cpython/Modules
Miss Islington (bot) 06b15424b0
bpo-35746: Fix segfault in ssl's cert parser (GH-11569)
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.

Signed-off-by: Christian Heimes <christian@python.org>

https://bugs.python.org/issue35746
(cherry picked from commit a37f52436f)

Co-authored-by: Christian Heimes <christian@python.org>
2019-01-15 15:11:52 -08:00
..
_ctypes bpo-35504: Fix segfaults and SystemErrors when deleting certain attrs. (GH-11175) (GH-11249) 2018-12-20 19:38:52 +02:00
_io [2.7] bpo-8765: Deprecate writing unicode to binary streams in Py3k mode. (GH-11127) 2019-01-15 14:34:48 +02:00
_multiprocessing Issue #28139: Fix messed up indentation 2016-09-17 07:54:55 +00:00
_sqlite bpo-35504: Fix segfaults and SystemErrors when deleting certain attrs. (GH-11175) (GH-11249) 2018-12-20 19:38:52 +02:00
cjkcodecs bpo-35504: Fix segfaults and SystemErrors when deleting certain attrs. (GH-11175) (GH-11249) 2018-12-20 19:38:52 +02:00
expat [2.7] bpo-31374: Include pyconfig.h earlier in expat (GH-11078) 2018-12-10 16:01:03 +01:00
zlib update zlib ChangeLog file 2017-01-31 13:56:50 +01:00
Setup.config.in
Setup.dist [2.7] closes bpo-35139: The `pyexpat` module's macros in `Modules/Setup` now match `setup.py` (GH-10293) 2018-11-01 20:28:34 -07:00
_bisectmodule.c Issue #14829: Fix bisect issues under 64-bit Windows. 2012-05-16 15:01:40 +02:00
_bsddb.c bpo-34491: Add missing Py_DECREF() in _bsddb's DB_join() (GH-8909) 2018-08-25 12:22:21 +08:00
_codecsmodule.c Merged revisions 79779 via svnmerge from 2010-06-09 17:55:28 +00:00
_collectionsmodule.c [2.7] closes bpo-31608: Fix a crash in methods of a subclass of _collections.deque with a bad __new__(). (GH-9179) 2018-09-11 13:41:57 -07:00
_csv.c bpo-34395: Fix memory leaks caused by incautious usage of PyMem_Realloc(). (GH-8785) 2018-08-17 08:36:15 +03:00
_curses_panel.c Issue #25745: Fixed leaking a userptr in curses panel destructor. 2016-05-09 00:11:59 +03:00
_cursesmodule.c [2.7] bpo-34234: Use _PyAnyInt_Check() and _PyAnyInt_CheckExact(). (GH-8479) 2018-07-31 09:09:36 +03:00
_elementtree.c [2.7] Fix error handling bugs in _elementtree.c. (GH-10060) (GH-10080) 2018-10-26 08:37:07 +03:00
_functoolsmodule.c bpo-31095: Fix potential crash during GC (GH-3197) 2017-09-04 12:31:41 +09:00
_hashopenssl.c [2.7] bpo-30102: Call OPENSSL_add_all_algorithms_noconf (GH-3112) (#3343) 2017-09-05 17:12:12 +02:00
_heapqmodule.c Correct “an” → “a” with “Unicode”, “user”, “UTF”, etc 2016-04-15 02:14:19 +00:00
_hotshot.c move declaration to top of the function to appease the c89 gods 2016-09-05 13:07:48 -07:00
_json.c bpo-34649: Add missing NULL checks to _encoded_const() (GH-9225) 2018-09-13 01:00:56 +03:00
_localemodule.c [2.7] bpo-35441: Remove dead and buggy code related to PyList_SetItem(). (GH-11033) (GH-11234) 2018-12-19 17:11:02 +02:00
_lsprof.c Fix docstring of Profiler class (GH-8651) 2018-08-03 02:43:18 -07:00
_math.c inline constant into its single use 2016-12-03 12:32:38 -08:00
_math.h Add workaround for log1p(-0.0) on platforms where it's broken. 2012-08-18 12:31:34 +01:00
