subject:"\[issue1298813\] sysmodule.c\: realpath\(\) is unsafe"

[issue1298813] sysmodule.c: realpath() is unsafe

2016-09-08 Thread Christian Heimes


Christian Heimes added the comment:

Victor, #12801 was closed. What about this ticket?

--
status: open -> pending

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2014-02-03 Thread Mark Lawrence


Changes by Mark Lawrence breamore...@yahoo.co.uk:


--
nosy:  -BreamoreBoy

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2014-02-03 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy: +Arfrever

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2013-07-05 Thread Christian Heimes


Changes by Christian Heimes li...@cheimes.de:


--
nosy: +christian.heimes
versions: +Python 3.4

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2011-08-24 Thread STINNER Victor


STINNER Victor victor.stin...@haypocalc.com added the comment:

See issue #12801: it has a more recent patch.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2011-08-21 Thread Éric Araujo


Changes by Éric Araujo mer...@netwok.org:


--
versions:  -Python 2.6, Python 3.1

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2011-08-21 Thread Mihai Ibanescu


Mihai Ibanescu mihai.ibane...@gmail.com added the comment:

It's a real shame the original patch was not applied before py3k was branched, 
the code is now different.

Antoine, my autoconf knowledge is limited, I don't know how you'd test for 
realpath accepting a NULL argument (and doing the right thing) at compile time.

My involvement with this bug is fairly limited at this point, I would like to 
see it fixed, but having seen no movement on it for almost 6 years now, maybe 
it's not as critical as I thought it was.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2011-08-20 Thread Antoine Pitrou


Antoine Pitrou pit...@free.fr added the comment:

The latest POSIX versions (*) allow NULL to be passed for the target memory 
area, meaning that realpath() will allocate as much memory as necessary by 
itself. This essentially does the same thing as canonicalize_file_name(), but 
in a standard way rather than by relying on a GNU extension.

I suppose that possibility could be checked at configure time.

(*) http://pubs.opengroup.org/onlinepubs/9699919799/functions/realpath.html

--
nosy: +pitrou
stage: test needed - needs patch
versions: +Python 3.3

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2010-08-21 Thread Mark Lawrence


Mark Lawrence breamore...@yahoo.co.uk added the comment:

Surely this security issue should be addressed?

--
nosy: +BreamoreBoy

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2010-08-21 Thread Éric Araujo


Changes by Éric Araujo mer...@netwok.org:


--
versions: +Python 2.7, Python 3.2 -Python 3.0

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2009-06-22 Thread jan matejek


Changes by jan matejek jmate...@suse.cz:


--
nosy: +matejcik

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2009-05-08 Thread Mihai Ibanescu


Mihai Ibanescu mihai.ibane...@gmail.com added the comment:

Disclaimer: this bug is more than 3 years old, I don't remember all the
details.

Victor, solely reading the patch I see:

+#ifdef HAVE_CANONICALIZE_FILE_NAME
+   free(argv0);
+#endif /* HAVE_CANONICALIZE_FILE_NAME */

so argv0 (the string where the results of canonicalize_file_name() is
stored) should be freed.

Is there another branch that does not hit this code, that would create
the memory leak?

--
nosy: +mibanescu

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2009-05-03 Thread STINNER Victor


STINNER Victor victor.stin...@haypocalc.com added the comment:

The patch introduces a memory leak, canonicalize_file_name() returns a 
new allocated string which is not freed later.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2009-04-25 Thread Daniel Diniz


Daniel Diniz aja...@gmail.com added the comment:

See http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-1542

--
nosy: +ajaksu2, haypo
stage:  - test needed
versions: +Python 2.6, Python 3.0, Python 3.1 -Python 2.5

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue1298813
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

2008-01-11 Thread A.M. Kuchling


Changes by A.M. Kuchling:


--
type:  - security

_
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue1298813
_
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

[issue1298813] sysmodule.c: realpath() is unsafe

15 matches

Site Navigation

Mail list logo

Footer information