Serhiy Storchaka <storchaka+cpyt...@gmail.com> added the comment: I have no idea why this was classified as a vulnerability. I don't think it can crash an application. If you have an example of crashing please provide it.
I would not classify this issue even as a bug. It is obvious that invalid files can cause an exception. It may be good to detect some of errors earlier and raise more specific exception (Error would be more appropriate here than ValueError). But in general validating the wave file is not the purpose of this module, and this task can't be performed without reading the whole file, not only the header. All changes in wave.py should be ported to aifc.py and sunau.py and needs tests. ---------- title: bug in Lib/wave.py -> Improve exceptions in Lib/wave.py type: crash -> enhancement versions: +Python 3.8 -Python 3.7 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue32056> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
