[issue1179] [CVE-2007-4965] Integer overflow in imageop module
David Remahl <[EMAIL PROTECTED]> added the comment: The following test cases still cause bus errors with the patch applied: import imageop; imageop.rgb82rgb('A'*(2**30), 32768, 32768) import imageop; imageop.grey2rgb('A'*(2**30), 32768, 32768) -- nosy: +chmod007 __ Tracker <[EMAIL PROTECTED]> <http://bugs.python.org/issue1179> __ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue1179] [CVE-2007-4965] Integer overflow in imageop module
David Remahl <[EMAIL PROTECTED]> added the comment: Uploading patch that addresses the test cases above. It applies on top of nevyn’s latest patch. Added file: http://bugs.python.org/file9975/python-2.5-int-overflow-2.patch __ Tracker <[EMAIL PROTECTED]> <http://bugs.python.org/issue1179> __ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue2586] Integer signedness bugs in zlib modules
David Remahl <[EMAIL PROTECTED]> added the comment: I submit that a check for negative values (non-assert-based) should be added to PyString_FromStringAndSize(). This API is called from many, many places, and in several cases the operand could probably be negative. It should raise an overflow exception for a negative value. -- nosy: +chmod007 __ Tracker <[EMAIL PROTECTED]> <http://bugs.python.org/issue2586> __ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue2587] PyString_FromStringAndSize() to be considered unsafe
Changes by David Remahl <[EMAIL PROTECTED]>: -- nosy: +chmod007 __ Tracker <[EMAIL PROTECTED]> <http://bugs.python.org/issue2587> __ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com