PSF-2017-6
See a problem?- Import Source
- https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2017-6.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/PSF-2017-6
- Aliases
- Published
- 2017-11-17T00:00:00Z
- Modified
- 2023-11-01T05:44:02.045924Z
- Summary
- PyString_DecodeEscape integer overflow
- Details
-
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)
- Database specific
{ "cwe_ids": [] }- References
Affected packages
Git / github.com/python/cpython
Affected ranges
- Type
- GIT
- Repo
- https://github.com/python/cpython
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixed
Database specific
{
"vanir_signatures": [
{
"target": {
"function": "PyBytes_DecodeEscape",
"file": "Objects/bytesobject.c"
},
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "31179806471181117326004825060400939616",
"length": 2974.0
},
"signature_version": "v1",
"source": "https://github.com/python/cpython/commit/fd8614c5c5466a14a945db5b059c10c0fb8f76d9",
"id": "PSF-2017-6-31d05647"
},
{
"target": {
"file": "Objects/stringobject.c"
},
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"264698812612038223625738423785275396491",
"324901092193929762203901685244255787472",
"289276965729970537948574322186833225808",
"175115093422823433934398045905321445710"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/python/cpython/commit/c3c9db89273fabc62ea1b48389d9a3000c1c03ae",
"id": "PSF-2017-6-439f8402"
},
{
"target": {
"function": "PyString_DecodeEscape",
"file": "Objects/stringobject.c"
},
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "64170048644253513690968698989059040609",
"length": 3243.0
},
"signature_version": "v1",
"source": "https://github.com/python/cpython/commit/c3c9db89273fabc62ea1b48389d9a3000c1c03ae",
"id": "PSF-2017-6-7d346928"
},
{
"target": {
"function": "PyBytes_DecodeEscape",
"file": "Objects/bytesobject.c"
},
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "31179806471181117326004825060400939616",
"length": 2974.0
},
"signature_version": "v1",
"source": "https://github.com/python/cpython/commit/6c004b40f9d51872d848981ef1a18bb08c2dfc42",
"id": "PSF-2017-6-a13d6c73"
},
{
"target": {
"file": "Objects/bytesobject.c"
},
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"264698812612038223625738423785275396491",
"49225347790879069755109775863064602465",
"56373801459327902970855607913023796643",
"141892281464176794472381829000867063416"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/python/cpython/commit/fd8614c5c5466a14a945db5b059c10c0fb8f76d9",
"id": "PSF-2017-6-b814d76f"
},
{
"target": {
"file": "Objects/bytesobject.c"
},
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"264698812612038223625738423785275396491",
"49225347790879069755109775863064602465",
"56373801459327902970855607913023796643",
"141892281464176794472381829000867063416"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/python/cpython/commit/6c004b40f9d51872d848981ef1a18bb08c2dfc42",
"id": "PSF-2017-6-f7c09a2a"
}
]
}