{"id":"PSF-2021-3","summary":"ctypes: Buffer overflow in PyCArg_repr","details":"Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.","aliases":["BIT-libpython-2021-3177","BIT-python-2021-3177","BIT-python-min-2021-3177","CVE-2021-3177"],"modified":"2025-09-19T01:44:59.122140Z","published":"2021-01-19T00:00:00Z","database_specific":{"cwe_ids":[]},"references":[{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/cve-2021-3177"},{"type":"REPORT","url":"https://bugs.python.org/issue42938"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/python/cpython","events":[{"introduced":"0"},{"fixed":"34df10a9a16b38d54421eeeaf73ec89828563be7"},{"fixed":"916610ef90a0d0761f08747f7b0905541f0977c7"},{"fixed":"c347cbe694743cee120457aa6626712f7799a932"},{"fixed":"d9b8f138b7df3b455b54653ca59f491b4840d6fa"},{"fixed":"ece5dfd403dac211f8d3c72701fe7ba7b7aa5b5f"}]}],"versions":["2.5","3.2","v0.9.8","v0.9.9","v1.0.1","v1.0.2","v1.1","v1.1.1","v1.2","v1.2b1","v1.2b2","v1.2b3","v1.2b4","v1.3","v1.3b1","v1.4","v1.4b1","v1.4b2","v1.4b3","v1.5","v1.5.1","v1.5.2","v1.5.2a1","v1.5.2a2","v1.5.2b1","v1.5.2b2","v1.5.2c1","v1.5a1","v1.5a2","v1.5a3","v1.5a4","v1.5b1","v1.5b2","v1.6a1","v1.6a2","v2.0","v2.0b1","v2.0b2","v2.0c1","v2.1","v2.1a1","v2.1a2","v2.1b1","v2.1b2","v2.1c1","v2.1c2","v2.2a3","v2.3c1","v2.3c2","v2.4","v2.4a1","v2.4a2","v2.4a3","v2.4b1","v2.4b2","v2.4c1","v2.5","v2.5.1","v2.5.1c1","v2.5.2","v2.5.2c1","v2.5.3","v2.5.3c1","v2.5.4","v2.5.5","v2.5.5c1","v2.5.5c2","v2.5.6","v2.5.6c1","v2.5a0","v2.5a1","v2.5a2","v2.5b1","v2.5b2","v2.5b3","v2.5c1","v2.5c2","v2.6","v2.6.1","v2.6.2","v2.6.2c1","v2.6.3","v2.6.3rc1","v2.6.4","v2.6.4rc1","v2.6.4rc2","v2.6.5","v2.6.5rc1","v2.6.5rc2","v2.6.6","v2.6.6rc1","v2.6.6rc2","v2.6.7","v2.6.8","v2.6.8rc1","v2.6.8rc2","v2.6a1","v2.6a2","v2.6a3","v2.6b1","v2.6b2","v2.6b3","v2.6rc1","v2.6rc2","v2.7","v2.7.1","v2.7.1rc1","v2.7.2","v2.7.2rc1","v2.7.3","v2.7.3rc1","v2.7.3rc2","v2.7.4rc1","v2.7a1","v2.7a2","v2.7a3","v2.7a4","v2.7b1","v2.7b2","v2.7rc1","v2.7rc2","v3.0a1","v3.0a2","v3.0a3","v3.0a4","v3.0a5","v3.0b1","v3.0b2","v3.0b3","v3.0rc1","v3.0rc2","v3.0rc3","v3.1","v3.1.1","v3.1.1rc1","v3.1.2","v3.1.2rc1","v3.1.3","v3.1.3rc1","v3.1.4","v3.1.4rc1","v3.1.5","v3.1.5rc1","v3.1.5rc2","v3.10.0a1","v3.10.0a2","v3.10.0a3","v3.10.0a4","v3.1a1","v3.1a2","v3.1b1","v3.1rc1","v3.1rc2","v3.2","v3.2.1","v3.2.1b1","v3.2.1rc1","v3.2.1rc2","v3.2.2","v3.2.2rc1","v3.2.3","v3.2.3rc1","v3.2.3rc2","v3.2.4","v3.2.4rc1","v3.2.5","v3.2.6","v3.2.6rc1","v3.2a1","v3.2a2","v3.2a3","v3.2a4","v3.2b1","v3.2b2","v3.2rc1","v3.2rc2","v3.2rc3","v3.3.0","v3.3.0a1","v3.3.0a2","v3.3.0a3","v3.3.0a4","v3.3.0b1","v3.3.0b2","v3.3.0rc1","v3.3.0rc2","v3.3.0rc3","v3.3.1","v3.3.1rc1","v3.3.2","v3.3.3","v3.3.3rc1","v3.3.3rc2","v3.3.4","v3.3.4rc1","v3.3.5","v3.3.5rc1","v3.3.5rc2","v3.3.6","v3.3.6rc1","v3.4.0","v3.4.0a1","v3.4.0a2","v3.4.0a3","v3.4.0a4","v3.4.0b1","v3.4.0b2","v3.4.0b3","v3.4.0rc1","v3.4.0rc2","v3.4.0rc3","v3.4.1","v3.4.1rc1","v3.4.2","v3.4.2rc1","v3.4.3","v3.4.3rc1","v3.4.4","v3.4.4rc1","v3.4.5","v3.4.5rc1","v3.4.6","v3.4.6rc1","v3.5.0","v3.5.0a1","v3.5.0a2","v3.5.0a3","v3.5.0a4","v3.5.0b1","v3.5.0b2","v3.5.0b3","v3.5.0b4","v3.5.0rc1","v3.5.0rc2","v3.5.0rc3","v3.5.0rc4","v3.5.1","v3.5.1rc1","v3.5.2","v3.5.2rc1","v3.5.3","v3.5.3rc1","v3.6.0","v3.6.0a1","v3.6.0a2","v3.6.0a3","v3.6.0a4","v3.6.0b1","v3.6.0b2","v3.6.0b3","v3.6.0b4","v3.6.0rc1","v3.6.0rc2","v3.7.0a1","v3.7.0a2","v3.7.0a3","v3.7.0a4","v3.8.0a1","v3.8.0a2","v3.8.0a3","v3.8.0a4","v3.8.0b1","v3.9.0","v3.9.0a1","v3.9.0a2","v3.9.0a3","v3.9.0a4","v3.9.0a5","v3.9.0a6","v3.9.0b1","v3.9.0b2","v3.9.0b3","v3.9.0b4","v3.9.0b5","v3.9.0rc1","v3.9.0rc2","v3.9.1","v3.9.1rc1"],"database_specific":{"source":"https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2021-3.json","vanir_signatures":[{"target":{"function":"PyCArg_repr","file":"Modules/_ctypes/callproc.c"},"digest":{"length":1562,"function_hash":"269827137431301017895595727382632663049"},"signature_version":"v1","id":"PSF-2021-3-17f12a79","source":"https://github.com/python/cpython/commit/34df10a9a16b38d54421eeeaf73ec89828563be7","signature_type":"Function","deprecated":false},{"target":{"file":"Modules/_ctypes/callproc.c"},"digest":{"threshold":0.9,"line_hashes":["146841813386207376391544739151106575058","177115410101835897475648867715177370573","111840868461359711955477609877675314317","