diff options
author | Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> | 2018-11-13 16:39:36 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-11-13 16:39:36 -0800 |
commit | 9fbcb1402efab4e287f25145a69ba14c9c6dbce9 (patch) | |
tree | 6d38028a96dcc976f1574d4ffb67e09cad4e4eb4 /Objects | |
parent | c30830bbb2630605b9b7915af7e82c8124e705c2 (diff) | |
download | cpython-git-9fbcb1402efab4e287f25145a69ba14c9c6dbce9.tar.gz |
[3.7] bpo-35214: Fix OOB memory access in unicode escape parser (GH-10506) (GH-10522)
Discovered using clang's MemorySanitizer when it ran python3's
test_fstring test_misformed_unicode_character_name.
An msan build will fail by simply executing: ./python -c 'u"\N"'
(cherry picked from commit 746b2d35ea47005054ed774fecaed64fab803d7d)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
https://bugs.python.org/issue35214
Diffstat (limited to 'Objects')
-rw-r--r-- | Objects/unicodeobject.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c index fe833a76ea..71eb654095 100644 --- a/Objects/unicodeobject.c +++ b/Objects/unicodeobject.c @@ -6042,7 +6042,7 @@ _PyUnicode_DecodeUnicodeEscape(const char *s, } message = "malformed \\N character escape"; - if (*s == '{') { + if (s < end && *s == '{') { const char *start = ++s; size_t namelen; /* look for the closing brace */ |