[issue23281] Access violation - pyc file
eryksun added the comment: You attached a corrupt bytecode cache for stdlib bisect.py: f = open('test.pyc', 'rb') magic,tstamp = struct.unpack('ll', f.read(8)) magic27 = 62211 | (ord('\r') 16) | (ord('\n') 24) magic == magic27 True datetime.fromtimestamp(tstamp) datetime.datetime(2011, 3, 8, 2, 39, 36) code = marshal.load(f) dis.dis(code) 1 0 LOAD_CONST 0 ('Bisection algorithms.') 3 STORE_NAME 0 (__doc__) 3 6 LOAD_CONST 1 (0) 9 LOAD_CONST 8 (None) 12 LOAD_CONST 2 (code object insort_right at 0x7f71bf596db0, file C:\Python27\Lib\bisect.py, line 3) 15 MAKE_FUNCTION2 18 STORE_NAME 2 (insort_right) 22 21 LOAD_NAME65282 Traceback (most recent call last): File stdin, line 1, in module File /usr/lib/python2.7/dis.py, line 43, in dis disassemble(x) File /usr/lib/python2.7/dis.py, line 97, in disassemble print '(' + co.co_names[oparg] + ')', IndexError: tuple index out of range It's no surprise if this bad file crashed the interpreter. Just delete it. -- nosy: +eryksun ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue23281 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue23281] Access violation - pyc file
Brett Cannon added the comment: If it was created by a fuzzer then this isn't a bug as we do no validation of bytecode formatting as we assume it was generated by Python and not an external, malicious source. -- nosy: +brett.cannon resolution: - not a bug status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue23281 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue23281] Access violation - pyc file
Paweł Zduniak added the comment: This file is created by fuzzer -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue23281 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue23281] Access violation - pyc file
Eric V. Smith added the comment: Was this file generated by CPython from a .py file? If so, can you share the .py file? If not, how was this file generated? As eryksun says, it appears to not be a valid .pyc file. -- nosy: +eric.smith ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue23281 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue23281] Access violation - pyc file
STINNER Victor added the comment: we assume it was generated by Python and not an external, malicious source. Said differently: you must not trust .py or .pyc downloaded from untrusted sources. Executing arbitary .py or .pyc file allows to execute arbitrary Python code. Instead of writing complex code to inject machine code in the Python evaluation loop (Python/ceval.c), just execute import os; os.system('echo pwn!') which runs an arbitrary shell command. Compile it to .pyc if you want to exploit the PYC path. -- nosy: +haypo ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue23281 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue23281] Access violation - pyc file
New submission from Paweł Zduniak: (950.e58): Access violation - code c005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Windows\SysWOW64\python27.dll - python27!PyEval_EvalFrameEx+0x1895: 1e0bcb45 8b74b00cmov esi,dword ptr [eax+esi*4+0Ch] ds:002b:0224207c= -- components: Windows files: test.pyc messages: 234357 nosy: Paweł.Zduniak, steve.dower, tim.golden, zach.ware priority: normal severity: normal status: open title: Access violation - pyc file type: crash versions: Python 2.7 Added file: http://bugs.python.org/file37785/test.pyc ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue23281 ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com