[New-bugs-announce] [issue23875] Incorrect argument parsing in _ssl

Serhiy Storchaka report at bugs.python.org
Mon Apr 6 14:01:52 CEST 2015


New submission from Serhiy Storchaka:

Argument parsing code for functions _ssl.enum_certificates() and _ssl.enum_crls() look not correct. 

    if (!PyArg_ParseTupleAndKeywords(args, kwds, "s|s:enum_certificates",
                                     kwlist, &store_name)) {
        return NULL;
    }

The format contains codes for two string arguments. But only one address (&store_name) is passed. And kwlist contains only one member, "store_name".

These functions are provided only on Windows, so I can't check what happen if call them with two string arguments. May be crash or memory corruption.

----------
components: Extension Modules
messages: 240151
nosy: alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, serhiy.storchaka
priority: normal
severity: normal
status: open
title: Incorrect argument parsing in _ssl
type: behavior
versions: Python 3.5

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue23875>
_______________________________________


More information about the New-bugs-announce mailing list