New submission from jvoisin <jvoi...@google.com>:
While playing with fuzzing and Python, I stumbled upon an infinite loop in
Python's tarfile module: just open the attached file with
`tarfile.open('timeout-a52710a313fdb35fb428c3399277cb640fe2f686')`, and Python
will be endlessly stuck in the `_proc_pax` function in tarfile.py, likely due
to a missing check of `length` being strictly superior to zero.
----------
files: timeout-a52710a313fdb35fb428c3399277cb640fe2f686
messages: 358200
nosy: ethan.furman, jvoisin
priority: normal
severity: normal
status: open
title: Infinite loop in the tarfile module
type: security
versions: Python 3.7
Added file:
https://bugs.python.org/file48768/timeout-a52710a313fdb35fb428c3399277cb640fe2f686
_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue39017>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