226015986403830196610105287536327176841","31943601925906011329811716754763988048","141448412175307880451743445131528404578","275609593790839204810254834723360322300","274439000060089632247593199928263739312","135524769389693839566368965974170150700","317712741498745082386031959342710854388","26697299540539411130410480736220001623","304768594592273667418681871239585624348","292900422329381971789120624196670759921","165704011656638112186603239545834692512","97451332192505258917213782126922013472","289053560383778029302959544786268514706","116995527637165631521647199479625494405","295411691583054370411722165324234943415","56846575991751030909970629824601016780","43672902678765331968990633714380902085","73231902918649775164525547501389947192","289253941880028699899401458449970493129","339857575764264273221072918151705932455","60964802071021770683843993491406847455","185611701820738193645505357105120818545","230116684196061449426250341058459893329","183956073363697673512797377825089370185","165213894182692287709475957614410904106","153087117138467504881998010093109678835","336272958189833777155751381994463586012","88515023003675154457288159982111425455","323515569122014699688219750990056754571","120926957480894721624818958219567638374","152865068026187283519904214678477097331","201853363938744172368323877317307597138","149451130326082922058257660966165471847","54584510415640477406558181272224255039","186610162193189343921905041963320636080","71727816483796699685632006672456932734","105018855893142008490331121901257639792","46958789373456020657781330013583195902","304389860082079670233883513662829705424","150316231270823502607029984840648570980","259715960714011669861570758290189555595","182485581653190782723653040600113736141","311558861351614989206607298031762897717","3543512060219023789041215740380688825","252142618139230305775358507882542776070","284765530301044536668281425245399224229","41794440003891290204837731689981315442","203394690402959054554140979860940402739","21279742005836859143148446862874130603","230578157503353657203986442760668293710","121452900402306593314401201136535966727","190729036860954624160105981372236676778","292250639816293776154174441841152260538","319479483684745982472579626252453430927","302444283096374884638713801514811909869","325900917015924859173559724670744683977","249765935825797188795091084691099333740","311704800130922227681962531551706313826","287477864282436254006368596213605744343","220486109866259236387088942968936365337","78668267569125947496066005238884978044","252384212751535156283453659488152946980","48900025688027896456415923404591389632","114120602491450621347991926703962817643","67307903012137818882275495380397159503","89897472658675236143452021150999547654","167938632520342155642373227594816187385","200021421211481278166022177128394130694"]},"signature_version":"v1","id":"PSF-2021-3-414a823a","source":"https://github.com/python/cpython/commit/916610ef90a0d0761f08747f7b0905541f0977c7","signature_type":"Line","deprecated":false},{"target":{"function":"PyCArg_repr","file":"Modules/_ctypes/callproc.c"},"digest":{"length":1586,"function_hash":"48699501764294426726001893517804823320"},"signature_version":"v1","id":"PSF-2021-3-44e436a1","source":"https://github.com/python/cpython/commit/ece5dfd403dac211f8d3c72701fe7ba7b7aa5b5f","signature_type":"Function","deprecated":false},{"target":{"function":"PyCArg_repr","file":"Modules/_ctypes/callproc.c"},"digest":{"length":1586,"function_hash":"48699501764294426726001893517804823320"},"signature_version":"v1","id":"PSF-2021-3-6877e2ea","source":"https://github.com/python/cpython/commit/916610ef90a0d0761f08747f7b0905541f0977c7","signature_type":"Function","deprecated":false},{"target":{"function":"PyCArg_repr","file":"Modules/_ctypes/callproc.c"},"digest":{"length":1586,"function_hash":"48699501764294426726001893517804823320"},"signature_version":"v1","id":"PSF-2021-3-754eb5e6","source":"https://github.com/python/cpython/commit/c347cbe694743cee120457aa6626712f7799a932","signature_type":"Function","deprecated":false},{"target":{"file":"Modules/_ctypes/callproc.c"},"digest":{"threshold":0.9,"line_hashes":["146841813386207376391544739151106575058","177115410101835897475648867715177370573","111840868461359711955477609877675314317","226015986403830196610105287536327176841","31943601925906011329811716