[New-bugs-announce] [issue1950] Potential Overflow due to incorrect usage of PyUnicode_AsString.

Alexandre Vassalotti report at bugs.python.org
Sun Jan 27 23:44:55 CET 2008


New submission from Alexandre Vassalotti:

I have found a few instances of the following pattern in Py3k: 

   char buf[MAX];
   len = PyUnicode_GET_SIZE(str);
   if (len >= MAX)
       /* return error */
   strcpy(buf, PyUnicode_AsString(str));

which could overflow if str contains non-ASCII characters. These were
probably introduced during the PyString -> PyUnicode transition. Anyway,
I got a patch that fixes (hopefully) most of these bugs.

----------
assignee: alexandre.vassalotti
components: Interpreter Core
files: unicode_string_overflow.patch
keywords: patch
messages: 61753
nosy: alexandre.vassalotti
priority: normal
severity: normal
status: open
title: Potential Overflow due to incorrect usage of PyUnicode_AsString.
type: security
versions: Python 3.0
Added file: http://bugs.python.org/file9303/unicode_string_overflow.patch

__________________________________
Tracker <report at bugs.python.org>
<http://bugs.python.org/issue1950>
__________________________________


More information about the New-bugs-announce mailing list