[issue7673] audioop: check that length is a multiple of the size

2021-11-04 Thread Eryk Sun
Change by Eryk Sun : -- nosy: -ahmedsayeed1982 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.p

[issue7673] audioop: check that length is a multiple of the size

2021-11-04 Thread Eryk Sun
Change by Eryk Sun : -- Removed message: https://bugs.python.org/msg405688 ___ Python tracker ___ ___ Python-bugs-list mailing list U

[issue7673] audioop: check that length is a multiple of the size

2021-11-04 Thread Ahmed Sayeed
Ahmed Sayeed added the comment: ake: Entering directory '/home/Christian/binutils-gdb/cygwin-obj/gdb' CXXLD gdb.exe http://www.compilatori.com/computers/smartphones/ cp-support.o: in function `gdb_demangle(char const*, int)': http://www.acpirateradio.co.uk/services/ios15/ /home/Christian/b

[issue7673] audioop: check that length is a multiple of the size

2010-07-04 Thread Mark Dickinson
Mark Dickinson added the comment: Fixed in r82527 (py3k), r82528 (release31-maint). -- status: open -> closed ___ Python tracker ___ _

[issue7673] audioop: check that length is a multiple of the size

2010-07-04 Thread Antoine Pitrou
Antoine Pitrou added the comment: It seems you introduced a reference leak, Victor. http://mail.python.org/pipermail/python-checkins/2010-July/094756.html -- priority: release blocker -> high resolution: fixed -> accepted status: closed -> open ___ P

[issue7673] audioop: check that length is a multiple of the size

2010-07-03 Thread STINNER Victor
Changes by STINNER Victor : -- resolution: -> fixed status: open -> closed ___ Python tracker ___ ___ Python-bugs-list mailing list Un

[issue7673] audioop: check that length is a multiple of the size

2010-07-03 Thread STINNER Victor
STINNER Victor added the comment: This issue is a security vulnerability referenced as CVE-2010-2089. Fixed in 2.7 (r82492), 2.6 (r82494), 3.2 (r82495) and 3.1 (r82496). -- > Perhaps you meant "not an even number of frames"? Hum, no: the input data is a stereo sound track. A "frame" includes

[issue7673] audioop: check that length is a multiple of the size

2010-07-03 Thread STINNER Victor
Changes by STINNER Victor : Removed file: http://bugs.python.org/file15823/audioop_check_length.patch ___ Python tracker ___ ___ Python-bugs-li

[issue7673] audioop: check that length is a multiple of the size

2010-07-03 Thread Mark Dickinson
Mark Dickinson added the comment: Well, that would depend on how you define a 'frame', I guess. -- ___ Python tracker ___ ___ Python-b

[issue7673] audioop: check that length is a multiple of the size

2010-07-03 Thread Antoine Pitrou
Antoine Pitrou added the comment: The following error messages looks strange to me: +if (((len / size) & 1) != 0) { +PyErr_SetString(AudioopError, "not a whole number of frames"); +return NULL; +} Perhaps you meant "not an even number of frames"? -- nosy: +pitr

[issue7673] audioop: check that length is a multiple of the size

2010-07-03 Thread Mark Dickinson
Changes by Mark Dickinson : -- stage: -> commit review ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://m

[issue7673] audioop: check that length is a multiple of the size

2010-07-03 Thread Mark Dickinson
Changes by Mark Dickinson : -- type: crash -> security ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://ma

[issue7673] audioop: check that length is a multiple of the size

2010-07-03 Thread Mark Dickinson
Mark Dickinson added the comment: The new patch looks fine to me. This is rather last minute for 2.7, and I'm very uncomfortable committing anything substantial this close to the release. Still, if it's really a security vulnerability then it would be good to get it in. For what it's worth,

[issue7673] audioop: check that length is a multiple of the size

2010-06-30 Thread STINNER Victor
STINNER Victor added the comment: @Mark: Here is the updated version of the patch including all of your remarks. I fixed 3 bugs in my patch: the checks of adpcm2lin(), alaw2lin() and audioop.ulaw2lin() were incomplete (len was not checked). I added 3.1 to the version field. -- versio

[issue7673] audioop: check that length is a multiple of the size

2010-06-29 Thread Mark Dickinson
Mark Dickinson added the comment: The patch looks fine to me. - Please could you add some tests, to exercise the 'not a whole number of frames' errors? - The patch obviously predates the grand reindenting, so its indentation needs fixing up PEP 7 nits: - Please don't put spaces just insid

[issue7673] audioop: check that length is a multiple of the size

2010-06-26 Thread Arfrever Frehtes Taifersar Arahesis
Arfrever Frehtes Taifersar Arahesis added the comment: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2089 claims that this issue is about security vulnerability. This problem seems to also affect at least Python 2.6. -- versions: +Python 2.6 ___

[issue7673] audioop: check that length is a multiple of the size

2010-06-25 Thread Arfrever Frehtes Taifersar Arahesis
Changes by Arfrever Frehtes Taifersar Arahesis : -- nosy: +Arfrever ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscrib

[issue7673] audioop: check that length is a multiple of the size

2010-01-10 Thread STINNER Victor
New submission from STINNER Victor : Most functions of audioop takes as input a byte string (audio data) and a size argument (number of bytes of a sample). Functions don't check that the byte string length is a multiple of the size. It leads to read and write from/to uninitialised memory and m