[issue2587] PyString_FromStringAndSize() to be considered unsane

Justin Ferguson report at bugs.python.org
Tue Apr 8 19:06:30 CEST 2008


Justin Ferguson <justin.ferguson at ioactive.com> added the comment:

As an addemdum, consider the following code (theres no assert, but it
wouldnt have helped you outside of debug builds anyways):


488 static PyObject *PySSL_SSLread(PySSLObject *self, PyObject *args)
489 {
490         PyObject *buf;
491         int count = 0;
492         int len = 1024;
[...]
496         if (!PyArg_ParseTuple(args, "|i:read", &len))
497                 return NULL;
498 
499         if (!(buf = PyString_FromStringAndSize((char *) 0, len)))
500                 return NULL;
[...]
521                 count = SSL_read(self->ssl, PyString_AsString(buf),
len);

__________________________________
Tracker <report at bugs.python.org>
<http://bugs.python.org/issue2587>
__________________________________


More information about the Python-bugs-list mailing list