]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a191d07) | patch
[3.10] gh-119342: Fix a potential denial of service in plistlib (GH-119343) (#142151)
authorSerhiy Storchaka <storchaka@gmail.com>
Mon, 2 Mar 2026 22:54:18 +0000 (00:54 +0200)
committerGitHub <noreply@github.com>
Mon, 2 Mar 2026 22:54:18 +0000 (22:54 +0000)
commit568342cfc8f002d9a15f30238f26b9d2e0e79036
treec26934b290b246e92201f95ccb743c89e42d6f1ftree | snapshot
parenta191d071cf16b6a2bddfeff75e5391ee9222369fcommit | diff
[3.10] gh-119342: Fix a potential denial of service in plistlib (GH-119343) (#142151)

Reading a specially prepared small Plist file could cause OOM because file's
read(n) preallocates a bytes object for reading the specified amount of
data. Now plistlib reads large data by chunks, therefore the upper limit of
consumed memory is proportional to the size of the input file.
(cherry picked from commit 694922cf40aa3a28f898b5f5ee08b71b4922df70)
Lib/plistlib.py diff | blob | blame | history
Lib/test/test_plistlib.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2024-05-21-22-11-31.gh-issue-119342.BTFj4Z.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git