Skip to content

C
cpython
Kaydet (Commit) 8e42fb7a authored tarafından Victor Stinner's avatar Victor Stinner
Dosyalara gözat
Seçenekler

Merged revisions 82495 via svnmerge from 

svn+ssh://pythondev@svn.python.org/python/branches/py3k

................
  r82495 | victor.stinner | 2010-07-03 15:44:22 +0200 (sam., 03 juil. 2010) | 10 lines

  Merged revisions 82492 via svnmerge from
  svn+ssh://pythondev@svn.python.org/python/trunk

  ........
    r82492 | victor.stinner | 2010-07-03 15:36:19 +0200 (sam., 03 juil. 2010) | 3 lines

    Issue #7673: Fix security vulnerability (CVE-2010-2089) in the audioop module,
    ensure that the input string length is a multiple of the frame size
  ........
................
üst f78756a8
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 37 additions and 1 deletion
Lib/test/test_audioop.py
Dosyayı görüntüle @ 8e42fb7a
...@@ -20,6 +20,12 @@ def gendata4(): ...@@ -20,6 +20,12 @@ def gendata4():
data = [gendata1(), gendata2(), gendata4()] data = [gendata1(), gendata2(), gendata4()]
INVALID_DATA = [
('abc', 0),
('abc', 2),
('abc', 4),
]
class TestAudioop(unittest.TestCase): class TestAudioop(unittest.TestCase):
...@@ -168,6 +174,33 @@ class TestAudioop(unittest.TestCase): ...@@ -168,6 +174,33 @@ class TestAudioop(unittest.TestCase):
self.assertRaises(audioop.error, self.assertRaises(audioop.error,
audioop.findmax, ''.join(chr(x) for x in range(256)), -2392392) audioop.findmax, ''.join(chr(x) for x in range(256)), -2392392)
def test_issue7673(self):
state = None
for data, size in INVALID_DATA:
size2 = size
self.assertRaises(audioop.error, audioop.getsample, data, size, 0)
self.assertRaises(audioop.error, audioop.max, data, size)
self.assertRaises(audioop.error, audioop.minmax, data, size)
self.assertRaises(audioop.error, audioop.avg, data, size)
self.assertRaises(audioop.error, audioop.rms, data, size)
self.assertRaises(audioop.error, audioop.avgpp, data, size)
self.assertRaises(audioop.error, audioop.maxpp, data, size)
self.assertRaises(audioop.error, audioop.cross, data, size)
self.assertRaises(audioop.error, audioop.mul, data, size, 1.0)
self.assertRaises(audioop.error, audioop.tomono, data, size, 0.5, 0.5)
self.assertRaises(audioop.error, audioop.tostereo, data, size, 0.5, 0.5)
self.assertRaises(audioop.error, audioop.add, data, data, size)
self.assertRaises(audioop.error, audioop.bias, data, size, 0)
self.assertRaises(audioop.error, audioop.reverse, data, size)
self.assertRaises(audioop.error, audioop.lin2lin, data, size, size2)
self.assertRaises(audioop.error, audioop.ratecv, data, size, 1, 1, 1, state)
self.assertRaises(audioop.error, audioop.lin2ulaw, data, size)
self.assertRaises(audioop.error, audioop.ulaw2lin, data, size)
self.assertRaises(audioop.error, audioop.lin2alaw, data, size)
self.assertRaises(audioop.error, audioop.alaw2lin, data, size)
self.assertRaises(audioop.error, audioop.lin2adpcm, data, size, state)
self.assertRaises(audioop.error, audioop.adpcm2lin, data, size, state)
def test_main(): def test_main():
run_unittest(TestAudioop) run_unittest(TestAudioop)
......
Misc/NEWS
Dosyayı görüntüle @ 8e42fb7a
...@@ -75,7 +75,10 @@ C-API ...@@ -75,7 +75,10 @@ C-API
Library Library
------- -------
- Issue #6589: cleanup asyncore.socket_map in case smtpd.SMTPServer constructor - Issue #7673: Fix security vulnerability (CVE-2010-2089) in the audioop
module, ensure that the input string length is a multiple of the frame size
- Issue #6589: cleanup asyncore.socket_map in case smtpd.SMTPServer constructor
raises an exception. raises an exception.
- Issue #9075: In the ssl module, remove the setting of a ``debug`` flag - Issue #9075: In the ssl module, remove the setting of a ``debug`` flag
......
Modules/audioop.c
Dosyayı görüntüle @ 8e42fb7a
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment