Issue #24989: Fixed buffer overread in BytesIO.readline() if a position is
set beyond size. Based on patch by John Leitch.
This commit is contained in:
parent
5b6917e60d
commit
594e54c765
|
@ -166,6 +166,10 @@ class MemoryTestMixin:
|
||||||
memio.seek(0)
|
memio.seek(0)
|
||||||
self.assertEqual(memio.read(None), buf)
|
self.assertEqual(memio.read(None), buf)
|
||||||
self.assertRaises(TypeError, memio.read, '')
|
self.assertRaises(TypeError, memio.read, '')
|
||||||
|
memio.seek(len(buf) + 1)
|
||||||
|
self.assertEqual(memio.read(1), self.EOF)
|
||||||
|
memio.seek(len(buf) + 1)
|
||||||
|
self.assertEqual(memio.read(), self.EOF)
|
||||||
memio.close()
|
memio.close()
|
||||||
self.assertRaises(ValueError, memio.read)
|
self.assertRaises(ValueError, memio.read)
|
||||||
|
|
||||||
|
@ -185,6 +189,9 @@ class MemoryTestMixin:
|
||||||
self.assertEqual(memio.readline(-1), buf)
|
self.assertEqual(memio.readline(-1), buf)
|
||||||
memio.seek(0)
|
memio.seek(0)
|
||||||
self.assertEqual(memio.readline(0), self.EOF)
|
self.assertEqual(memio.readline(0), self.EOF)
|
||||||
|
# Issue #24989: Buffer overread
|
||||||
|
memio.seek(len(buf) * 2 + 1)
|
||||||
|
self.assertEqual(memio.readline(), self.EOF)
|
||||||
|
|
||||||
buf = self.buftype("1234567890\n")
|
buf = self.buftype("1234567890\n")
|
||||||
memio = self.ioclass((buf * 3)[:-1])
|
memio = self.ioclass((buf * 3)[:-1])
|
||||||
|
@ -217,6 +224,9 @@ class MemoryTestMixin:
|
||||||
memio.seek(0)
|
memio.seek(0)
|
||||||
self.assertEqual(memio.readlines(None), [buf] * 10)
|
self.assertEqual(memio.readlines(None), [buf] * 10)
|
||||||
self.assertRaises(TypeError, memio.readlines, '')
|
self.assertRaises(TypeError, memio.readlines, '')
|
||||||
|
# Issue #24989: Buffer overread
|
||||||
|
memio.seek(len(buf) * 10 + 1)
|
||||||
|
self.assertEqual(memio.readlines(), [])
|
||||||
memio.close()
|
memio.close()
|
||||||
self.assertRaises(ValueError, memio.readlines)
|
self.assertRaises(ValueError, memio.readlines)
|
||||||
|
|
||||||
|
@ -238,6 +248,9 @@ class MemoryTestMixin:
|
||||||
self.assertEqual(line, buf)
|
self.assertEqual(line, buf)
|
||||||
i += 1
|
i += 1
|
||||||
self.assertEqual(i, 10)
|
self.assertEqual(i, 10)
|
||||||
|
# Issue #24989: Buffer overread
|
||||||
|
memio.seek(len(buf) * 10 + 1)
|
||||||
|
self.assertEqual(list(memio), [])
|
||||||
memio = self.ioclass(buf * 2)
|
memio = self.ioclass(buf * 2)
|
||||||
memio.close()
|
memio.close()
|
||||||
self.assertRaises(ValueError, memio.__next__)
|
self.assertRaises(ValueError, memio.__next__)
|
||||||
|
|
|
@ -92,6 +92,9 @@ Core and Builtins
|
||||||
Library
|
Library
|
||||||
-------
|
-------
|
||||||
|
|
||||||
|
- Issue #24989: Fixed buffer overread in BytesIO.readline() if a position is
|
||||||
|
set beyond size. Based on patch by John Leitch.
|
||||||
|
|
||||||
- Issue #24847: Removes vcruntime140.dll dependency from Tcl/Tk.
|
- Issue #24847: Removes vcruntime140.dll dependency from Tcl/Tk.
|
||||||
|
|
||||||
- Issue #24839: platform._syscmd_ver raises DeprecationWarning
|
- Issue #24839: platform._syscmd_ver raises DeprecationWarning
|
||||||
|
|
|
@ -57,14 +57,18 @@ scan_eol(bytesio *self, Py_ssize_t len)
|
||||||
Py_ssize_t maxlen;
|
Py_ssize_t maxlen;
|
||||||
|
|
||||||
assert(self->buf != NULL);
|
assert(self->buf != NULL);
|
||||||
|
assert(self->pos >= 0);
|
||||||
|
|
||||||
|
if (self->pos >= self->string_size)
|
||||||
|
return 0;
|
||||||
|
|
||||||
/* Move to the end of the line, up to the end of the string, s. */
|
/* Move to the end of the line, up to the end of the string, s. */
|
||||||
start = PyBytes_AS_STRING(self->buf) + self->pos;
|
|
||||||
maxlen = self->string_size - self->pos;
|
maxlen = self->string_size - self->pos;
|
||||||
if (len < 0 || len > maxlen)
|
if (len < 0 || len > maxlen)
|
||||||
len = maxlen;
|
len = maxlen;
|
||||||
|
|
||||||
if (len) {
|
if (len) {
|
||||||
|
start = PyBytes_AS_STRING(self->buf) + self->pos;
|
||||||
n = memchr(start, '\n', len);
|
n = memchr(start, '\n', len);
|
||||||
if (n)
|
if (n)
|
||||||
/* Get the length from the current position to the end of
|
/* Get the length from the current position to the end of
|
||||||
|
|
Loading…
Reference in New Issue