[issue24913] newblock() Uninitialized Variable

2015-08-25 Thread Raymond Hettinger
Changes by Raymond Hettinger : Added file: http://bugs.python.org/file40258/fix_deque_overrun.diff ___ Python tracker ___ ___ Python-bugs-list

[issue24913] newblock() Uninitialized Variable

2015-08-25 Thread Stefan Krah
Stefan Krah added the comment: I guess that in the test case the stop parameter is set to 4 in deque_index(), but it should be clamped to 3. -- nosy: +skrah ___ Python tracker __

[issue24913] newblock() Uninitialized Variable

2015-08-25 Thread John Leitch
John Leitch added the comment: The "exception analysis" is output from the WinDbg !analyze command run on a crash where access to the uninitialized memory ultimately corrupted the instruction pointer, leading to a data execution prevention crash. That's why the disassembly is junk--the IP is n

[issue24913] newblock() Uninitialized Variable

2015-08-25 Thread Raymond Hettinger
Raymond Hettinger added the comment: I'm find the "exception analysis" to be unreadable. Have you found any place in the deque code where the uninitialized memory actually gets accessed? -- priority: normal -> low ___ Python tracker

[issue24913] newblock() Uninitialized Variable

2015-08-25 Thread Raymond Hettinger
Changes by Raymond Hettinger : -- assignee: -> rhettinger ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http

[issue24913] newblock() Uninitialized Variable

2015-08-23 Thread Bryce Darling
Changes by Bryce Darling : -- nosy: +brycedarling ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.

[issue24913] newblock() Uninitialized Variable

2015-08-21 Thread R. David Murray
Changes by R. David Murray : -- nosy: +rhettinger ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.

[issue24913] newblock() Uninitialized Variable

2015-08-21 Thread John Leitch
Changes by John Leitch : Added file: http://bugs.python.org/file40225/newblock_Uninitialized_variable.py ___ Python tracker ___ ___ Python-bug

[issue24913] newblock() Uninitialized Variable

2015-08-21 Thread John Leitch
New submission from John Leitch: Python 3.5 suffers from a vulnerability caused by the behavior of the newblock() function used by the collections.deque module. When called, newblock() allocates memory using PyMem_Malloc() and does not initialize it: static block * newblock(Py_ssize_t len) {