New submission from Serhiy Storchaka <storchaka+cpyt...@gmail.com>:
It can be reproduced when run test.test_socket.J1939Test (omitted in regrtests now, see issue45187) with Address Sanitizer. See for example https://github.com/python/cpython/pull/28317/checks?check_run_id=3625390397. It can be reproduced when run test.test_socket.J1939Test with unittest: $ ./python -m unittest -v test.test_socket -k J1939Test See J1939Test.log for output. The cause is using PyArg_ParseTuple() with format unit "k" (unsigned long) and variable of type uint32_t. PyArg_ParseTuple() should only be used with native integer types (short, int, long, long long), it does not support support types of fixed size (uint16_t, uint32_t, uint64_t). ---------- components: Extension Modules files: J1939Test.log messages: 402003 nosy: serhiy.storchaka priority: normal severity: normal status: open title: Stack buffer overflow in parsing J1939 network address type: crash versions: Python 3.11 Added file: https://bugs.python.org/file50283/J1939Test.log _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue45228> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
