[ZCM] [ZC] 1617/10 Resolve "zpt code crashes zope"
Collector: Zope Bugs, Features,
and Patches ...
zope-coders-admin at zope.org
Sun Jan 30 11:56:35 EST 2005
Issue #1617 Update (Resolve) "zpt code crashes zope"
** Security Related ** (Public)
Status Resolved, Zope/bug critical
To followup, visit:
http://collector.zope.org/Zope/1617
==============================================================
= Resolve - Entry #10 by ajung on Jan 30, 2005 11:56 am
Status: Accepted => Resolved
Bad English today....... The fixes for this issues were ported from 2.7
to the SVN trunk.
________________________________________
= Comment - Entry #9 by ajung on Jan 30, 2005 11:43 am
Changes to cAccessControl ported to SVN trunk (Zope 2.8a2)
________________________________________
= Comment - Entry #8 by efge on Dec 14, 2004 12:01 pm
Andreas and Tim checked in code to fix this in the 2.7 branch.
It's not ported to svn trunk yet.
http://cvs.zope.org/Zope/lib/python/AccessControl/Attic/cAccessControl.c.diff?r2=text&tr1=1.20.2.10&tr2=1.20.2.19&r1=text&diff_format=u
________________________________________
= Comment - Entry #7 by efge on Dec 10, 2004 8:58 am
Jim confirmed in the list that it's indeed a Zope problem, not a python one. cAccessControl should test the return value of the call before doing [0].
________________________________________
= Unrestrict_accepted - Entry #6 by ajung on Dec 10, 2004 1:47 am
________________________________________
= Comment - Entry #5 by ajung on Dec 9, 2004 8:30 am
URL of Python bug report:
https://sourceforge.net/tracker/index.php?func=detail&aid=1082085&group_id=5470&atid=105470
________________________________________
= Comment - Entry #4 by ajung on Dec 9, 2004 7:55 am
This bug is reproducable with Python 2.3.4 and Python 2.4.0
inside a Python-only environment. So this is definetely a bug
in Python...filing a Python bug report now.
________________________________________
= Assign_confidential - Entry #3 by ajung on Dec 9, 2004 7:47 am
Status: Pending => Accepted
Supporters added: ajung
________________________________________
= Comment - Entry #2 by ajung on Dec 9, 2004 7:42 am
I tracked this issue down.
Zope/Python segfaults in cAccessControl, line 2053
u'\xc4' is passed to PyString_AsString() which causes the crash.
No idea if this happens because of some reference counting problem...
trying to reproduce the error within a Python-only environment.
________________________________________
= Request - Entry #1 by jmo on Dec 9, 2004 7:22 am
Uploaded: "unicode-crash.txt"
- http://collector.zope.org/Zope/1617/unicode-crash.txt/view
the following ZPT code crashes zope (python hangs or dumps core) - see also the attachment
<tal:block define="
items python: {u'\xc4': ''};
key python: u'\xc4'"
content="items/?key" />
==============================================================
More information about the Zope-Collector-Monitor
mailing list