[issue24552] use after free in load_newobj_ex

Changes by Arfrever Frehtes Taifersar Arahesis : -- nosy: +Arfrever ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscri

[issue24552] use after free in load_newobj_ex

Roundup Robot added the comment: New changeset 978bc1ff43a7 by Benjamin Peterson in branch '3.4': use correct __new__ method (closes #24552) https://hg.python.org/cpython/rev/978bc1ff43a7 -- resolution: -> fixed status: open -> closed ___ Python trac

[issue24552] use after free in load_newobj_ex

STINNER Victor added the comment: Buildbots are not happy. Example: http://buildbot.python.org/all/builders/AMD64%20FreeBSD%2010.0%203.5/builds/57/steps/test/logs/stdio == ERROR: test_newobj_not_class (test.test_pickletools.Op

[issue24552] use after free in load_newobj_ex

Roundup Robot added the comment: New changeset 24ce32d76376 by Benjamin Peterson in branch '3.4': fix use after free (closes #24552) https://hg.python.org/cpython/rev/24ce32d76376 New changeset 24197b5f7126 by Benjamin Peterson in branch '3.5': merge 3.4 (#24552) https://hg.python.org/cpython/re

[issue24552] use after free in load_newobj_ex

New submission from Benjamin Peterson: >From Kurucsai Istvan on the security list: I. Summary There is a use-after-free in the load_newobj_ex function in _pickle.c that results in an arbitrary read. II. Source code The functions in question: static int load_newobj_ex(UnpicklerObject *self)