[issue46280] About vulnerabilities in Cpython native code
Raymond Hettinger
report at bugs.python.org
Thu Jan 6 14:50:14 EST 2022
Raymond Hettinger <raymond.hettinger at gmail.com> added the comment:
#324 and #325 are false positives. The result variable is initialized in the preceding lines:
if (len_a == length) {
left = *((volatile const unsigned char**)&a);
result = 0;
}
if (len_a != length) {
left = b;
result = 1;
}
While the code is correct, the second test should be changed to "else".
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue46280>
_______________________________________
More information about the Python-bugs-list
mailing list