754763988048","141448412175307880451743445131528404578","275609593790839204810254834723360322300","274439000060089632247593199928263739312","135524769389693839566368965974170150700","317712741498745082386031959342710854388","26697299540539411130410480736220001623","304768594592273667418681871239585624348","292900422329381971789120624196670759921","165704011656638112186603239545834692512","97451332192505258917213782126922013472","289053560383778029302959544786268514706","116995527637165631521647199479625494405","295411691583054370411722165324234943415","56846575991751030909970629824601016780","43672902678765331968990633714380902085","73231902918649775164525547501389947192","289253941880028699899401458449970493129","339857575764264273221072918151705932455","60964802071021770683843993491406847455","185611701820738193645505357105120818545","230116684196061449426250341058459893329","183956073363697673512797377825089370185","165213894182692287709475957614410904106","153087117138467504881998010093109678835","336272958189833777155751381994463586012","88515023003675154457288159982111425455","323515569122014699688219750990056754571","120926957480894721624818958219567638374","152865068026187283519904214678477097331","201853363938744172368323877317307597138","149451130326082922058257660966165471847","54584510415640477406558181272224255039","186610162193189343921905041963320636080","71727816483796699685632006672456932734","105018855893142008490331121901257639792","46958789373456020657781330013583195902","304389860082079670233883513662829705424","150316231270823502607029984840648570980","259715960714011669861570758290189555595","182485581653190782723653040600113736141","311558861351614989206607298031762897717","3543512060219023789041215740380688825","252142618139230305775358507882542776070","284765530301044536668281425245399224229","41794440003891290204837731689981315442","203394690402959054554140979860940402739","21279742005836859143148446862874130603","230578157503353657203986442760668293710","121452900402306593314401201136535966727","190729036860954624160105981372236676778","292250639816293776154174441841152260538","319479483684745982472579626252453430927","302444283096374884638713801514811909869","325900917015924859173559724670744683977","249765935825797188795091084691099333740","311704800130922227681962531551706313826","287477864282436254006368596213605744343","220486109866259236387088942968936365337","78668267569125947496066005238884978044","252384212751535156283453659488152946980","48900025688027896456415923404591389632","114120602491450621347991926703962817643","67307903012137818882275495380397159503","89897472658675236143452021150999547654","167938632520342155642373227594816187385","200021421211481278166022177128394130694"]},"signature_version":"v1","id":"PSF-2021-3-7647610d","source":"https://github.com/python/cpython/commit/ece5dfd403dac211f8d3c72701fe7ba7b7aa5b5f","signature_type":"Line","deprecated":false},{"target":{"file":"Modules/_ctypes/callproc.c"},"digest":{"threshold":0.9,"line_hashes":["146841813386207376391544739151106575058","177115410101835897475648867715177370573","111840868461359711955477609877675314317","226015986403830196610105287536327176841","31943601925906011329811716754763988048","141448412175307880451743445131528404578","275609593790839204810254834723360322300","274439000060089632247593199928263739312","135524769389693839566368965974170150700","317712741498745082386031959342710854388","26697299540539411130410480736220001623","304768594592273667418681871239585624348","292900422329381971789120624196670759921","165704011656638112186603239545834692512","97451332192505258917213782126922013472","289053560383778029302959544786268514706","116995527637165631521647199479625494405","295411691583054370411722165324234943415","56846575991751030909970629824601016780","43672902678765331968990633714380902085","73231902918649775164525547501389947192","289253941880028699899401458449970493129","339857575764264273221072918151705932455","60964802071021770683843993491406847455","185611701820738193645505357105120818545","230116684196061449426250341058459893329","183956073363697673512797377825089370185","165213894182692287709475957614410904106","153087117138467504881998010093109678835","336272958189833777155751381994463586012","88515023003675154457288159982111425455","323515569122014