traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
35,350 Commits 9 Branches 456 Tags 1.7 GiB
Commit Graph

14 Commits

Author SHA1 Message Date
Armin Rigo 5953baca0a A couple of examples about how to attack the fact that _PyType_Lookup() 
returns a borrowed ref.  Many of the calls are open to attack.
 2006-07-06 07:58:18 +00:00
Fred Drake 6ffe499397 SF bug #1296433 (Expat bug #1515266): Unchecked calls to character data 
handler would cause a segfault.  This merges in Expat's lib/xmlparse.c
revisions 1.154 and 1.155, which fix this and a closely related problem
(the later does not affect Python).

Moved the crasher test to the tests for xml.parsers.expat.
 2006-07-01 16:28:20 +00:00
Armin Rigo d77ef8fa51 A couple of crashers of the "won't fix" kind. 2006-06-28 10:49:51 +00:00
Brett Cannon ea3912b0da If a classic class defined a __coerce__() method that just returned its two 
arguments in reverse, the interpreter would infinitely recourse trying to get a
coercion that worked.  So put in a recursion check after a coercion is made and
the next call to attempt to use the coerced values.

Fixes bug #992017 and closes crashers/coerce.py .
 2006-06-13 21:46:41 +00:00
Brett Cannon 22565aac3b An object with __call__ as an attribute, when called, will have that attribute checked for __call__ itself, and will continue to look until it finds an object without the attribute. This can lead to an infinite recursion. 
Closes bug #532646, again.  Will be backported.
 2006-06-09 22:31:23 +00:00
Armin Rigo 35f6d36951 [ 1497053 ] Let dicts propagate the exceptions in user __eq__(). 
[ 1456209 ] dictresize() vulnerability ( <- backport candidate ).
 2006-06-01 13:19:12 +00:00
Armin Rigo 7e97ee6ac8 A dictresize() attack. If oldtable == mp->ma_smalltable then pure 
Python code can mangle with mp->ma_smalltable while it is being walked
over.
 2006-04-18 14:00:01 +00:00
Michael W. Hudson 15b1f146bc add a very old crasher from the 2.1 -> 2.2 round of dictionary fixes. 2006-04-18 13:52:32 +00:00
Neal Norwitz 38a76a1017 Copy note from leakers README here too. We want to keep all test cases. 2006-04-14 06:35:46 +00:00
Tim Peters 1a57296450 Set svn:eol-style to native. 2006-03-01 06:19:04 +00:00
Armin Rigo b4b5a7601b collected my segfaulting Python examples from the SF trackers 
(is the purpose of the crashers directory to scare people? :-)
 2006-01-14 10:58:30 +00:00
Tim Peters a28ad77844 Whitespace normalization. 2006-01-13 03:05:25 +00:00
Neal Norwitz ae1df41127 add another crash reported by Thomas Wouters 2006-01-11 07:21:19 +00:00
Neal Norwitz 8cc4ef561c As I threatened on python-dev, add a directory which contains all known 
bugs which cause the interpreter to crash.  I'm sure we can find a few
more.  Many missing bugs deal with variations on unchecked infinite recursion
(like coerce.py).
 2006-01-10 07:49:41 +00:00