[3.13] gh-140594: Fix an out of bounds read when feeding NUL byte to PyOS_StdioReadli...

author Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>

Thu, 12 Mar 2026 11:21:43 +0000 (12:21 +0100)

committer GitHub <noreply@github.com>

Thu, 12 Mar 2026 11:21:43 +0000 (11:21 +0000)
author Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Thu, 12 Mar 2026 11:21:43 +0000 (12:21 +0100)
committer GitHub <noreply@github.com>
Thu, 12 Mar 2026 11:21:43 +0000 (11:21 +0000)
diff --git a/Lib/test/test_cmd_line.py b/Lib/test/test_cmd_line.py

index dc420f33c233af2463600b4e3ed30af93cac0a7c..9623d0c0b52f2ced9a4ab371a551c33626f25d62 100644 (file)
--- a/Lib/test/test_cmd_line.py
+++ b/Lib/test/test_cmd_line.py
@@ -195,6 +195,14 @@ class CmdLineTest(unittest.TestCase):
          self.assertTrue(data.find(b'1 loop') != -1)
          self.assertTrue(data.find(b'__main__.Timer') != -1)
  
+    @support.cpython_only
+    def test_null_byte_in_interactive_mode(self):
+        # gh-140594: Fix an out of bounds read when a single NUL character
+        # is read from the standard input in interactive mode.
+        proc = spawn_python('-i')
+        proc.communicate(b'\x00', timeout=support.SHORT_TIMEOUT)
+        self.assertEqual(proc.returncode, 0)
+
      def test_relativedir_bug46421(self):
          # Test `python -m unittest` with a relative directory beginning with ./
          # Note: We have to switch to the project's top module's directory, as per
diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-11-02-16-23-17.gh-issue-140594.YIWUpl.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-11-02-16-23-17.gh-issue-140594.YIWUpl.rst

new file mode 100644 (file)

index 0000000..aa126e7
--- /dev/null
+++ b/Misc/NEWS.d/next/Core_and_Builtins/2025-11-02-16-23-17.gh-issue-140594.YIWUpl.rst
@@ -0,0 +1,2 @@
+Fix an out of bounds read when a single NUL character is read from the standard input.
+Patch by Shamil Abdulaev.
diff --git a/Parser/myreadline.c b/Parser/myreadline.c

index 74c44ff77717f588783360b09334240b35ee49df..1e49800329ce172392f97e9e502c77a7c4cecbad 100644 (file)
--- a/Parser/myreadline.c
+++ b/Parser/myreadline.c
@@ -342,7 +342,7 @@ PyOS_StdioReadline(FILE *sys_stdin, FILE *sys_stdout, const char *prompt)
              break;
          }
          n += strlen(p + n);
-    } while (p[n-1] != '\n');
+    } while (n == 0 || p[n-1] != '\n');
  
      pr = (char *)PyMem_RawRealloc(p, n+1);
      if (pr == NULL) {
author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
	Thu, 12 Mar 2026 11:21:43 +0000 (12:21 +0100)
committer	GitHub <noreply@github.com>
	Thu, 12 Mar 2026 11:21:43 +0000 (11:21 +0000)
Lib/test/test_cmd_line.py		patch \| blob \| blame \| history
Misc/NEWS.d/next/Core_and_Builtins/2025-11-02-16-23-17.gh-issue-140594.YIWUpl.rst	[new file with mode: 0644]	patch \| blob
Parser/myreadline.c		patch \| blob \| blame \| history