[Python-checkins] cpython (2.7): Issue #27897: Fixed possible crash in sqlite3.Connection.create_collation()
serhiy.storchaka
python-checkins at python.org
Sat Oct 1 01:25:23 EDT 2016
https://hg.python.org/cpython/rev/38e954a2a37e
changeset: 104212:38e954a2a37e
branch: 2.7
parent: 104187:ce57a74b5223
user: Serhiy Storchaka <storchaka at gmail.com>
date: Sat Oct 01 08:24:55 2016 +0300
summary:
Issue #27897: Fixed possible crash in sqlite3.Connection.create_collation()
if pass invalid string-like object as a name. Original patch by Xiang Zhang.
files:
Misc/NEWS | 3 +++
Modules/_sqlite/connection.c | 8 +++++---
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -44,6 +44,9 @@
Library
-------
+- Issue #27897: Fixed possible crash in sqlite3.Connection.create_collation()
+ if pass invalid string-like object as a name. Original patch by Xiang Zhang.
+
- Issue #1703178: Fix the ability to pass the --link-objects option to the
distutils build_ext command.
diff --git a/Modules/_sqlite/connection.c b/Modules/_sqlite/connection.c
--- a/Modules/_sqlite/connection.c
+++ b/Modules/_sqlite/connection.c
@@ -1476,16 +1476,18 @@
goto finally;
}
- if (!PyArg_ParseTuple(args, "O!O:create_collation(name, callback)", &PyString_Type, &name, &callable)) {
+ if (!PyArg_ParseTuple(args, "SO:create_collation(name, callback)",
+ &name, &callable)) {
goto finally;
}
- uppercase_name = PyObject_CallMethod(name, "upper", "");
+ uppercase_name = PyObject_CallMethod((PyObject *)&PyString_Type,
+ "upper", "O", name);
if (!uppercase_name) {
goto finally;
}
- chk = PyString_AsString(uppercase_name);
+ chk = PyString_AS_STRING(uppercase_name);
while (*chk) {
if ((*chk >= '0' && *chk <= '9')
|| (*chk >= 'A' && *chk <= 'Z')
--
Repository URL: https://hg.python.org/cpython
More information about the Python-checkins
mailing list