Package: python-numpy
Version: 1:1.0.1-1
Severity: important
Hi,
The following should be obvious enough:
bug-thingies$ cat crash2.py
from numpy import array
sel = array([False,True])
p1 = array([11.])
p1[sel] = p1
bug-thingies$ python crash2.py
*** glibc detected *** free(): invalid next size (fast): 0x081f6938 ***
Aborted
Note: Yes, I'm fully aware of the fact, that the above
python program is bad/wrong code!
Nevertheless, it should not crash like this.
It really should give an exception.
I have set the severity to important, as this bug could
have security implications. At least, with the following
assumptions:
1) The arrays could have been read from (untrusted) data
files.
Note: They only contain data, nothing more, one should
not assume, that this data comes from a trusted source!
2) The glibc issue really means some memory corruption, so
if the above (malicous) data would be constructed with
more care, an exploit might be possible.
I leave tagging as RC/security to the maintainers or other
interested parties.
Elrond
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Versions of packages python-numpy depends on:
ii atlas3-base [liblapack.so.3 3.6.0-20.6 Automatically Tuned Linear Algebra
ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
ii libg2c0 1:3.4.6-5 Runtime library for GNU Fortran 77
ii libgcc1 1:4.1.1-21 GCC support library
ii python 2.4.4-2 An interactive high-level object-o
ii python-central 0.5.12 register and build utility for Pyt
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
