[issue1950] Potential Overflow due to incorrect usage of PyUnicode_AsString.
Alexandre Vassalotti
report at bugs.python.org
Sun Jan 27 23:44:55 CET 2008
New submission from Alexandre Vassalotti:
I have found a few instances of the following pattern in Py3k:
char buf[MAX];
len = PyUnicode_GET_SIZE(str);
if (len >= MAX)
/* return error */
strcpy(buf, PyUnicode_AsString(str));
which could overflow if str contains non-ASCII characters. These were
probably introduced during the PyString -> PyUnicode transition. Anyway,
I got a patch that fixes (hopefully) most of these bugs.
----------
assignee: alexandre.vassalotti
components: Interpreter Core
files: unicode_string_overflow.patch
keywords: patch
messages: 61753
nosy: alexandre.vassalotti
priority: normal
severity: normal
status: open
title: Potential Overflow due to incorrect usage of PyUnicode_AsString.
type: security
versions: Python 3.0
Added file: http://bugs.python.org/file9303/unicode_string_overflow.patch
__________________________________
Tracker <report at bugs.python.org>
<http://bugs.python.org/issue1950>
__________________________________
More information about the Python-bugs-list
mailing list