]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 36079f7) | patch
[3.13] gh-113977, gh-120754: Remove unbounded reads from zipfile (GH-122101) (#126348)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Sun, 3 Nov 2024 05:59:00 +0000 (06:59 +0100)
committerGitHub <noreply@github.com>
Sun, 3 Nov 2024 05:59:00 +0000 (05:59 +0000)
commit7435127056cb83ced4e48aac5eb098aff7f2498d
treeb405ae7aa7e7c123a153260899cef9900f7b12actree | snapshot
parent36079f702a8c1a8afea85cb0bbda57bc136cb911commit | diff
[3.13] gh-113977, gh-120754: Remove unbounded reads from zipfile (GH-122101) (#126348)

gh-113977, gh-120754: Remove unbounded reads from zipfile (GH-122101)

GH-113977, GH-120754: Remove unbounded reads from zipfile

Read without a size may read an unbounded amount of data + allocate
unbounded size buffers. Move to capped size reads to prevent potential
issues.

(cherry picked from commit 556dc9b8a78bad296513221f3f414a3f8fd0ae70)

Co-authored-by: Cody Maloney <cmaloney@users.noreply.github.com>
Co-authored-by: Daniel Hillier <daniel.hillier@gmail.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Lib/zipfile/__init__.py diff | blob | blame | history
Misc/NEWS.d/next/Library/2024-07-23-02-24-50.gh-issue-120754.nHb5mG.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git