New submission from Alexandre Vassalotti:
I have found a few instances of the following pattern in Py3k:
char buf[MAX];
len = PyUnicode_GET_SIZE(str);
if (len >= MAX)
/* return error */
strcpy(buf, PyUnicode_AsString(str));
which could overflow if str contains non-ASCII characters. These were
probably introduced during the PyString -> PyUnicode transition. Anyway,
I got a patch that fixes (hopefully) most of these bugs.
----------
assignee: alexandre.vassalotti
components: Interpreter Core
files: unicode_string_overflow.patch
keywords: patch
messages: 61753
nosy: alexandre.vassalotti
priority: normal
severity: normal
status: open
title: Potential Overflow due to incorrect usage of PyUnicode_AsString.
type: security
versions: Python 3.0
Added file: http://bugs.python.org/file9303/unicode_string_overflow.patch
__________________________________
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1950>
__________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