699688219750990056754571","120926957480894721624818958219567638374","152865068026187283519904214678477097331","201853363938744172368323877317307597138","149451130326082922058257660966165471847","54584510415640477406558181272224255039","186610162193189343921905041963320636080","71727816483796699685632006672456932734","105018855893142008490331121901257639792","46958789373456020657781330013583195902","304389860082079670233883513662829705424","150316231270823502607029984840648570980","259715960714011669861570758290189555595","182485581653190782723653040600113736141","311558861351614989206607298031762897717","3543512060219023789041215740380688825","252142618139230305775358507882542776070","284765530301044536668281425245399224229","41794440003891290204837731689981315442","203394690402959054554140979860940402739","21279742005836859143148446862874130603","230578157503353657203986442760668293710","121452900402306593314401201136535966727","190729036860954624160105981372236676778","292250639816293776154174441841152260538","319479483684745982472579626252453430927","302444283096374884638713801514811909869","325900917015924859173559724670744683977","261117755095917948414090263975732204827","224194853777163262730740592140033185673","306008721389460870867390619453688092422","202859736383957821759319002634597040987","69014757936064955291767351357113721524","281550148488602862043726673756884282814","53079054406435619761519105708372722937","324837742500132711471914718012600249130","67307903012137818882275495380397159503","89897472658675236143452021150999547654","167938632520342155642373227594816187385","200021421211481278166022177128394130694"]},"signature_version":"v1","id":"PSF-2021-3-95972b65","source":"https://github.com/python/cpython/commit/d9b8f138b7df3b455b54653ca59f491b4840d6fa","signature_type":"Line","deprecated":false},{"target":{"file":"Modules/_ctypes/callproc.c"},"digest":{"threshold":0.9,"line_hashes":["146841813386207376391544739151106575058","177115410101835897475648867715177370573","111840868461359711955477609877675314317","226015986403830196610105287536327176841","31943601925906011329811716754763988048","141448412175307880451743445131528404578","275609593790839204810254834723360322300","274439000060089632247593199928263739312","135524769389693839566368965974170150700","317712741498745082386031959342710854388","26697299540539411130410480736220001623","304768594592273667418681871239585624348","292900422329381971789120624196670759921","165704011656638112186603239545834692512","97451332192505258917213782126922013472","289053560383778029302959544786268514706","116995527637165631521647199479625494405","295411691583054370411722165324234943415","56846575991751030909970629824601016780","43672902678765331968990633714380902085","73231902918649775164525547501389947192","289253941880028699899401458449970493129","339857575764264273221072918151705932455","60964802071021770683843993491406847455","185611701820738193645505357105120818545","230116684196061449426250341058459893329","183956073363697673512797377825089370185","165213894182692287709475957614410904106","153087117138467504881998010093109678835","336272958189833777155751381994463586012","88515023003675154457288159982111425455","323515569122014699688219750990056754571","120926957480894721624818958219567638374","152865068026187283519904214678477097331","201853363938744172368323877317307597138","149451130326082922058257660966165471847","54584510415640477406558181272224255039","186610162193189343921905041963320636080","71727816483796699685632006672456932734","105018855893142008490331121901257639792","46958789373456020657781330013583195902","304389860082079670233883513662829705424","150316231270823502607029984840648570980","259715960714011669861570758290189555595","182485581653190782723653040600113736141","311558861351614989206607298031762897717","3543512060219023789041215740380688825","252142618139230305775358507882542776070","284765530301044536668281425245399224229","41794440003891290204837731689981315442","203394690402959054554140979860940402739","21279742005836859143148446862874130603","230578157503353657203986442760668293710","121452900402306593314401201136535966727","190729036860954624160105981372236676778","292250639816293776154174441841152260538","319479483684745982472579626252453430927","302444283096374884638713801514811909869","