[New-bugs-announce] [issue41662] Bugs in binding parameters in sqlite3
report at bugs.python.org
Sat Aug 29 09:05:08 EDT 2020
New submission from Serhiy Storchaka <storchaka+cpython at gmail.com>:
There are few bugs in the code for binding parameters specified in the sqlite3 module:
1. If argument "parameters" is a list, PyList_GET_ITEM() is called in a loop, but the size of the list is read only once before loop. Since the list can be changed during iteration, it can cause reading past the end of the list.
2. If argument "parameters" is a custom sequence, all exceptions raised in __len__() (including KeybordInterrupt) are overridden by a ProgrammingError.
components: Extension Modules
nosy: BTaskaya, ghaering, serhiy.storchaka
title: Bugs in binding parameters in sqlite3
versions: Python 3.10, Python 3.8, Python 3.9
Python tracker <report at bugs.python.org>
More information about the New-bugs-announce