[New-bugs-announce] [issue23875] Incorrect argument parsing in _ssl

Serhiy Storchaka report at bugs.python.org
Mon Apr 6 14:01:52 CEST 2015

New submission from Serhiy Storchaka:

Argument parsing code for functions _ssl.enum_certificates() and _ssl.enum_crls() look not correct. 

    if (!PyArg_ParseTupleAndKeywords(args, kwds, "s|s:enum_certificates",
                                     kwlist, &store_name)) {
        return NULL;

The format contains codes for two string arguments. But only one address (&store_name) is passed. And kwlist contains only one member, "store_name".

These functions are provided only on Windows, so I can't check what happen if call them with two string arguments. May be crash or memory corruption.

components: Extension Modules
messages: 240151
nosy: alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, serhiy.storchaka
priority: normal
severity: normal
status: open
title: Incorrect argument parsing in _ssl
type: behavior
versions: Python 3.5

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list