New submission from Alexandre Hamelin <quad...@gmail.com>:
Found a crash with zipimport.zipimporter. Might or might not be related to
Issue31723 which I've found searching the issues afterwards.
import zipimport
zipimport.zipimporter.__new__(zipimport.zipimporter).find_module('')
Python 2.7 and 3.6. Seems to be 'fixed' in 3.7+ (Linux, x86-64); reports that
__init__ hasn't been called yet.
Found during manual testing in a break-the-python-jail CTF-like challenge.
Backtrace for Python 2.7
Python 2.7.15 (default, Oct 10 2018, 09:10:43)
[GCC 6.4.0] on linux2
$ gdb -q python2
Reading symbols from python2...(no debugging symbols found)...done.
(gdb) run zipcrash.py
Starting program: /usr/bin/python2 zipcrash.py
process 11106 is executing new program: /usr/bin/python2.7
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7a86695 in PyString_AsString () from /usr/lib64/libpython2.7.so.1.0
(gdb) bt
#0 0x00007ffff7a86695 in PyString_AsString () from
/usr/lib64/libpython2.7.so.1.0
#1 0x00007ffff7b20269 in ?? () from /usr/lib64/libpython2.7.so.1.0
#2 0x00007ffff7b20400 in ?? () from /usr/lib64/libpython2.7.so.1.0
#3 0x00007ffff7adb3e7 in PyEval_EvalFrameEx () from
/usr/lib64/libpython2.7.so.1.0
#4 0x00007ffff7adca6c in PyEval_EvalCodeEx () from
/usr/lib64/libpython2.7.so.1.0
#5 0x00007ffff7adcb59 in PyEval_EvalCode () from /usr/lib64/libpython2.7.so.1.0
#6 0x00007ffff7af60df in ?? () from /usr/lib64/libpython2.7.so.1.0
#7 0x00007ffff7af7322 in PyRun_FileExFlags () from
/usr/lib64/libpython2.7.so.1.0
#8 0x00007ffff7af8535 in PyRun_SimpleFileExFlags () from
/usr/lib64/libpython2.7.so.1.0
#9 0x00007ffff7b0a537 in Py_Main () from /usr/lib64/libpython2.7.so.1.0
#10 0x00007ffff74281db in __libc_start_main () from /lib64/libc.so.6
#11 0x00005555555547ca in _start ()
(gdb)
Backtrace for Python 3.6
Python 3.6.5 (default, Jul 16 2018, 11:40:44)
[GCC 6.4.0] on linux
$ gdb -q python3
Reading symbols from python3...(no debugging symbols found)...done.
(gdb) run zipcrash.py
Starting program: /usr/bin/python3 zipcrash.py
process 11149 is executing new program: /usr/bin/python3.6m
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7aa5eea in ?? () from /usr/lib64/libpython3.6m.so.1.0
(gdb) bt
#0 0x00007ffff7aa5eea in ?? () from /usr/lib64/libpython3.6m.so.1.0
#1 0x00007ffff7aa6a92 in ?? () from /usr/lib64/libpython3.6m.so.1.0
#2 0x00007ffff7aa6c9c in ?? () from /usr/lib64/libpython3.6m.so.1.0
#3 0x00007ffff7aa6f49 in ?? () from /usr/lib64/libpython3.6m.so.1.0
#4 0x00007ffff79a8d49 in _PyCFunction_FastCallDict () from
/usr/lib64/libpython3.6m.so.1.0
#5 0x00007ffff7a1d0d5 in ?? () from /usr/lib64/libpython3.6m.so.1.0
#6 0x00007ffff7a20dea in _PyEval_EvalFrameDefault () from
/usr/lib64/libpython3.6m.so.1.0
#7 0x00007ffff7a1cc3c in ?? () from /usr/lib64/libpython3.6m.so.1.0
#8 0x00007ffff7a1d1ce in PyEval_EvalCodeEx () from
/usr/lib64/libpython3.6m.so.1.0
#9 0x00007ffff7a1d1fb in PyEval_EvalCode () from
/usr/lib64/libpython3.6m.so.1.0
#10 0x00007ffff7a478b4 in ?? () from /usr/lib64/libpython3.6m.so.1.0
#11 0x00007ffff7a49f35 in PyRun_FileExFlags () from
/usr/lib64/libpython3.6m.so.1.0
#12 0x00007ffff7a4a0a5 in PyRun_SimpleFileExFlags () from
/usr/lib64/libpython3.6m.so.1.0
#13 0x00007ffff7a610a3 in Py_Main () from /usr/lib64/libpython3.6m.so.1.0
#14 0x0000555555554b99 in main ()
(gdb)
----------
components: Extension Modules
messages: 348563
nosy: Alexandre Hamelin
priority: normal
severity: normal
status: open
title: Crash when calling zipimport.zipimporter.__new__().<method>()
versions: Python 2.7, Python 3.5, Python 3.6
_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue37694>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
