RUSTSEC-2025-0020

Risk of buffer overflow in PyString::from_object

Reported

April 1, 2025

Issued

April 1, 2025

Package

pyo3 (crates.io)

Type

Vulnerability

Categories

memory-exposure

Keywords

#buffer-overflow

References

https://github.com/PyO3/pyo3/issues/5005

Patched

>=0.24.1

Affected Functions

Version

pyo3::types::PyString::from_object

<0.24.1

pyo3::types::PyString::from_object_bound

<0.24.1
>=0.21.0

Description

PyString::from_object took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read (by raising a Python exception containing a copy of the data including the overflow).

In PyO3 0.24.1 this function will now allocate a CString to guarantee a terminating nul bytes. PyO3 0.25 will likely offer an alternative API which takes &CStr arguments.

Advisory available under CC0-1.0 license.