Supposedly this should be the patch for the problem: https://hg.python.org/cpython/rev/fa006d671f41
However all I seem to be able to find is an empty patch. Although the files listed is correct. Can anyone here see how to find the correct patch? There is a good patch here: https://hg.python.org/cpython/rev/01ddd608b85c However I think this is an earlier version that was criticised as being insufficient: https://bugs.python.org/issue26171#msg258779 The patch does sanitize the data_size value, however it looks like it might be insufficient - as it catch negative values - not sure I really understand just yet however - the description doesn't make 100% sense and suggests that any small value of data_size might be a problem, not just negative values. -- Brian May <b...@debian.org>
