/python26/Lib/test/crashers/bogus_sre_bytecode.py
Python | 47 lines | 46 code | 0 blank | 1 comment | 0 complexity | b979c989fdddcb7162bb904b5c24f680 MD5 | raw file
Possible License(s): BSD-3-Clause
- """
- The regular expression engine in '_sre' can segfault when interpreting
- bogus bytecode.
-
- It is unclear whether this is a real bug or a "won't fix" case like
- bogus_code_obj.py, because it requires bytecode that is built by hand,
- as opposed to compiled by 're' from a string-source regexp. The
- difference with bogus_code_obj, though, is that the only existing regexp
- compiler is written in Python, so that the C code has no choice but
- accept arbitrary bytecode from Python-level.
-
- The test below builds and runs random bytecodes until 'match' crashes
- Python. I have not investigated why exactly segfaults occur nor how
- hard they would be to fix. Here are a few examples of 'code' that
- segfault for me:
-
- [21, 50814, 8, 29, 16]
- [21, 3967, 26, 10, 23, 54113]
- [29, 23, 0, 2, 5]
- [31, 64351, 0, 28, 3, 22281, 20, 4463, 9, 25, 59154, 15245, 2,
- 16343, 3, 11600, 24380, 10, 37556, 10, 31, 15, 31]
-
- Here is also a 'code' that triggers an infinite uninterruptible loop:
-
- [29, 1, 8, 21, 1, 43083, 6]
-
- """
-
- import _sre, random
-
- def pick():
- n = random.randrange(-65536, 65536)
- if n < 0:
- n &= 31
- return n
-
- ss = ["", "world", "x" * 500]
-
- while 1:
- code = [pick() for i in range(random.randrange(5, 25))]
- print code
- pat = _sre.compile(None, 0, code)
- for s in ss:
- try:
- pat.match(s)
- except RuntimeError:
- pass