[Python-checkins] r52170 - python/branches/release24-maint/Modules/_bsddb.c
andrew.kuchling
python-checkins at python.org
Thu Oct 5 20:49:36 CEST 2006
Author: andrew.kuchling
Date: Thu Oct 5 20:49:36 2006
New Revision: 52170
Modified:
python/branches/release24-maint/Modules/_bsddb.c
Log:
[Backport r50783 | neal.norwitz. The bytes_left code is complicated,
but looks correct on a casual inspection and hasn't been modified
in the trunk. Does anyone want to review further?]
Ensure we don't write beyond errText. I think I got this right, but
it definitely could use some review to ensure I'm not off by one
and there's no possible overflow/wrap-around of bytes_left.
Reported by Klocwork #1.
Fix a problem if there is a failure allocating self->db.
Found with failmalloc.
Modified: python/branches/release24-maint/Modules/_bsddb.c
==============================================================================
--- python/branches/release24-maint/Modules/_bsddb.c (original)
+++ python/branches/release24-maint/Modules/_bsddb.c Thu Oct 5 20:49:36 2006
@@ -505,6 +505,7 @@
PyObject *errObj = NULL;
PyObject *errTuple = NULL;
int exceptionRaised = 0;
+ unsigned int bytes_left;
switch (err) {
case 0: /* successful, no error */ break;
@@ -512,12 +513,15 @@
#if (DBVER < 41)
case DB_INCOMPLETE:
#if INCOMPLETE_IS_WARNING
- our_strlcpy(errTxt, db_strerror(err), sizeof(errTxt));
- if (_db_errmsg[0]) {
+ bytes_left = our_strlcpy(errTxt, db_strerror(err), sizeof(errTxt));
+ /* Ensure that bytes_left never goes negative */
+ if (_db_errmsg[0] && bytes_left < (sizeof(errTxt) - 4)) {
+ bytes_left = sizeof(errTxt) - bytes_left - 4 - 1;
+ assert(bytes_left >= 0);
strcat(errTxt, " -- ");
- strcat(errTxt, _db_errmsg);
- _db_errmsg[0] = 0;
+ strncat(errTxt, _db_errmsg, bytes_left);
}
+ _db_errmsg[0] = 0;
#ifdef HAVE_WARNINGS
exceptionRaised = PyErr_Warn(PyExc_RuntimeWarning, errTxt);
#else
@@ -565,12 +569,15 @@
}
if (errObj != NULL) {
- our_strlcpy(errTxt, db_strerror(err), sizeof(errTxt));
- if (_db_errmsg[0]) {
+ bytes_left = our_strlcpy(errTxt, db_strerror(err), sizeof(errTxt));
+ /* Ensure that bytes_left never goes negative */
+ if (_db_errmsg[0] && bytes_left < (sizeof(errTxt) - 4)) {
+ bytes_left = sizeof(errTxt) - bytes_left - 4 - 1;
+ assert(bytes_left >= 0);
strcat(errTxt, " -- ");
- strcat(errTxt, _db_errmsg);
- _db_errmsg[0] = 0;
+ strncat(errTxt, _db_errmsg, bytes_left);
}
+ _db_errmsg[0] = 0;
errTuple = Py_BuildValue("(is)", err, errTxt);
PyErr_SetObject(errObj, errTuple);
@@ -763,10 +770,12 @@
MYDB_BEGIN_ALLOW_THREADS;
err = db_create(&self->db, db_env, flags);
- self->db->set_errcall(self->db, _db_errorCallback);
+ if (self->db != NULL) {
+ self->db->set_errcall(self->db, _db_errorCallback);
#if (DBVER >= 33)
- self->db->app_private = (void*)self;
+ self->db->app_private = (void*)self;
#endif
+ }
MYDB_END_ALLOW_THREADS;
/* TODO add a weakref(self) to the self->myenvobj->open_child_weakrefs
* list so that a DBEnv can refuse to close without aborting any open
More information about the Python-checkins
mailing list