_randommodule.c [2.7] bpo-34234: Use _PyAnyInt_Check() and _PyAnyInt_CheckExact(). (GH-8479) 2018-07-31 09:09:36 +03:00
_sre.c [2.7] bpo-34234: Use _PyAnyInt_Check() and _PyAnyInt_CheckExact(). (GH-8479) 2018-07-31 09:09:36 +03:00
_ssl.c bpo-35746: Fix segfault in ssl's cert parser (GH-11569) 2019-01-15 15:11:52 -08:00
_ssl_data.h Issue #23248: Update ssl error codes from latest OpenSSL git master. 2015-01-18 17:39:32 +01:00
_struct.c [2.7] bpo-34234: Use _PyAnyInt_Check() and _PyAnyInt_CheckExact(). (GH-8479) 2018-07-31 09:09:36 +03:00
_testcapimodule.c bpo-34229: Check start and stop of slice object to be long when they are not int in PySlice_GetIndices (GH-8480) 2018-07-26 19:20:34 +03:00
_tkinter.c [2.7] bpo-34794: Fix a leak in Tkinter. (GH-10025) (GH-10181) 2018-10-28 19:36:02 +02:00
_weakref.c Issue #28427: old keys should not remove new values from 2016-12-27 15:08:27 +01:00
addrinfo.h Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
almodule.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
ar_beos
arraymodule.c [2.7] bpo-35441: Remove dead and buggy code related to PyList_SetItem(). (GH-11033) (GH-11234) 2018-12-19 17:11:02 +02:00
audioop.c bpo-19418: audioop.c: Fix warnings on -0x80000000 (GH-7453) 2018-06-06 17:51:07 +02:00
binascii.c Issue #29004: Document binascii.crc_hqx() implements CRC-CCITT 2016-12-24 07:53:57 +00:00
bsddb.h - Issue #17477: Update the bsddb module to pybsddb 5.3.0, supporting 2013-03-19 14:46:29 -07:00
bsddbmodule.c Issue #28139: Fix messed up indentation 2016-09-17 07:54:55 +00:00
bz2module.c bpo-30614: testInitNonExistentFile() of test_bz2 leaks references (#2033) 2017-06-10 14:36:57 +02:00
cPickle.c bpo-27880: Fixed integer overflow in cPickle when pickle large strings or (#662) 2017-03-14 07:29:33 +02:00
cStringIO.c Issue #28139: Fix messed up indentation 2016-09-17 07:54:55 +00:00
cdmodule.c Issue #22570: Renamed Py_SETREF to Py_XSETREF. 2016-04-06 09:51:18 +03:00
cgen.py
cgensupport.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
cgensupport.h Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
clmodule.c Issue #28139: Fix messed up indentation 2016-09-17 07:54:55 +00:00
cmathmodule.c Issue #24489: ensure a previously set C errno doesn't disturb cmath.polar(). 2015-06-23 14:31:11 +02:00
config.c.in Merged revisions 81602 via svnmerge from 2010-05-29 21:03:13 +00:00
cryptmodule.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
cstubs
datetimemodule.c [2.7] bpo-35021: Fix assertion failures in _datetimemodule.c. (GH-10039) (GH-10617) 2018-11-20 21:56:34 +02:00
dbmmodule.c Issue #17926: Fix dbm.__contains__ on 64-bit big-endian machines. 2013-05-08 01:51:37 +02:00
dlmodule.c [2.7] bpo-34234: Use _PyAnyInt_Check() and _PyAnyInt_CheckExact(). (GH-8479) 2018-07-31 09:09:36 +03:00
errnomodule.c Issue #14662: Prevent shutil failures on OS X when destination does not 2012-05-10 17:45:49 -07:00
fcntlmodule.c Issue #28139: Fix messed up indentation 2016-09-17 07:54:55 +00:00
flmodule.c Issue #28139: Fix messed up indentation 2016-09-17 07:54:55 +00:00
fmmodule.c Issue #28139: Fix messed up indentation 2016-09-17 07:54:55 +00:00
