[3.14] gh-140594: Fix an out of bounds read when feeding NUL byte to PyOS_StdioReadli...

author Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>

Thu, 12 Mar 2026 11:24:20 +0000 (12:24 +0100)

committer GitHub <noreply@github.com>

Thu, 12 Mar 2026 11:24:20 +0000 (11:24 +0000)
author Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Thu, 12 Mar 2026 11:24:20 +0000 (12:24 +0100)
committer GitHub <noreply@github.com>
Thu, 12 Mar 2026 11:24:20 +0000 (11:24 +0000)
diff --git a/Lib/test/test_cmd_line.py b/Lib/test/test_cmd_line.py

index ab65342f620848f40466c14ff559cdbc5a775a0f..df6a7781571a8e146bdfbc786fe9bf2b5a12e966 100644 (file)
--- a/Lib/test/test_cmd_line.py
+++ b/Lib/test/test_cmd_line.py
@@ -200,6 +200,14 @@ class CmdLineTest(unittest.TestCase):
          self.assertTrue(data.find(b'1 loop') != -1)
          self.assertTrue(data.find(b'__main__.Timer') != -1)
  
+    @support.cpython_only
+    def test_null_byte_in_interactive_mode(self):
+        # gh-140594: Fix an out of bounds read when a single NUL character
+        # is read from the standard input in interactive mode.
+        proc = spawn_python('-i')
+        proc.communicate(b'\x00', timeout=support.SHORT_TIMEOUT)
+        self.assertEqual(proc.returncode, 0)
+
      def test_relativedir_bug46421(self):
          # Test `python -m unittest` with a relative directory beginning with ./
          # Note: We have to switch to the project's top module's directory, as per
diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-11-02-16-23-17.gh-issue-140594.YIWUpl.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-11-02-16-23-17.gh-issue-140594.YIWUpl.rst

new file mode 100644 (file)

index 0000000..aa126e7
--- /dev/null
+++ b/Misc/NEWS.d/next/Core_and_Builtins/2025-11-02-16-23-17.gh-issue-140594.YIWUpl.rst
@@ -0,0 +1,2 @@
+Fix an out of bounds read when a single NUL character is read from the standard input.
+Patch by Shamil Abdulaev.
diff --git a/Parser/myreadline.c b/Parser/myreadline.c

index 64e8f5383f06022836dd8d695c5d5db9b825cddc..ee77479ba7bdccbd0327ba7904b4f2b37d16ce7f 100644 (file)
--- a/Parser/myreadline.c
+++ b/Parser/myreadline.c
@@ -344,7 +344,7 @@ PyOS_StdioReadline(FILE *sys_stdin, FILE *sys_stdout, const char *prompt)
              break;
          }
          n += strlen(p + n);
-    } while (p[n-1] != '\n');
+    } while (n == 0 || p[n-1] != '\n');
  
      pr = (char *)PyMem_RawRealloc(p, n+1);
      if (pr == NULL) {
author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
	Thu, 12 Mar 2026 11:24:20 +0000 (12:24 +0100)
committer	GitHub <noreply@github.com>
	Thu, 12 Mar 2026 11:24:20 +0000 (11:24 +0000)
Lib/test/test_cmd_line.py		patch \| blob \| blame \| history
Misc/NEWS.d/next/Core_and_Builtins/2025-11-02-16-23-17.gh-issue-140594.YIWUpl.rst	[new file with mode: 0644]	patch \| blob
Parser/myreadline.c		patch \| blob \| blame \| history