The ascii_escape_str and ascii_escape_unicode functions in Python 2.7 have hitherto been prone to a heap corruption vulnerability. Various paths towards these functions and triggering their the vulnerability exist, one of which is encoding a dict object with a very large key:
python -c 'import json;json.dumps({chr(0x22)*0x2AAAAAAB:0})'
A fix has been implemented: https://hg.python.org/cpython/rev/9375c8834448
Guido Vranken 