Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[3.10] gh-95778: CVE-2020-10735: Prevent DoS by very large int() #96501

Merged
merged 11 commits into from
Sep 2, 2022
Merged

[3.10] gh-95778: CVE-2020-10735: Prevent DoS by very large int() #96501

Changes from 1 commit
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
4631817
Backport to 3.10 from CVE-2020-10735-3.11backport.
gpshead Aug 19, 2022
0e84c7e
doc patch fixup & missing help text blank line.
gpshead Aug 19, 2022
7a19c64
Update attribution in Misc/NEWS.d
gpshead Aug 25, 2022
fe60b07
Manually add new field to abi file
tiran Sep 1, 2022
5e1ba25
Move the whatsnew text per review.
gpshead Sep 1, 2022
bcd2ab0
Merge branch 'CVE-2020-10735-3.10backport' of github.com:python/psrt …
gpshead Sep 1, 2022
97b157d
Make the doctest actually run & fix it.
gpshead Sep 1, 2022
adab0bf
Fix the docs build.
gpshead Sep 2, 2022
059f402
Rename the news file to appease the Bedevere bot.
gpshead Sep 2, 2022
4d1f053
Merge branch '3.10' into CVE-2020-10735-3.10backport
gpshead Sep 2, 2022
35c2d42
hexadecimal spelling =)
gpshead Sep 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix the docs build.
  • Loading branch information
@gpshead
gpshead committed Sep 2, 2022
commit adab0bf3e8b455ef521899e17258749032e721df
6 changes: 4 additions & 2 deletions Doc/library/stdtypes.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5437,7 +5437,7 @@ The limit is applied to the number of digit characters in the input or output
string when a non-linear conversion algorithm would be involved. Underscores
and the sign are not counted towards the limit.

When an operation would exceed the limit, a :exc:`ValueError` is raised::
When an operation would exceed the limit, a :exc:`ValueError` is raised:

.. doctest::

Expand All @@ -5464,7 +5464,9 @@ The default limit is 4300 digits as provided in
The lowest limit that can be configured is 640 digits as provided in
:data:`sys.int_info.str_digits_check_threshold <sys.int_info>`.

Verification::
Verification:

.. doctest::

>>> import sys
>>> assert sys.int_info.default_max_str_digits == 4300, sys.int_info
Expand Down