[Bug 2091865] Re: Invalid null-pointer dereference in TagSection.keys()
Sudhakar Verma
2091865 at bugs.launchpad.net
Tue Dec 9 09:40:53 UTC 2025
The USN is out - @juliank will you handle the debian side or should I
raise a PR to https://salsa.debian.org/apt-team/python-apt/
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to python-apt in Ubuntu.
https://bugs.launchpad.net/bugs/2091865
Title:
Invalid null-pointer dereference in TagSection.keys()
Status in python-apt package in Ubuntu:
Fix Released
Bug description:
[Impact]
deb822 files with non-Unicode keys cause a NULL value to be generated and subsequently passed to PyList_Append() and Py_DECREF(), the latter than trying to dereference it and causing a segmentation fault.
This is causing process-upload to crash on broken uploads.
[Test plan]
The unit tests are run at build time, as well as during autopkgtests.
To reproduce the issue, the following test case is added:
+ def test_invalid_unicode_key(self):
+ ts = apt_pkg.TagSection(b"T\xc3st: Value\n", bytes=True)
+ self.assertEqual(len(ts), 1)
+ self.assertRaises(UnicodeDecodeError, ts.keys)
`T\xc3st` is `Tést` = `T\xc3\xa9st` with the continuation byte
removed, causing a UnicodeDecodeError.
[Where problems could occur]
The `.keys()` function can now raise the `UnicodeDecodeError` exception (or other exceptions from PyString_FromStringAndSize). It should have always crashed in those conditions before (they always resulted in NULL pointer dereference), but it's worth pointing out.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-apt/+bug/2091865/+subscriptions
More information about the foundations-bugs
mailing list