{"id":"PSF-2017-6","summary":"PyString_DecodeEscape integer overflow","details":"CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)","aliases":["CVE-2017-1000158"],"modified":"2023-11-01T05:44:02.045924Z","published":"2017-11-17T00:00:00Z","database_specific":{"cwe_ids":[]},"references":[{"type":"REPORT","url":"https://bugs.python.org/issue30657"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/python/cpython","events":[{"introduced":"0"},{"fixed":"6c004b40f9d51872d848981ef1a18bb08c2dfc42"},{"fixed":"c3c9db89273fabc62ea1b48389d9a3000c1c03ae"},{"fixed":"fd8614c5c5466a14a945db5b059c10c0fb8f76d9"}]}],"database_specific":{"source":"https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2017-6.json","vanir_signatures":[{"signature_version":"v1","deprecated":false,"digest":{"function_hash":"31179806471181117326004825060400939616","length":2974},"source":"https://github.com/python/cpython/commit/fd8614c5c5466a14a945db5b059c10c0fb8f76d9","id":"PSF-2017-6-31d05647","signature_type":"Function","target":{"file":"Objects/bytesobject.c","function":"PyBytes_DecodeEscape"}},{"signature_version":"v1","deprecated":false,"digest":{"line_hashes":["264698812612038223625738423785275396491","324901092193929762203901685244255787472","289276965729970537948574322186833225808","175115093422823433934398045905321445710"],"threshold":0.9},"source":"https://github.com/python/cpython/commit/c3c9db89273fabc62ea1b48389d9a3000c1c03ae","id":"PSF-2017-6-439f8402","signature_type":"Line","target":{"file":"Objects/stringobject.c"}},{"signature_version":"v1","deprecated":false,"digest":{"function_hash":"64170048644253513690968698989059040609","length":3243},"source":"https://github.com/python/cpython/commit/c3c9db89273fabc62ea1b48389d9a3000c1c03ae","id":"PSF-2017-6-7d346928","signature_type":"Function","target":{"file":"Objects/stringobject.c","function":"PyString_DecodeEscape"}},{"signature_version":"v1","deprecated":false,"digest":{"function_hash":"31179806471181117326004825060400939616","length":2974},"source":"https://github.com/python/cpython/commit/6c004b40f9d51872d848981ef1a18bb08c2dfc42","id":"PSF-2017-6-a13d6c73","signature_type":"Function","target":{"file":"Objects/bytesobject.c","function":"PyBytes_DecodeEscape"}},{"signature_version":"v1","deprecated":false,"digest":{"line_hashes":["264698812612038223625738423785275396491","49225347790879069755109775863064602465","56373801459327902970855607913023796643","141892281464176794472381829000867063416"],"threshold":0.9},"source":"https://github.com/python/cpython/commit/fd8614c5c5466a14a945db5b059c10c0fb8f76d9","id":"PSF-2017-6-b814d76f","signature_type":"Line","target":{"file":"Objects/bytesobject.c"}},{"signature_version":"v1","deprecated":false,"digest":{"line_hashes":["264698812612038223625738423785275396491","49225347790879069755109775863064602465","56373801459327902970855607913023796643","141892281464176794472381829000867063416"],"threshold":0.9},"source":"https://github.com/python/cpython/commit/6c004b40f9d51872d848981ef1a18bb08c2dfc42","id":"PSF-2017-6-f7c09a2a","signature_type":"Line","target":{"file":"Objects/bytesobject.c"}}]}}],"schema_version":"1.7.3"}