[3.8] bpo-39017: Avoid infinite loop in the tarfile module (GH-21454) (GH-21483)
Avoid infinite loop when reading specially crafted TAR files using the tarfile module
(CVE-2019-20907).
(cherry picked from commit 5a8d121a1f
)
Co-authored-by: Rishi <rishi_devan@mail.com>
Automerge-Triggered-By: @encukou
This commit is contained in:
parent
b4cd77de05
commit
c55479556d
|
@ -1241,6 +1241,8 @@ class TarInfo(object):
|
|||
|
||||
length, keyword = match.groups()
|
||||
length = int(length)
|
||||
if length == 0:
|
||||
raise InvalidHeaderError("invalid header")
|
||||
value = buf[match.end(2) + 1:match.start(1) + length - 1]
|
||||
|
||||
# Normally, we could just use "utf-8" as the encoding and "strict"
|
||||
|
|
Binary file not shown.
|
@ -397,6 +397,13 @@ class CommonReadTest(ReadTest):
|
|||
with self.assertRaisesRegex(tarfile.ReadError, "unexpected end of data"):
|
||||
tar.extractfile(t).read()
|
||||
|
||||
def test_length_zero_header(self):
|
||||
# bpo-39017 (CVE-2019-20907): reading a zero-length header should fail
|
||||
# with an exception
|
||||
with self.assertRaisesRegex(tarfile.ReadError, "file could not be opened successfully"):
|
||||
with tarfile.open(support.findfile('recursion.tar')) as tar:
|
||||
pass
|
||||
|
||||
class MiscReadTestBase(CommonReadTest):
|
||||
def requires_name_attribute(self):
|
||||
pass
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907).
|
Loading…
Reference in New Issue