New submission from Artem Smotrakov:
Attached struct_unpack_crash.py results to a null-pointer dereference in
s_unpack_internal() function of _struct module:
ASAN:SIGSEGV
=
==20245==ERROR: AddressSanitizer: SEGV on unknown address
Changes by Artem Smotrakov :
--
keywords: +patch
Added file: http://bugs.python.org/file46723/_struct_cache.patch
___
Python tracker
<http://bugs.python.org/issue29
New submission from Artem Smotrakov :
After discussing it on secur...@python.org, it was decided to disclose it. Here
is the original report:
Hello Python Security Team,
Looks like urllib may leak sensitive HTTP headers to third parties when
handling redirects.
Let's conside
Artem Smotrakov added the comment:
Hi Ivan,
Yes, unfortunately specs don't say anything about this scenario.
> once you have given your credentials to a server, it is free to do whatever
> it wants with them.
I hope servers don't share this opinion :)
> So, your prop
Artem Smotrakov added the comment:
If I am not missing something, section 6.4 of RFC 7231 doesn't explicitly
discuss that all headers should be sent. I wish it did :)
I think that an Authorization header for host A may make sense for host B if
both A and B use the same database with
New submission from Artem Smotrakov:
A null-pointer dereference may happen while deserialization incorrect data with
marshal.loads() function.
Here is a test which reproduces this (see also attached
marshal_tuplehash_null_dereference.py):
import marshal
value = ( # tuple1
Changes by Artem Smotrakov :
--
keywords: +patch
Added file: http://bugs.python.org/file44184/tuplehash.patch
___
Python tracker
<http://bugs.python.org/issue27
