Internet Bug Bounty: Unsafe arithmetic in PyString_DecodeEscape

I have submitted a vulnerability that has now been fixed. The report includes a proof of concept that demonstrates reliable heap corruption through integer overflow. I also submitted a patch which was accepted and merged. https://bugs.python.org/issue30657 --- In Python 2.7, there is a possible...

python -- possible integer overflow vulnerability

Python issue: There is a possible integer overflow in PyStringDecodeEscape function of the file stringobject.c, which can be abused to gain a heap overflow, possibly leading to arbitrary code execution...