From 9fbcb1402efab4e287f25145a69ba14c9c6dbce9 Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
 <31488909+miss-islington@users.noreply.github.com>
Date: Tue, 13 Nov 2018 16:39:36 -0800
Subject: [3.7] bpo-35214: Fix OOB memory access in unicode escape parser
 (GH-10506) (GH-10522)

Discovered using clang's MemorySanitizer when it ran python3's
test_fstring test_misformed_unicode_character_name.

An msan build will fail by simply executing: ./python -c 'u"\N"'
(cherry picked from commit 746b2d35ea47005054ed774fecaed64fab803d7d)


Co-authored-by: Gregory P. Smith <greg@krypto.org>


https://bugs.python.org/issue35214
---
 Objects/unicodeobject.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'Objects')

diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
index fe833a76ea..71eb654095 100644
--- a/Objects/unicodeobject.c
+++ b/Objects/unicodeobject.c
@@ -6042,7 +6042,7 @@ _PyUnicode_DecodeUnicodeEscape(const char *s,
             }
 
             message = "malformed \\N character escape";
-            if (*s == '{') {
+            if (s < end && *s == '{') {
                 const char *start = ++s;
                 size_t namelen;
                 /* look for the closing brace */
-- 
cgit v1.2.1