Skip to content

bpo-33001: Minimal fix to prevent buffer overrun in os.symlink #5989

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Mar 5, 2018
Merged

bpo-33001: Minimal fix to prevent buffer overrun in os.symlink #5989

merged 3 commits into from
Mar 5, 2018

Conversation

zooba
Copy link
Member

@zooba zooba commented Mar 5, 2018
edited by bedevere-bot
Loading

@zooba zooba added type-bug An unexpected behavior, bug, or error needs backport to 3.6 type-security A security issue OS-windows labels Mar 5, 2018
@zooba zooba changed the title Minimal fix to prevent buffer overrun in os.symlink bpo-33001: Minimal fix to prevent buffer overrun in os.symlink Mar 5, 2018
@bedevere-bot
Copy link

GH-5990 is a backport of this pull request to the 3.6 branch.

@zooba zooba self-assigned this Mar 5, 2018
izbyshev
izbyshev reviewed Mar 5, 2018
View reviewed changes
Lib/test/test_os.py Outdated
# overflow dest with relative src
(segment, path),
# overflow dest when appending '\\' for join
(segment, path[:261]),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FWIW, this won't overflow when appending \\ because:

  • len(path[:261]) > MAX_PATH - 1, so it'll overflow in the very beginning of _check_dirW
  • even if len was equal to MAX_PATH - 1, _dirnameW would be applied first, making it shorter.

@zooba zooba merged commit 6921e73 into python:master Mar 5, 2018
@miss-islington
Copy link
Contributor

Thanks @zooba for the PR 🌮🎉.. I'm working now to backport this PR to: 3.7.
🐍🍒⛏🤖

zooba added a commit that referenced this pull request Mar 5, 2018
@zooba
[3.6] bpo-33001: Prevent buffer overrun in os.symlink (GH-5989) (GH-5990
baa4507 
)
@zooba zooba deleted the symlink-bug branch March 5, 2018 22:27
@bedevere-bot
Copy link

GH-5996 is a backport of this pull request to the 3.7 branch.

miss-islington pushed a commit to miss-islington/cpython that referenced this pull request Mar 5, 2018
@zooba @miss-islington
bpo-33001: Prevent buffer overrun in os.symlink (pythonGH-5989)
e17cd84 
(cherry picked from commit 6921e73)

Co-authored-by: Steve Dower <steve.dower@microsoft.com>
miss-islington added a commit that referenced this pull request Mar 5, 2018
@miss-islington @zooba
bpo-33001: Prevent buffer overrun in os.symlink (GH-5989)
96fdbac 
(cherry picked from commit 6921e73)

Co-authored-by: Steve Dower <steve.dower@microsoft.com>
jo2y pushed a commit to jo2y/cpython that referenced this pull request Mar 23, 2018
@zooba @jo2y
bpo-33001: Prevent buffer overrun in os.symlink (pythonGH-5989)
d4f5cf8
larryhastings pushed a commit that referenced this pull request May 14, 2018
@zooba @larryhastings
[3.4] bpo-33001: Prevent buffer overrun in os.symlink (GH-5989) (#5992)
77c02cd 
* bpo-33001: Minimal fix to prevent buffer overrun in os.symlink

* Skips test to avoid crashing during the test suite

* Remove invalid test
larryhastings pushed a commit that referenced this pull request May 14, 2018
@zooba @larryhastings
[3.5] bpo-33001: Prevent buffer overrun in os.symlink (GH-5989) (#5991)
f381cfe 
* bpo-33001: Minimal fix to prevent buffer overrun in os.symlink

* Remove invalid test
@vidartf vidartf mentioned this pull request Apr 9, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@izbyshev izbyshev izbyshev left review comments

Assignees

@zooba zooba

Labels
OS-windows type-bug An unexpected behavior, bug, or error type-security A security issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@zooba @bedevere-bot @miss-islington @izbyshev @the-knights-who-say-ni