jvoisin added the comment:
Yes, I can reproduce it:
```
$ python3 --version
Python 3.9.9
$ python3.9 ziprepo.py
./crash-4da08e9ababa495ac51ecad588fd61081a66b5bb6e7a0e791f44907fa274ec62
Traceback (most recent call last):
File "/home/jvoisin/Downloads/ziprepo.py",
jvoisin added the comment:
The file was created with a fuzzer, like the one described in
https://dustri.org/b/fuzzing-python-in-python-and-doing-it-fast.html
--
___
Python tracker
<https://bugs.python.org/issue39
New submission from jvoisin :
While playing with fuzzing and Python, I stumbled upon an infinite loop in
Python's tarfile module: just open the attached file with
`tarfile.open('timeout-a52710a313fdb35fb428c3399277cb640fe2f686')`, and Python
will be endlessly stuck in
New submission from jvoisin :
The attached file raises an `IndexError: tuple index out of range` exception
when trying to open it with
`zipfile.Zipfile('crash-23b7d72644702df94bfcfaab4c25b01ff31c0b38')`, with the
following stacktrace:
```
$ cat test_zip.py
import zipfile
import
New submission from jvoisin :
The attached file produces the following stacktrace when opened via
`tarfile.open`, on Python 3.7.5rc1:
```
$ cat test.py
import sys
import tarfile
tarfile.open(sys.argv[1])
$ python3 test.py ./crash-83a6e7d4b810c6a0bd4fd9dfd6a0b36550034ccf
Traceback (most
New submission from jvoisin :
The attached file produces the following stacktrace when opened via
`tarfile.open`, on Python 3.7.5rc1:
```
$ cat test.py
import sys
import tarfile
tarfile.open(sys.argv[1])
$ python3 test.py ./crash-c10c9839d987fa0df6912cb4084f43f3ce08ca82
Traceback (most
jvoisin added the comment:
Sure, but as a user, I would expect a better exception, like ValueError or
ReadError, along with an error message, instead of an unexpected zlib exception.
--
___
Python tracker
<https://bugs.python.org/issue39
New submission from jvoisin :
The attached file produces the following stacktrace when opened via
`tarfile.open` and iterated with `TarFile.getmembers`, on Python 3.7.5rc1:
```
$ cat tarrepro.py
import tarfile
import sys
with tarfile.open(sys.argv[1]) as t:
for member in t.getmembers
New submission from jvoisin :
The attached file produces the following stacktrace when opened via
`zipfile.ZipFile`, on Python 3.7.5rc1:
```
$ cat ziprepro.py
import zipfile
import sys
zipfile.ZipFile(sys.argv[1])
```
```
$ python3 ziprepro.py
crash
New submission from jvoisin :
The attached file produces the following stacktrace when opened via
`tarfile.open` and iterated with `TarFile.getmembers`, on Python 3.7.5rc1:
```
$ cat tarrepro.py
import tarfile
import sys
with tarfile.open(sys.argv[1]) as t:
for member in t.getmembers
New submission from jvoisin :
The attached file produces the following stacktrace when opened via
`tarfile.open`, on Python 3.7.5rc1:
```
$ cat tarrepro.py
import tarfile
import sys
with tarfile.open(sys.argv[1], errorlevel=2) as t:
for member in t.getmembers():
pass
jvoisin added the comment:
Unfortunately, the documentation (
https://docs.python.org/3/library/tarfile.html) doesn't mention that EOFError
is an exception that could be raised when using tarfile.open :/
--
___
Python tracker
&
jvoisin added the comment:
Does it means that the right™ way to process untrusted tar files is
to wrap every call to functions from tarfile.py in a `try: … except Exception:`
block?
--
___
Python tracker
<https://bugs.python.org/issue39
jvoisin added the comment:
Raising an except is ok, if it's documented, so I know which ones I should
catch to prevent my program to quit when processing untrusted files, without
having to catch `Exception`.
Reliability is important in my use-case as well, not only exploitable
m
jvoisin added the comment:
CVE-2019-20907 has been assigned to this issue.
--
___
Python tracker
<https://bugs.python.org/issue39017>
___
___
Python-bugs-list m
15 matches
Mail list logo
