an exception instead of a core dump.
This commit is contained in:
Guido van Rossum 1998-06-08 20:27:29 +00:00
parent a63eff6e6a
commit a45cb45965
1 changed files with 14 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

16
Python/marshal.c
View file

@ -463,6 +463,10 @@ r_object(p)
case TYPE_STRING: case TYPE_STRING:
n = r_long(p); n = r_long(p);
if (n < 0) {
PyErr_SetString(PyExc_ValueError, "bad marshal data");
return NULL;
}
v = PyString_FromStringAndSize((char *)NULL, n); v = PyString_FromStringAndSize((char *)NULL, n);
if (v != NULL) { if (v != NULL) {
if (r_string(PyString_AsString(v), (int)n, p) != n) { if (r_string(PyString_AsString(v), (int)n, p) != n) {
@ -476,6 +480,10 @@ r_object(p)
case TYPE_TUPLE: case TYPE_TUPLE:
n = r_long(p); n = r_long(p);
if (n < 0) {
PyErr_SetString(PyExc_ValueError, "bad marshal data");
return NULL;
}
v = PyTuple_New((int)n); v = PyTuple_New((int)n);
if (v == NULL) if (v == NULL)
return v; return v;
@ -492,6 +500,10 @@ r_object(p)
case TYPE_LIST: case TYPE_LIST:
n = r_long(p); n = r_long(p);
if (n < 0) {
PyErr_SetString(PyExc_ValueError, "bad marshal data");
return NULL;
}
v = PyList_New((int)n); v = PyList_New((int)n);
if (v == NULL) if (v == NULL)
return v; return v;
@ -571,8 +583,8 @@ r_object(p)
default: default:
/* Bogus data got written, which isn't ideal. /* Bogus data got written, which isn't ideal.
This will let you keep working and recover. */ This will let you keep working and recover. */
Py_INCREF(Py_None); PyErr_SetString(PyExc_ValueError, "bad marshal data");
return Py_None; return NULL;
} }
} }