MeggyCal
commented
1 year ago Looks like the change was backported also to other Python codestreams (3.7, 3.8, 3.9, 3.10, 3.11).
Closed MeggyCal closed 1 year ago
MeggyCal
commented
1 year ago Looks like the change was backported also to other Python codestreams (3.7, 3.8, 3.9, 3.10, 3.11).
berkerpeksag
commented
1 year ago Thank you for the detailed report! The fix has been merged into the master branch.
From Python3.10.7 changelog: Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. This is a mitigation for CVE-2020-10735. This limit can be configured or disabled by environment variable, command line flag, or sys APIs. See the integer string conversion length limitation documentation. The default limit is 4300 digits in string form.
Hence
test_huge_intfails.