325900917015924859173559724670744683977","249765935825797188795091084691099333740","311704800130922227681962531551706313826","287477864282436254006368596213605744343","220486109866259236387088942968936365337","78668267569125947496066005238884978044","252384212751535156283453659488152946980","48900025688027896456415923404591389632","114120602491450621347991926703962817643","67307903012137818882275495380397159503","89897472658675236143452021150999547654","167938632520342155642373227594816187385","200021421211481278166022177128394130694"]},"signature_version":"v1","id":"PSF-2021-3-a95d5952","source":"https://github.com/python/cpython/commit/c347cbe694743cee120457aa6626712f7799a932","signature_type":"Line","deprecated":false},{"target":{"file":"Modules/_ctypes/callproc.c"},"digest":{"threshold":0.9,"line_hashes":["146841813386207376391544739151106575058","177115410101835897475648867715177370573","111840868461359711955477609877675314317","226015986403830196610105287536327176841","31943601925906011329811716754763988048","141448412175307880451743445131528404578","275609593790839204810254834723360322300","274439000060089632247593199928263739312","135524769389693839566368965974170150700","317712741498745082386031959342710854388","26697299540539411130410480736220001623","304768594592273667418681871239585624348","292900422329381971789120624196670759921","165704011656638112186603239545834692512","97451332192505258917213782126922013472","289053560383778029302959544786268514706","116995527637165631521647199479625494405","295411691583054370411722165324234943415","56846575991751030909970629824601016780","43672902678765331968990633714380902085","73231902918649775164525547501389947192","289253941880028699899401458449970493129","339857575764264273221072918151705932455","60964802071021770683843993491406847455","185611701820738193645505357105120818545","230116684196061449426250341058459893329","183956073363697673512797377825089370185","165213894182692287709475957614410904106","153087117138467504881998010093109678835","336272958189833777155751381994463586012","88515023003675154457288159982111425455","323515569122014699688219750990056754571","120926957480894721624818958219567638374","152865068026187283519904214678477097331","201853363938744172368323877317307597138","149451130326082922058257660966165471847","54584510415640477406558181272224255039","186610162193189343921905041963320636080","71727816483796699685632006672456932734","105018855893142008490331121901257639792","46958789373456020657781330013583195902","304389860082079670233883513662829705424","150316231270823502607029984840648570980","259715960714011669861570758290189555595","182485581653190782723653040600113736141","311558861351614989206607298031762897717","3543512060219023789041215740380688825","252142618139230305775358507882542776070","284765530301044536668281425245399224229","41794440003891290204837731689981315442","203394690402959054554140979860940402739","21279742005836859143148446862874130603","230578157503353657203986442760668293710","121452900402306593314401201136535966727","190729036860954624160105981372236676778","292250639816293776154174441841152260538","319479483684745982472579626252453430927","302444283096374884638713801514811909869","325900917015924859173559724670744683977","261117755095917948414090263975732204827","224194853777163262730740592140033185673","306008721389460870867390619453688092422","202859736383957821759319002634597040987","69014757936064955291767351357113721524","281550148488602862043726673756884282814","53079054406435619761519105708372722937","324837742500132711471914718012600249130","67307903012137818882275495380397159503","89897472658675236143452021150999547654","167938632520342155642373227594816187385","200021421211481278166022177128394130694"]},"signature_version":"v1","id":"PSF-2021-3-b9a83cc3","source":"https://github.com/python/cpython/commit/34df10a9a16b38d54421eeeaf73ec89828563be7","signature_type":"Line","deprecated":false},{"target":{"function":"PyCArg_repr","file":"Modules/_ctypes/callproc.c"},"digest":{"length":1562,"function_hash":"269827137431301017895595727382632663049"},"signature_version":"v1","id":"PSF-2021-3-daf44a5a","source":"https://github.com/python/cpython/commit/d9b8f138b7df3b455b54653ca59f491b4840d6fa","signature_type":"Function","deprecated":false}]}}],"schema_version":"1.7.3"}