Merged revisions 82495 via svnmerge from svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r82495 | victor.stinner | 2010-07-03 15:44:22 +0200 (sam., 03 juil. 2010) | 10 lines Merged revisions 82492 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r82492 | victor.stinner | 2010-07-03 15:36:19 +0200 (sam., 03 juil. 2010) | 3 lines Issue #7673: Fix security vulnerability (CVE-2010-2089) in the audioop module, ensure that the input string length is a multiple of the frame size ........ ................

commit: 8e42fb7ada3198e66d3f060c5c87c52465a86e36 [log] [tgz]
author: Victor Stinner <victor.stinner@haypocalc.com> Sat Jul 03 13:46:01 2010 +0000
committer: Victor Stinner <victor.stinner@haypocalc.com> Sat Jul 03 13:46:01 2010 +0000
tree: fc349f23b2b40580ac63a639c26960c80350d914
parent: f78756a8a84d7d731d87b2a9d7814ee7aeb5a1c4 [diff] [blame]
diff --git a/Lib/test/test_audioop.py b/Lib/test/test_audioop.py
index 1cd80a1..308c3e3 100644
--- a/Lib/test/test_audioop.py
+++ b/Lib/test/test_audioop.py

@@ -20,6 +20,12 @@
 
 data = [gendata1(), gendata2(), gendata4()]
 
+INVALID_DATA = [
+    ('abc', 0),
+    ('abc', 2),
+    ('abc', 4),
+]
+
 
 class TestAudioop(unittest.TestCase):
 
@@ -168,6 +174,33 @@
         self.assertRaises(audioop.error,
             audioop.findmax, ''.join(chr(x) for x in range(256)), -2392392)
 
+    def test_issue7673(self):
+        state = None
+        for data, size in INVALID_DATA:
+            size2 = size
+            self.assertRaises(audioop.error, audioop.getsample, data, size, 0)
+            self.assertRaises(audioop.error, audioop.max, data, size)
+            self.assertRaises(audioop.error, audioop.minmax, data, size)
+            self.assertRaises(audioop.error, audioop.avg, data, size)
+            self.assertRaises(audioop.error, audioop.rms, data, size)
+            self.assertRaises(audioop.error, audioop.avgpp, data, size)
+            self.assertRaises(audioop.error, audioop.maxpp, data, size)
+            self.assertRaises(audioop.error, audioop.cross, data, size)
+            self.assertRaises(audioop.error, audioop.mul, data, size, 1.0)
+            self.assertRaises(audioop.error, audioop.tomono, data, size, 0.5, 0.5)
+            self.assertRaises(audioop.error, audioop.tostereo, data, size, 0.5, 0.5)
+            self.assertRaises(audioop.error, audioop.add, data, data, size)
+            self.assertRaises(audioop.error, audioop.bias, data, size, 0)
+            self.assertRaises(audioop.error, audioop.reverse, data, size)
+            self.assertRaises(audioop.error, audioop.lin2lin, data, size, size2)
+            self.assertRaises(audioop.error, audioop.ratecv, data, size, 1, 1, 1, state)
+            self.assertRaises(audioop.error, audioop.lin2ulaw, data, size)
+            self.assertRaises(audioop.error, audioop.ulaw2lin, data, size)
+            self.assertRaises(audioop.error, audioop.lin2alaw, data, size)
+            self.assertRaises(audioop.error, audioop.alaw2lin, data, size)
+            self.assertRaises(audioop.error, audioop.lin2adpcm, data, size, state)
+            self.assertRaises(audioop.error, audioop.adpcm2lin, data, size, state)
+
 def test_main():
     run_unittest(TestAudioop)
commit	8e42fb7ada3198e66d3f060c5c87c52465a86e36	[log] [tgz]
author	Victor Stinner <victor.stinner@haypocalc.com>	Sat Jul 03 13:46:01 2010 +0000
committer	Victor Stinner <victor.stinner@haypocalc.com>	Sat Jul 03 13:46:01 2010 +0000
tree	fc349f23b2b40580ac63a639c26960c80350d914
parent	f78756a8a84d7d731d87b2a9d7814ee7aeb5a1c4 [diff] [blame]