]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5a4c4a0) | patch
gh-119342: Fix a potential denial of service in plistlib (GH-119343)
authorSerhiy Storchaka <storchaka@gmail.com>
Mon, 1 Dec 2025 15:28:15 +0000 (17:28 +0200)
committerGitHub <noreply@github.com>
Mon, 1 Dec 2025 15:28:15 +0000 (17:28 +0200)
commit694922cf40aa3a28f898b5f5ee08b71b4922df70
tree62bfb9b353756a3e7be1ccc131214dd4ec4ab127tree | snapshot
parent5a4c4a033a4a54481be6870aa1896fad732555b5commit | diff
gh-119342: Fix a potential denial of service in plistlib (GH-119343)

Reading a specially prepared small Plist file could cause OOM because file's
read(n) preallocates a bytes object for reading the specified amount of
data. Now plistlib reads large data by chunks, therefore the upper limit of
consumed memory is proportional to the size of the input file.
Lib/plistlib.py diff | blob | blame | history
Lib/test/test_plistlib.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2024-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git