subject:"\[issue27758\] integer overflow in the _csv module's join_append_data function"

[issue27758] integer overflow in the _csv module's join_append_data function

2016-08-14 Thread tehybel

tehybel added the comment: Thanks for fixing this. I looked at the patch and it seems correct. -- nosy: +tehybel ___ Python tracker ___

[issue27758] integer overflow in the _csv module's join_append_data function

2016-08-13 Thread Roundup Robot

Roundup Robot added the comment: New changeset fdae903db33a by Benjamin Peterson in branch '2.7': check for overflow in join_append_data (closes #27758) https://hg.python.org/cpython/rev/fdae903db33a New changeset afa356402217 by Benjamin Peterson in branch '3.3': check for overflow in

[issue27758] integer overflow in the _csv module's join_append_data function

2016-08-13 Thread Benjamin Peterson

New submission from Benjamin Peterson: Thomas E Hybel on PSRT reports: This vulnerability is an integer overflow leading to a heap buffer overflow. I have attached a proof-of-concept script below. The vulnerability resides in the Modules/_csv.c file, in the join_append and join_append_data