Skip to content

Possible resource exhaustation of expandvars in Tools/freeze/checkextensions.py #136073

New issue
New issue
Open
Open
Possible resource exhaustation of expandvars in Tools/freeze/checkextensions.py#136073
Labels
3.13bugs and security fixes3.14bugs and security fixes3.15new features, bugs and security fixestriagedThe issue has been accepted as valid by a triager.type-bugAn unexpected behavior, bug, or error
@kexinoh

Description

@kexinoh
kexinoh
opened on Jun 28, 2025

Bug Description:
The code will re-scan the newly generated content after replacing the variable. If a variable is defined to contain itself (i.e., a recursive definition), this process will fall into infinite recursion.

This recursion can lead to two forms of attacks: one is to cause an infinite loop and deplete CPU resources, and the other is to cause the string to grow infinitely and deplete memory resources. The final result will all lead to the application crashing or being unresponsive.

Vulnerability Locations :
1.

cpython/Tools/freeze/checkextensions.py

Line 72 in e64395e

def expandvars(str, vars):

Repair Status:
None

Common Information:

  • CPython Version: main branch
  • Operating System: Linux
  • Credits: Finder is kexinoh (Xiangfan Wu) from QI-ANXIN Technology Research Institute.

Linked PRs

Metadata

Metadata

Assignees

No one assigned

    Labels

    3.13bugs and security fixes3.14bugs and security fixes3.15new features, bugs and security fixestriagedThe issue has been accepted as valid by a triager.type-bugAn unexpected behavior, bug, or error

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions