Memory Safety Issue in marshal.c TYPE_SLICE Case · Issue #136053 · python/cpython · GitHub | Latest TMZ Celebrity News & Gossip | Watch TMZ Live
Skip to content

Memory Safety Issue in marshal.c TYPE_SLICE Case #136053

New issue
New issue
Closed
Closed
Memory Safety Issue in marshal.c TYPE_SLICE Case#136053
Labels
3.14bugs and security fixes3.15new features, bugs and security fixesextension-modulesC modules in the Modules dirtype-bugAn unexpected behavior, bug, or error
@akshat62

Description

@akshat62
akshat62
opened on Jun 27, 2025

Bug report

Bug description:

Description

Location: Python/marshal.c, function r_object(), TYPE_SLICE case

Issue: The code didn't validate the return value of r_ref_reserve() before passing it to r_ref_insert(). If r_ref_reserve() fails and returns -1, this would cause an out-of-bounds memory access when r_ref_insert() tries to access p->refs[-1].

Root Cause: Inconsistent error handling compared to other similar cases in the same file (e.g., TYPE_CODE and TYPE_FROZENSET properly check for r_ref_reserve() failure).

Impact

  • Security: Potential memory corruption vulnerability exploitable via crafted marshal data
  • Stability: Could cause crashes when deserializing slice objects in error conditions
  • Scope: Affects applications using the marshal module to deserialize untrusted data

CPython versions tested on:

CPython main branch

Operating systems tested on:

Linux

Linked PRs

Metadata

Metadata

Assignees

No one assigned

    Labels

    3.14bugs and security fixes3.15new features, bugs and security fixesextension-modulesC modules in the Modules dirtype-bugAn unexpected behavior, bug, or error

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      TMZ Celebrity News – Breaking Stories, Videos & Gossip

      Looking for the latest TMZ celebrity news? You've come to the right place. From shocking Hollywood scandals to exclusive videos, TMZ delivers it all in real time.

      Whether it’s a red carpet slip-up, a viral paparazzi moment, or a legal drama involving your favorite stars, TMZ news is always first to break the story. Stay in the loop with daily updates, insider tips, and jaw-dropping photos.

      🎥 Watch TMZ Live

      TMZ Live brings you daily celebrity news and interviews straight from the TMZ newsroom. Don’t miss a beat—watch now and see what’s trending in Hollywood.