[issue39062] ValueError in TarFile.getmembers

[jvoisin]

jvoisin  added the comment:

Raising an except is ok, if it's documented, so I know which ones I should 
catch to prevent my program to quit when processing untrusted files, without 
having to catch `Exception`.

Reliability is important in my use-case as well, not only exploitable 
memory-corruption issues.

I'll try to reproduce future issues on more recent Python versions before 
reporting them :)

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue39062] ValueError in TarFile.getmembers

[Terry J. Reedy]

Terry J. Reedy  added the comment:

jvoisin, please consider rerunning such reproducers with lastest 3.8 and 3.9 
before submitting.  It is much easier for you to do so when you have the fuzz 
file, script, and command line already present.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue39062] ValueError in TarFile.getmembers

[Terry J. Reedy]

Terry J. Reedy  added the comment:

jvoisin, what do you consider to be the bug?  Raising an exception  is exactly 
the right thing to do on bad input.  I leave it to others to decide if this 
should be closed as 'not a bug' or if the internal exception should be caught 
and replaced.  We don't pretend to document all possible exception from all 
functions.

The more important aim of fuzzing is to find inputs that cause no-exception 
crashes.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue39062] ValueError in TarFile.getmembers

[Terry J. Reedy]

Terry J. Reedy  added the comment:

See #39065, #39067 for similar tarfile issues.

--
nosy: +terry.reedy

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue39062] ValueError in TarFile.getmembers

[Terry J. Reedy]

Change by Terry J. Reedy :


--
nosy: +lars.gustaebel, serhiy.storchaka

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue39062] ValueError in TarFile.getmembers

[jvoisin]

New submission from jvoisin :

The attached file produces the following stacktrace when opened via 
`tarfile.open`  and iterated with `TarFile.getmembers`, on Python 3.7.5rc1:

```
$ cat tarrepro.py
import tarfile
import sys

with tarfile.open(sys.argv[1]) as t:
  for member in t.getmembers():
pass
```

```
$ python3 tarrepro.py 
crash-7221297307ab37ac87be6ea6dd9b28d4d453c557aa3da8a2138ab98e015cd42a
Traceback (most recent call last):
  File "tarrepro.py", line 5, in 
for member in t.getmembers():
  File "/usr/lib/python3.7/tarfile.py", line 1763, in getmembers
self._load()# all members, we first have to
  File "/usr/lib/python3.7/tarfile.py", line 2350, in _load
tarinfo = self.next()
  File "/usr/lib/python3.7/tarfile.py", line 2281, in next
self.fileobj.seek(self.offset - 1)
ValueError: cannot fit 'int' into an offset-sized integer
```

This file isn't a valid tar file, it was created by a fuzzer.

--
components: Library (Lib)
files: crash-7221297307ab37ac87be6ea6dd9b28d4d453c557aa3da8a2138ab98e015cd42a
messages: 358472
nosy: jvoisin
priority: normal
severity: normal
status: open
title: ValueError in TarFile.getmembers
type: behavior
versions: Python 3.7
Added file: 
https://bugs.python.org/file48781/crash-7221297307ab37ac87be6ea6dd9b28d4d453c557aa3da8a2138ab98e015cd42a

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com