projects / platform / upstream / python.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c99de6c) | patch
Fix infinite loop in the tarfile module submit/tizen_6.0_base/20210419.041633
authorJinWang An <jinwang.an@samsung.com>
Tue, 13 Apr 2021 12:13:54 +0000 (21:13 +0900)
committerJinWang An <jinwang.an@samsung.com>
Mon, 19 Apr 2021 04:06:25 +0000 (13:06 +0900)
commitdee873ff8d2d8e5c71a02060abf635706e991234
tree79835cfe66340a83cd32b62ebd098f3590e21ce9tree | snapshot
parentc99de6c0215e8e6a98bba37192a038571b7de3bbcommit | diff
Fix infinite loop in the tarfile module

In Lib/tarfile.py in Python through 3.8.3, an attacker
is able to craft a TAR archive leading to an infinite
loop when opened by tarfile.open, because _proc_pax
lacks header validation.

Change-Id: I3834647b15fc334cdd2d878c6cb4f368844edbb0
Signed-off-by: JinWang An <jinwang.an@samsung.com>
Lib/tarfile.py diff | blob | history
Lib/test/recursion.tar [new file with mode: 0644] blob
Lib/test/test_tarfile.py diff | blob | history
Domain: System / Base;