[issue39017] Infinite loop in the tarfile module

Ben Caller added the comment: A smaller bug: If instead of 0 you use a large number (> 2^63) e.g. 999 you get `OverflowError: Python int too large to convert to C ssize_t` rather than the expected `tarfile.ReadError` regardless of errorle

[issue39017] Infinite loop in the tarfile module

Ben Caller added the comment: I've attached a minimal tar file which reproduces this. I think the minimum length is 516 bytes. We need a 512 byte PAX format header block as normal. Then we need a pax header which matches the regex in https://github.com/python/cpython

[issue39503] [security][CVE-2020-8492] Denial of service in urllib.request.AbstractBasicAuthHandler

Change by Ben Caller : Removed file: https://bugs.python.org/file49022/bench_parser2.py ___ Python tracker <https://bugs.python.org/issue39503> ___ ___ Python-bugs-list m

[issue39503] [security][CVE-2020-8492] Denial of service in urllib.request.AbstractBasicAuthHandler

Change by Ben Caller : Added file: https://bugs.python.org/file49023/bench_parser2.py ___ Python tracker <https://bugs.python.org/issue39503> ___ ___ Python-bugs-list m

[issue39503] [security][CVE-2020-8492] Denial of service in urllib.request.AbstractBasicAuthHandler

Ben Caller added the comment: Instead of repeat_10_3 = 'Basic ' + ', ' * (10 ** 3) + simple in the benchmark, try repeat_10_3 = 'Basic ' + ', ' * (10 ** 3) + 'A' -- Added file: https://bugs.python.org/file49022/bench_parser2.

[issue39503] [security][CVE-2020-8492] Denial of service in urllib.request.AbstractBasicAuthHandler

Ben Caller added the comment: Isn't this a duplicate of bpo-38826 ? -- nosy: +bc ___ Python tracker <https://bugs.python.org/issue39503> ___ ___ Pytho

[issue38826] Regular Expression Denial of Service in urllib.request.AbstractBasicAuthHandler

Ben Caller added the comment: I have been advised that DoS issues can be added to the public bug tracker since there is no privilege escalation, but should still have the security label. -- ___ Python tracker <https://bugs.python.org/issue38

[issue38826] Regular Expression Denial of Service in urllib.request.AbstractBasicAuthHandler

New submission from Ben Caller : The regular expression urllib.request.AbstractBasicAuthHandler.rx is vulnerable to malicious inputs which cause denial of service (REDoS). The regex is: rx = re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+' 'realm=(["\&#x

[issue38804] Regular Expression Denial of Service in http.cookiejar

Change by Ben Caller : -- keywords: +patch pull_requests: +1 stage: -> patch review pull_request: https://github.com/python/cpython/pull/17157 ___ Python tracker <https://bugs.python.org/issu

[issue38804] Regular Expression Denial of Service in http.cookiejar

New submission from Ben Caller : The regex http.cookiejar.LOOSE_HTTP_DATE_RE iss vulnerable to regular expression denial of service (REDoS). LOOSE_HTTP_DATE_RE.match is called when using http.cookiejar.CookieJar to parse Set-Cookie headers returned by a server. Processing a response from a