Crash report
What happened?
Turns out the first issue was found independently in December 2025 and March 2026 by security researchers, but it isn't considered a security issue. Our OSS Fuzz fuzzer later found a second issue, #492245058.
(See the PR for testcases.)
>>> import _zoneinfo
>>> with open("tzif_invalid_trans_idx", "rb") as f:
... _zoneinfo.ZoneInfo.from_file(f)
...
python: ./Modules/_zoneinfo.c:1152: load_data: Assertion `ttinfo_idx < self->num_ttinfos' failed.
Aborted (core dumped) /home/stan/dev/cpython/python>>> import _zoneinfo
>>> with open("tzif_invalid_lookahead", "rb") as f:
... _zoneinfo.ZoneInfo.from_file(f)
...
Segmentation fault (core dumped) /home/stan/dev/cpython/pythonI have a patch that fixes both at hand.
CPython versions tested on:
CPython main branch
Operating systems tested on:
No response
Output from running 'python -VV' on the command line:
No response
Linked PRs
Crash report
What happened?
Turns out the first issue was found independently in December 2025 and March 2026 by security researchers, but it isn't considered a security issue. Our OSS Fuzz fuzzer later found a second issue, #492245058.
(See the PR for testcases.)
I have a patch that fixes both at hand.
CPython versions tested on:
CPython main branch
Operating systems tested on:
No response
Output from running 'python -VV' on the command line:
No response
Linked PRs
_zoneinfo#145885_zoneinfo(GH-145885) #148086_zoneinfo(GH-145885) #148087