Serhiy Storchaka <storch...@gmail.com> added the comment:
Here is the bugs in the utf-16 decoder:
1. `aligned_end` is not updated after calling error handler.
2. Possible silent reading of one byte over the bytes array limit when decoding
of a surrogate pair. b'\xD8\x00\xDC'.decode('utf-16be')
3. Error handlers receive data without last byte.
4. After handling truncate data error it is impossible to continue decoding
(unlike all the other decoders).
----------
title: Possible vulnerability in the utf-16 decoder after error handling ->
Vulnerability in the utf-16 decoder after error handling
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue14579>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
