]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4afa129) | patch
[3.12] gh-113977, gh-120754: Remove unbounded reads from zipfile (GH-122101) (#126347)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Sun, 3 Nov 2024 05:48:19 +0000 (06:48 +0100)
committerGitHub <noreply@github.com>
Sun, 3 Nov 2024 05:48:19 +0000 (05:48 +0000)
commit6e3e91fa76bd330b13eb65745911b3ef87190a1f
tree13dea6e3fc00bc4a3a5ea117193cb285ba38f59ctree | snapshot
parent4afa129ed08780ef84fcee4dd1168a33034f2ea5commit | diff
[3.12] gh-113977, gh-120754: Remove unbounded reads from zipfile (GH-122101) (#126347)

gh-113977, gh-120754: Remove unbounded reads from zipfile (GH-122101)

GH-113977, GH-120754: Remove unbounded reads from zipfile

Read without a size may read an unbounded amount of data + allocate
unbounded size buffers. Move to capped size reads to prevent potential
issues.

(cherry picked from commit 556dc9b8a78bad296513221f3f414a3f8fd0ae70)

Co-authored-by: Cody Maloney <cmaloney@users.noreply.github.com>
Co-authored-by: Daniel Hillier <daniel.hillier@gmail.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Lib/zipfile/__init__.py diff | blob | blame | history
Misc/NEWS.d/next/Library/2024-07-23-02-24-50.gh-issue-120754.nHb5mG.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git