[issue39017] Infinite loop in the tarfile module

jvoisin Tue, 10 Dec 2019 08:21:22 -0800


New submission from jvoisin <[email protected]>:


While playing with fuzzing and Python, I stumbled upon an infinite loop in 
Python's tarfile module: just open the attached file with 
`tarfile.open('timeout-a52710a313fdb35fb428c3399277cb640fe2f686')`, and Python 
will be endlessly stuck in the `_proc_pax` function in tarfile.py, likely due 
to a missing check of `length` being strictly superior to zero.

----------
files: timeout-a52710a313fdb35fb428c3399277cb640fe2f686
messages: 358200
nosy: ethan.furman, jvoisin
priority: normal
severity: normal
status: open
title: Infinite loop in the tarfile module
type: security
versions: Python 3.7
Added file: 
https://bugs.python.org/file48768/timeout-a52710a313fdb35fb428c3399277cb640fe2f686

_______________________________________
Python tracker <[email protected]>
<https://bugs.python.org/issue39017>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue39017] Infinite loop in the tarfile module

Reply via email to