File: CVE-2019-20907.diff

package info (click to toggle)
python2.7 2.7.18-8%2Bdeb11u1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 78,736 kB
  • sloc: python: 470,452; ansic: 443,657; sh: 17,616; asm: 14,304; makefile: 4,914; objc: 761; exp: 499; javascript: 314; cpp: 128; xml: 76
file content (26 lines) | stat: -rw-r--r-- 954 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
From 47a2955589bdb1a114d271496ff803ad73f954b8 Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
 <31488909+miss-islington@users.noreply.github.com>
Date: Wed, 15 Jul 2020 05:36:36 -0700
Subject: [PATCH] bpo-39017: Avoid infinite loop in the tarfile module
 (GH-21454) (#21485)

Avoid infinite loop when reading specially crafted TAR files using the tarfile module
(CVE-2019-20907).
(cherry picked from commit 5a8d121a1f3ef5ad7c105ee378cc79a3eac0c7d4)

Co-authored-by: Rishi <rishi_devan@mail.com>

diff --git a/Lib/tarfile.py b/Lib/tarfile.py
index adf91d5..574a6bb 100644
--- a/Lib/tarfile.py
+++ b/Lib/tarfile.py
@@ -1400,6 +1400,8 @@ class TarInfo(object):
 
             length, keyword = match.groups()
             length = int(length)
+            if length == 0:
+                raise InvalidHeaderError("invalid header")
             value = buf[match.end(2) + 1:match.start(1) + length - 1]
 
             keyword = keyword.decode("utf8")