An interpreted, interactive, object-oriented programming language
CentOS Sources
2017-08-01 71084d584ff953f5463757ec6536406320560b4d
commit | author | age
04a680 1 From 0f12cb75c708978f9201c1dd3464d2a8572b4544 Mon Sep 17 00:00:00 2001
CS 2 From: Charalampos Stratakis <cstratak@redhat.com>
3 Date: Fri, 8 Jul 2016 20:24:10 +0200
4 Subject: [PATCH] CVE-2016-5636 fix
5
6 ---
7  Modules/zipimport.c | 9 +++++++++
8  1 file changed, 9 insertions(+)
9
10 diff --git a/Modules/zipimport.c b/Modules/zipimport.c
11 index 7240cb4..2e6a61f 100644
12 --- a/Modules/zipimport.c
13 +++ b/Modules/zipimport.c
14 @@ -861,6 +861,10 @@ get_data(char *archive, PyObject *toc_entry)
15                            &date, &crc)) {
16          return NULL;
17      }
18 +    if (data_size < 0) {
19 +        PyErr_Format(ZipImportError, "negative data size");
20 +        return NULL;
21 +    }
22  
23      fp = fopen(archive, "rb");
24      if (!fp) {
25 @@ -895,6 +899,11 @@ get_data(char *archive, PyObject *toc_entry)
26          PyMarshal_ReadShortFromFile(fp);        /* local header size */
27      file_offset += l;           /* Start of file data */
28  
29 +    if (data_size > LONG_MAX - 1) {
30 +        fclose(fp);
31 +        PyErr_NoMemory();
32 +        return NULL;
33 +    }
34      raw_data = PyString_FromStringAndSize((char *)NULL, compress == 0 ?
35                                            data_size : data_size + 1);
36      if (raw_data == NULL) {
37 -- 
38 2.7.4
39