New submission from Steven Wirsz <swi...@gmail.com>:
Compiling source from github on January 6, 2022, detected via Libfuzzer & UndefinedBehaviorSanitizer: # ./fuzz_struct_unpack crash-a0d.txt Running: crash-a0d.txt /src/cpython3/Modules/_struct.c:509:28: runtime error: load of value 128, which is not a valid value for type '_Bool' Python/pyhash.c:396:9: runtime error: unsigned integer overflow: 17111126337582519137 + 1455368869671451682 cannot be represented in type 'unsigned long' Python/pyhash.c:414:5: runtime error: unsigned integer overflow: 6843264283216330929 + 16329705011411640967 cannot be represented in type 'unsigned long' Python/pyhash.c:417:5: runtime error: unsigned integer overflow: 13747253807228978341 + 10396395245414858527 cannot be represented in type 'unsigned long' Python/pyhash.c:418:5: runtime error: unsigned integer overflow: 17173606624272818715 + 4069551840979798976 cannot be represented in type 'unsigned long' Python/pyhash.c:419:5: runtime error: unsigned integer overflow: 12388162105911730119 + 9634611433502982398 cannot be represented in type 'unsigned long' Objects/longobject.c:288:22: runtime error: unsigned integer overflow: 0 - 18446744073709550595 cannot be represented in type 'unsigned long' Objects/longobject.c:4872:31: runtime error: unsigned integer overflow: 18446744073709551615 + 1 cannot be represented in type 'unsigned long' Objects/longobject.c:3124:33: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'unsigned int' Objects/longobject.c:3130:33: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'unsigned int' Objects/tupleobject.c:426:21: runtime error: unsigned integer overflow: 219911203979059663 * 14029467366897019727 cannot be represented in type 'unsigned long' Objects/tupleobject.c:428:13: runtime error: unsigned integer overflow: 14367201699383568926 * 11400714785074694791 cannot be represented in type 'unsigned long' Objects/tupleobject.c:426:13: runtime error: unsigned integer overflow: 18351143362227076666 + 1497884194698650478 cannot be represented in type 'unsigned long' Objects/tupleobject.c:432:9: runtime error: unsigned integer overflow: 18406138070188819878 + 2870177450013471924 cannot be represented in type 'unsigned long' Python/traceback.c:247:86: runtime error: unsigned integer overflow: 18446744073709551615 * 2 cannot be represented in type 'unsigned long' Objects/frameobject.c:51:72: runtime error: unsigned integer overflow: 18446744073709551615 * 2 cannot be represented in type 'unsigned long' ---------- files: crash-a0d.txt messages: 409973 nosy: swirsz priority: normal severity: normal status: open title: Integer overflow & Int values loaded into Bool detected via Libfuzzer & UndefinedBehaviorSanitizer type: crash versions: Python 3.11 Added file: https://bugs.python.org/file50547/crash-a0d.txt _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue46294> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
