search

go-python / gpython

gpython is a python interpreter written in go "batteries not included"
BSD 3-Clause "New" or "Revised" License
870 stars 95 forks source link

Large hex_string of pickle.load() crashes gpython #201

Closed xiaxinmeng closed 1 year ago

xiaxinmeng commented 1 year ago

When pickle loads large string of a byte file, gpython crashes with segfault

Crashing message: segmentation fault

import io
import pickle
hex_string = '8004952A000000000000008C086461746574696D65948C086461746574696D65949388430A07B2010100000000000092059452942E'
myb = bytes.fromhex(hex_string)
f = io.BytesIO(myb)
myb = pickle.load(f)

environment: gpython 0.1.0 on Ubuntu 18.04, and gpython main(https://github.com/go-python/gpython/commit/6f8e06a4660709ab44398d8b1a18738aa407b1c3 on Oct 5)

ncw commented 1 year ago

gpython doesn't come with an io or a pickle module - where did you get these from?

Please give steps to reproduce with gpython

Thanks

xiaxinmeng commented 1 year ago

I am very sorry. After checking again, I think I made mistakes in building gpython from source. I downloaded source code from GitHub and release websites(https://github.com/go-python/gpython/releases). Then i built gpython with the following command: cd go-python/gpython/bin/; ./install_python.sh xxxdir. And hence, I had mistaken Python 3.4.9 for gpython. Yes, indeed, these test programs cannot crash gpython, just crash CPython 3.4.9.

where did you get these from?

Our team is developing a fuzzing tool to detect bugs in python interpreters. We hope that these bugs can be helpful for the development of gpython. Sorry again, we will carefully check the bugs in later reports. Thanks.

ncw commented 1 year ago

Thanks for the explanation and no problems @xiaxinmeng . New bugs discovered are always good!

I'll close this issue now.