.. _multiple-integer-overflows-google:

Multiple integer overflows (Google)
===================================

.. warning::
    This resource is maintained for historical reference and **does not contain the latest vulnerability info for Python**.

    The `canonical database for vulnerabilities affecting Python <https://github.com/psf/advisory-database>`_ is available on GitHub
    in the Open Source Vulnerability (OSV) format. This vulnerability can be viewed online at the
    `Open Source Vulnerability Database <https://osv.dev/list?ecosystem=&q=CVE-2008-3143>`_.

Multiple integer overflows in Python before 2.5.2 might allow
context-dependent attackers to have an unknown impact via vectors related
to:

* ``Include/pymem.h``
* ``Modules/``:

  - ``_csv.c``
  - ``_struct.c``
  - ``arraymodule.c``
  - ``audioop.c``
  - ``binascii.c``
  - ``cPickle.c``
  - ``cStringIO.c``
  - ``datetimemodule.c``
  - ``md5.c``
  - ``rgbimgmodule.c``
  - ``stropmodule.c``

* ``Modules/cjkcodecs/multibytecodec.c``
* ``Objects/``:

  - ``bufferobject.c``
  - ``listobject.c``
  - ``obmalloc.c``

* ``Parser/node.c``
* ``Python/``:

  - ``asdl.c``
  - ``ast.c``
  - ``bltinmodule.c``
  - ``compile``

as addressed by "checks for integer overflows, contributed by Google."

Dates:

* Disclosure date: **2008-04-11** (Python issue bpo-2620 reported)

Fixed In
--------

* Python **2.5.3** (2008-12-19) fixed by `commit 83ac014 (branch 2.5) <https://github.com/python/cpython/commit/83ac0144fa3041556aa4f3952ebd979e0189a19c>`_ (2008-07-28)
* Python **2.6.0** (2008-10-01) fixed by `commit 0470bab (branch 2.6) <https://github.com/python/cpython/commit/0470bab69783c13447cb634fa403ef1067fe56d1>`_ (2008-07-22)
* Python **3.0.0** (2008-12-03) fixed by `commit d492ad8 (branch 3.1) <https://github.com/python/cpython/commit/d492ad80c872d264ed46bec71e31a00f174ac819>`_ (2008-07-23)

Python issue
------------

Multiple buffer overflows in unicode processing.

* Python issue: `bpo-2620 <https://bugs.python.org/issue2620>`_
* Creation date: 2008-04-11
* Reporter: Justin Ferguson

CVE-2008-3143
-------------

Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google."

* CVE ID: `CVE-2008-3143 <https://nvd.nist.gov/vuln/detail/CVE-2008-3143/>`_
* Published: 2008-08-01
* `CVSS Score <https://nvd.nist.gov/cvss.cfm>`_: 7.5

Timeline
--------

Timeline using the disclosure date **2008-04-11** as reference:

* 2008-04-11: `Python issue bpo-2620 <https://bugs.python.org/issue2620>`_ reported by Justin Ferguson
* 2008-07-22 (**+102 days**): `commit 0470bab (branch 2.6) <https://github.com/python/cpython/commit/0470bab69783c13447cb634fa403ef1067fe56d1>`_
* 2008-07-23 (**+103 days**): `commit d492ad8 (branch 3.1) <https://github.com/python/cpython/commit/d492ad80c872d264ed46bec71e31a00f174ac819>`_
* 2008-07-28 (**+108 days**): `commit 83ac014 (branch 2.5) <https://github.com/python/cpython/commit/83ac0144fa3041556aa4f3952ebd979e0189a19c>`_
* 2008-08-01 (**+112 days**): CVE-2008-3143 published
* 2008-10-01: Python 2.6.0 released
* 2008-12-03: Python 3.0.0 released
* 2008-12-19 (**+252 days**): Python 2.5.3 released