[3.12] gh-120384: Fix array-out-of-bounds crash in `list_ass_subscript` (GH-120442) by miss-islington · Pull Request #120825 · python/cpython

miss-islington · 2024-06-21T10:49:52Z

(cherry picked from commit 8334a1b)

Co-authored-by: Nikita Sobolev mail@sobolevn.me

Issue: Array out of bounds assignment in list_ass_subscript #120384

pythonGH-120442) (cherry picked from commit 8334a1b) Co-authored-by: Nikita Sobolev <mail@sobolevn.me>

miss-islington-app · 2024-07-03T18:12:24Z

Thanks @miss-islington for the PR, and @sobolevn for merging it 🌮🎉.. I'm working now to backport this PR to: 3.9.
🐍🍒⛏🤖

miss-islington-app · 2024-07-03T18:12:24Z

Thanks @miss-islington for the PR, and @sobolevn for merging it 🌮🎉.. I'm working now to backport this PR to: 3.10.
🐍🍒⛏🤖

miss-islington-app · 2024-07-03T18:12:24Z

Thanks @miss-islington for the PR, and @sobolevn for merging it 🌮🎉.. I'm working now to backport this PR to: 3.8.
🐍🍒⛏🤖

miss-islington-app · 2024-07-03T18:12:25Z

Thanks @miss-islington for the PR, and @sobolevn for merging it 🌮🎉.. I'm working now to backport this PR to: 3.11.
🐍🍒⛏🤖

miss-islington-app · 2024-07-03T18:12:28Z

Sorry, @miss-islington and @sobolevn, I could not cleanly backport this to 3.9 due to a conflict.
Please backport using cherry_picker on command line.

cherry_picker d75eddcf36986ae971f42fd516f737169081e182 3.9

miss-islington-app · 2024-07-03T18:12:47Z

Sorry, @miss-islington and @sobolevn, I could not cleanly backport this to 3.8 due to a conflict.
Please backport using cherry_picker on command line.

cherry_picker d75eddcf36986ae971f42fd516f737169081e182 3.8

miss-islington-app · 2024-07-03T18:13:06Z

Sorry, @miss-islington and @sobolevn, I could not cleanly backport this to 3.10 due to a conflict.
Please backport using cherry_picker on command line.

cherry_picker d75eddcf36986ae971f42fd516f737169081e182 3.10

miss-islington-app · 2024-07-03T18:13:24Z

Sorry, @miss-islington and @sobolevn, I could not cleanly backport this to 3.11 due to a conflict.
Please backport using cherry_picker on command line.

cherry_picker d75eddcf36986ae971f42fd516f737169081e182 3.11

gpshead · 2024-07-03T18:14:37Z

I'm exploring the feasibility of backports as, while we don't as a project consider the ability to execute arbitrary code when executing Python bytecode a security problem - because arbitrary code is just that. There are projects that'd benefit from this bugfix being in place from a security standpoint. It looks like it'll require some hand-holding to backport.

pythonGH-120442) (python#120825) pythongh-120384: Fix array-out-of-bounds crash in `list_ass_subscript` (pythonGH-120442) (cherry picked from commit 8334a1b) Co-authored-by: Nikita Sobolev <mail@sobolevn.me>

sobolevn · 2024-07-03T20:34:22Z

@gpshead do you want me to do that? :)
I can, but a bit later. I am on vacation for several days.

gpshead · 2024-07-03T21:05:43Z

No need, I've already created #121345 for that. I'll let the 3.11 and earlier release managers decide if they want it.

serhiy-storchaka · 2025-08-14T21:08:17Z

Reminder about backporting. @sobolevn

sobolevn · 2025-08-14T21:42:59Z

@serhiy-storchaka, sorry, what backport are you talking about? :)

serhiy-storchaka · 2025-08-14T21:49:28Z

There are labels.

pythongh-120384: Fix array-out-of-bounds crash in list_ass_subscript (

4ebb158

pythonGH-120442) (cherry picked from commit 8334a1b) Co-authored-by: Nikita Sobolev <mail@sobolevn.me>

This was referenced Jun 21, 2024

Array out of bounds assignment in list_ass_subscript #120384

Closed

gh-120384: Fix array-out-of-bounds crash in list_ass_subscript #120442

Merged

bedevere-app bot added the awaiting review label Jun 21, 2024

sobolevn approved these changes Jun 21, 2024

View reviewed changes

bedevere-app bot added awaiting merge and removed awaiting review labels Jun 21, 2024

sobolevn enabled auto-merge (squash) June 21, 2024 10:51

sobolevn merged commit d75eddc into python:3.12 Jun 21, 2024

bedevere-app bot removed the awaiting merge label Jun 21, 2024

gpshead added needs backport to 3.8 needs backport to 3.10 only security fixes needs backport to 3.11 only security fixes labels Jul 3, 2024

miss-islington-app bot assigned sobolevn Jul 3, 2024

gpshead removed needs backport to 3.9 needs backport to 3.10 only security fixes needs backport to 3.11 only security fixes labels Aug 17, 2025

miss-islington deleted the backport-8334a1b-3.12 branch January 2, 2026 17:54

Uh oh!

Conversation

miss-islington commented Jun 21, 2024 • edited by bedevere-app bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

miss-islington-app bot commented Jul 3, 2024

Uh oh!

miss-islington-app bot commented Jul 3, 2024

Uh oh!

miss-islington-app bot commented Jul 3, 2024

Uh oh!

miss-islington-app bot commented Jul 3, 2024

Uh oh!

miss-islington-app bot commented Jul 3, 2024

Uh oh!

miss-islington-app bot commented Jul 3, 2024

Uh oh!

miss-islington-app bot commented Jul 3, 2024

Uh oh!

miss-islington-app bot commented Jul 3, 2024

Uh oh!

gpshead commented Jul 3, 2024

Uh oh!

sobolevn commented Jul 3, 2024

Uh oh!

gpshead commented Jul 3, 2024

Uh oh!

serhiy-storchaka commented Aug 14, 2025

Uh oh!

sobolevn commented Aug 14, 2025

Uh oh!

serhiy-storchaka commented Aug 14, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

miss-islington commented Jun 21, 2024 •

edited by bedevere-app bot

Loading