bpo-42150: Avoid buffer overflow in the new parser (GH-22978)

author Pablo Galindo <Pablogsal@gmail.com>

Sun, 25 Oct 2020 23:03:41 +0000 (23:03 +0000)

committer GitHub <noreply@github.com>

Sun, 25 Oct 2020 23:03:41 +0000 (23:03 +0000)
author Pablo Galindo <Pablogsal@gmail.com>
Sun, 25 Oct 2020 23:03:41 +0000 (23:03 +0000)
committer GitHub <noreply@github.com>
Sun, 25 Oct 2020 23:03:41 +0000 (23:03 +0000)
diff --git a/Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst b/Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst

new file mode 100644 (file)

index 0000000..62fabb8
--- /dev/null
+++ b/Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst
@@ -0,0 +1,2 @@
+Fix possible buffer overflow in the new parser when checking for
+continuation lines. Patch by Pablo Galindo.
diff --git a/Parser/pegen.c b/Parser/pegen.c

index efa5ed9f288ee0bc1a6d9669e9aaf7bd1a04abc3..c7343f7f047c398875b2ad9376c5775a48c76afe 100644 (file)
--- a/Parser/pegen.c
+++ b/Parser/pegen.c
@@ -990,7 +990,8 @@ bad_single_statement(Parser *p)
  
      /* Newlines are allowed if preceded by a line continuation character
         or if they appear inside a string. */
-    if (!cur || *(cur - 1) == '\\' || newline_in_string(p, cur)) {
+    if (!cur || (cur != p->tok->buf && *(cur - 1) == '\\')
+             || newline_in_string(p, cur)) {
          return 0;
      }
      char c = *cur;
author	Pablo Galindo <Pablogsal@gmail.com>
	Sun, 25 Oct 2020 23:03:41 +0000 (23:03 +0000)
committer	GitHub <noreply@github.com>
	Sun, 25 Oct 2020 23:03:41 +0000 (23:03 +0000)
Misc/NEWS.d/next/Core and Builtins/2020-10-25-21-14-18.bpo-42150.b70u_T.rst	[new file with mode: 0644]	patch \| blob
Parser/pegen.c		patch \| blob \| blame \| history