10

So I just noticed this, and after some experimentation, I managed to make it reproducible. I didn't see this posted anywhere. Python seems to be reading past the end of files in certain circumstances.

I'm using Python 2.7.12

f = open('test', 'wb')
f.write('this is a test')
f.close()

Right now, "test" is a 14 byte file with the text "this is a test".

f = open('test', 'rb+')
f.write('abcd')
x = f.read(1024*1024)
f.close()

Now "test" is a 4110 byte file, with this sort of content https://i.stack.imgur.com/xuBrn.png

Is this a bug? Is this a security risk?

Daffy
  • 841
  • 9
  • 23
  • 2
    Python 2 uses the platform [`fopen()`](http://www.skrenta.com/rt/man/fopen.3.html) (POSIX) or [`_wfopen()`](https://msdn.microsoft.com/en-us/library/yeby3zcb.aspx) (Windows) call, so any issues with file boundaries are platform specific. Your issue *can't be reproduced on Linux or OS X*; presumably you are using Windows then? It is probably *not* a Python issue. – Martijn Pieters Apr 21 '17 at 08:56
  • According to https://linux.die.net/man/3/fopen, "Note that ANSI C requires that a file positioning function intervene between output and input...." – Mark Tolonen Apr 23 '17 at 11:18

0 Answers0