40 lines
1.2 KiB
Diff
40 lines
1.2 KiB
Diff
|
From 0f12cb75c708978f9201c1dd3464d2a8572b4544 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Charalampos Stratakis <cstratak@redhat.com>
|
||
|
|
Date: Fri, 8 Jul 2016 20:24:10 +0200
|
||
|
|
Subject: [PATCH] CVE-2016-5636 fix
|
||
|
|
|
||
|
|
---
|
||
|
|
Modules/zipimport.c | 9 +++++++++
|
||
|
|
1 file changed, 9 insertions(+)
|
||
|
|
|
||
|
|
diff --git a/Modules/zipimport.c b/Modules/zipimport.c
|
||
|
|
index 7240cb4..2e6a61f 100644
|
||
|
|
--- a/Modules/zipimport.c
|
||
|
|
+++ b/Modules/zipimport.c
|
||
|
|
@@ -861,6 +861,10 @@ get_data(char *archive, PyObject *toc_entry)
|
||
|
|
&date, &crc)) {
|
||
|
|
return NULL;
|
||
|
|
}
|
||
|
|
+ if (data_size < 0) {
|
||
|
|
+ PyErr_Format(ZipImportError, "negative data size");
|
||
|
|
+ return NULL;
|
||
|
|
+ }
|
||
|
|
|
||
|
|
fp = fopen(archive, "rb");
|
||
|
|
if (!fp) {
|
||
|
|
@@ -895,6 +899,11 @@ get_data(char *archive, PyObject *toc_entry)
|
||
|
|
PyMarshal_ReadShortFromFile(fp); /* local header size */
|
||
|
|
file_offset += l; /* Start of file data */
|
||
|
|
|
||
|
|
+ if (data_size > LONG_MAX - 1) {
|
||
|
|
+ fclose(fp);
|
||
|
|
+ PyErr_NoMemory();
|
||
|
|
+ return NULL;
|
||
|
|
+ }
|
||
|
|
raw_data = PyString_FromStringAndSize((char *)NULL, compress == 0 ?
|
||
|
|
data_size : data_size + 1);
|
||
|
|
if (raw_data == NULL) {
|
||
|
|
--
|
||
|
|
2.7.4
|
||
|
|
|