Null pointer dereference with corrupt database file in MODE_MMAP_EXT

[risicle]

Linux, python 3.7, maxminddb 1.5.2, libmaxminddb 1.4.2.

Given the corrupt database files np00.gz or np01.gz (uncompressed obviously)

And the example code:

>>> reader = maxminddb.open_database("./np00")
>>> reader.get_with_prefix_len("163.254.149.39")

this will produce a null pointer dereference, in the first case when Reader_get_with_prefix_len tries to Py_DECREF a null record. In the second case, from_map tries to PyDict_SetItem at maxminddb.c:538 with a null key, leading to a read from 0x8.

[oschwald]

Thanks so much for reporting this. I've fixed in in #59 and I have added np01.gz to the bad data test cases in https://github.com/maxmind/MaxMind-DB.

[oschwald]

1.5.3 was released with this fix.