(this is my first post here, I am sorry if it is in a wrong subsection, please, point me in the right direction, if it is the case).
Hello,
I am working on porting the CVE-2020-10735 (that controversial int->str conversion thingy) to Python 3.6 for SUSE Enterprise Linux and currently I have https://mcepl.fedorapeople.org/tmp/CVE-2020-10735-DoS-no-limit-int-size.patch (or branch GitHub - mcepl/cpython at CVE-2020-10735-port-patch-3.6).
Obviously, the biggest problem I have is that the startup sequence was completely rewritten in 3.7, so I had to rearrange things quite a lot, and probably I have missed something (nobody ever would accuse me of being a seasoned C programmer). The simplest test doesn’t work:
> ./python -X faulthandler -X int_max_str_digits=7000 -c 'import sys;print(sys.flags.int_max_str_digits, sys.get_int_max_str_digits())'
-1 4300
>
So, I pulled out gdb
, but the result was quite confusing: SUSE Paste … this jumping out of the function after that PyDECREF
is absolutely predictable, it happened in three of three situations. Is there some threading thing going on? Or what else?
Also, even when (when trying with setting the environmental variable PYTHONINTMAXSTRDIGITS
) the global variable _Py_global_config_int_max_str_digits
is set, the function still won’t finish right (breaks in the same place), and the value of sys.flags.int_max_str_digits
is still -1
and sys.get_int_max_str_digits()
still returns 4300
.
Anybody any suggestions, how to continue?
Thank you for any suggestions,
Matěj