fpectlmodule.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
fpetestmodule.c
future_builtins.c Fix issue10065 - future_builtins' docstring lacks some functions 2010-10-14 13:15:33 +00:00
gc_weakref.txt
gcmodule.c [2.7] bpo-33622: Fix issues with handling errors in the GC. (GH-7078) (#7096) 2018-05-24 23:27:08 +03:00
gdbmmodule.c
getaddrinfo.c Issue #26505: Fix typos in getaddrinfo license text. 2016-03-07 14:51:19 -05:00
getbuildinfo.c bpo-27593: Get SCM build info from git instead of hg (#1327) 2017-05-02 16:55:50 +02:00
getnameinfo.c Issue #15538: Fix compilation of the getnameinfo() / getaddrinfo() emulation code. 2012-08-02 20:37:12 +02:00
getpath.c Issue #19398: Extra slash no longer added to sys.path components in case of 2016-11-11 12:11:55 +02:00
glmodule.c Issue #28139: Fix messed up indentation 2016-09-17 07:54:55 +00:00
grpmodule.c Closes #19342: improve docstrings in grp module. 2014-10-02 08:34:41 +02:00
imageop.c Issue #24264: Fixed buffer overflow in the imageop module. 2015-05-31 09:05:10 +03:00
imgfile.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
itertoolsmodule.c [2.7] bpo-30347: Stop crashes when concurrently iterate over itertools.groupby() iterators. (GH-1557). (#3772) 2017-09-26 23:15:36 +03:00
ld_so_aix.in Issue #10656: Fix out-of-tree building on AIX 2016-11-20 09:31:41 +00:00
ld_so_beos
linuxaudiodev.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
main.c bpo-11681: Document the `-b` and `-bb` options (GH-1562) 2017-05-13 09:30:20 -05:00
makesetup generate spaces instead of tabs into config.c 2017-01-16 00:05:12 -08:00
makexp_aix
mathmodule.c [2.7] bpo-34234: Use _PyAnyInt_Check() and _PyAnyInt_CheckExact(). (GH-8479) 2018-07-31 09:09:36 +03:00
md5.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
md5.h
md5module.c [2.7] Fix misleading mentions of tp_size in comments (GH-9138) 2018-09-10 10:50:15 -07:00
mmapmodule.c [2.7] Fix misleading mentions of tp_size in comments (GH-9138) 2018-09-10 10:50:15 -07:00
nismodule.c bpo-35356: Fix a possible reference leak in nis.maps(). (GH-10808) 2018-11-30 00:04:43 -08:00
operator.c rearrange methodcaller_new so that the main error case does not cause uninitialized memory usage (closes #27783) 2016-08-16 23:35:35 -07:00
ossaudiodev.c [2.7] Fix misleading mentions of tp_size in comments (GH-9138) 2018-09-10 10:50:15 -07:00
parsermodule.c [2.7] bpo-33308: Fix a crash in the parser module when convert an ST object. (GH-6519) (GH-6532) 2018-04-19 09:16:43 +03:00
posixmodule.c [2.7] bpo-34234: Use _PyAnyInt_Check() and _PyAnyInt_CheckExact(). (GH-8479) 2018-07-31 09:09:36 +03:00
posixmodule.h Removed useless Py_LIMITED_API checks. 2014-08-17 13:29:13 +03:00
puremodule.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
pwdmodule.c Issue #4591: Uid and gid values larger than 2**31 are supported now. 2013-02-12 09:27:53 +02:00
pyexpat.c [2.7] bpo-35068: Fix possible crashes in pyexpat.c. (GH-10099) 2018-10-29 09:23:59 +02:00
python.c Replace fpgetmask() with fedisableexcept() 2016-01-20 22:30:58 +01:00
readline.c [2.7] bpo-35441: Remove dead and buggy code related to PyList_SetItem(). (GH-11033) (GH-11234) 2018-12-19 17:11:02 +02:00
resource.c Issue #6083: Fix multiple segmentation faults occured when PyArg_ParseTuple 2013-02-04 12:45:46 +02:00
rotatingtree.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
rotatingtree.h
selectmodule.c [2.7] bpo-35441: Remove dead and buggy code related to PyList_SetItem(). (GH-11033) (GH-11234) 2018-12-19 17:11:02 +02:00
sgimodule.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
sha256module.c [2.7] Fix misleading mentions of tp_size in comments (GH-9138) 2018-09-10 10:50:15 -07:00
sha512module.c [2.7] Fix misleading mentions of tp_size in comments (GH-9138) 2018-09-10 10:50:15 -07:00
shamodule.c Closes #15910: MD5 and SHA1 crash when "updated" with strings bigger than 2**32 bytes 2012-09-10 21:39:07 +02:00
signalmodule.c [2.7] bpo-30654: Do not reset SIGINT handler to SIG_DFL in finisignal (GH-7146) (GH-7347) 2018-06-03 20:46:43 +02:00
socketmodule.c Fix a possible reference leak in _socket.getaddrinfo(). (GH-10543) 2018-11-15 01:25:58 -08:00
socketmodule.h make _socket.socket weakrefable (closes #22569) 2014-10-06 14:38:20 -04:00
spwdmodule.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
sre.h Issue #17998: Fix an internal error in regular expression engine. 2013-08-03 19:26:33 +03:00
sre_constants.h
stropmodule.c proper overflow checks for mymemreplace (closes #24708) 2015-07-24 23:25:35 -07:00
sunaudiodev.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
svmodule.c [2.7] bpo-34234: Use _PyAnyInt_Check() and _PyAnyInt_CheckExact(). (GH-8479) 2018-07-31 09:09:36 +03:00
symtablemodule.c just return toplevel symbol table rather than all blocks (closes #19393) 2013-10-26 13:13:51 -04:00
syslogmodule.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
termios.c [2.7] Fix a possible "double decref" in termios.tcgetattr(). (GH-10194) (GH-10218) 2018-10-29 18:03:26 +02:00
testcapi_long.h Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
threadmodule.c Issue #24115: Update uses of PyObject_IsTrue(), PyObject_Not(), 2015-05-30 17:45:12 +03:00
timemodule.c bpo-31339: Rewrite time.asctime() and time.ctime() (#3293) 2017-09-06 01:35:39 +02:00
timing.h
timingmodule.c Issue #28139: Fix messed up indentation 2016-09-17 07:54:55 +00:00
tkappinit.c Issue #22463: Backport compiler warning fixes and workarounds 2016-06-21 23:58:05 +00:00
tkinter.h Issue #16840. Turn off bignum support in tkinter with with Tcl earlier than 8.5.8 2015-04-21 21:17:33 +03:00
unicodedata.c bpo-29456: Fix bugs in unicodedata.normalize: u1176, u11a7 and u11c3 (GH-1958) (GH-7704) 2018-06-15 21:26:55 +08:00
unicodedata_db.h
unicodename_db.h
xxmodule.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
xxsubtype.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
yuv.h Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
yuvconvert.c Recorded merge of revisions 81029 via svnmerge from 2010-05-09 15:15:40 +00:00
zipimport.c Issue #24366: Fix indentation 2016-09-15 01:50:53 +00:00
zlibmodule.c Issue #27130: Fix handling of buffers exceeding (U)INT_MAX in “zlib” module 2016-07-23 04:22:09 +00:00