diff options
| author |   Serhiy Storchaka <storchaka@gmail.com> | 2019-10-21 21:40:30 +0300 |
|---|---|---|
| committer |   GitHub <noreply@github.com> | 2019-10-21 21:40:30 +0300 |
| commit | ccdfeb7e969bf3aafd43dbe6581c30f66f2b0890 (patch) | |
| tree | 1f6c9e6fb3c133979b75f7c7ca5416926660c9e8 | |
| parent | Work around Path.glob() issue when creating nuget package (GH-16855) (diff) | |
| download | cpython-ccdfeb7e969bf3aafd43dbe6581c30f66f2b0890.tar.gz cpython-ccdfeb7e969bf3aafd43dbe6581c30f66f2b0890.tar.bz2 cpython-ccdfeb7e969bf3aafd43dbe6581c30f66f2b0890.zip | |
[2.7] bpo-38540: Fix possible leak in PyArg_Parse for "es#" and "et#". (GH-16869). (GH-16877)
(cherry picked from commit 5bc6a7c06eda20ba131ecba6752be0506d310181)
| -rw-r--r-- | Misc/NEWS.d/next/C API/2019-10-21-09-24-03.bpo-38540.314N_T.rst | 3 | ||||
| -rw-r--r-- | Python/getargs.c | 14 |
2 files changed, 16 insertions, 1 deletions
diff --git a/Misc/NEWS.d/next/C API/2019-10-21-09-24-03.bpo-38540.314N_T.rst b/Misc/NEWS.d/next/C API/2019-10-21-09-24-03.bpo-38540.314N_T.rst new file mode 100644 index 00000000000..1d73ad8fe96 --- /dev/null +++ b/Misc/NEWS.d/next/C API/2019-10-21-09-24-03.bpo-38540.314N_T.rst @@ -0,0 +1,3 @@ +Fixed possible leak in :c:func:`PyArg_Parse` and similar functions for +format units ``"es#"`` and ``"et#"`` when the macro +:c:macro:`PY_SSIZE_T_CLEAN` is not defined. diff --git a/Python/getargs.c b/Python/getargs.c index cc1ddde977f..12ee2486377 100644 --- a/Python/getargs.c +++ b/Python/getargs.c @@ -1156,7 +1156,19 @@ convertsimple(PyObject *arg, const char **p_format, va_list *p_va, int flags, memcpy(*buffer, PyString_AS_STRING(s), size + 1); - STORE_SIZE(size); + + if (flags & FLAG_SIZE_T) { + *q2 = size; + } + else { + if (INT_MAX < size) { + Py_DECREF(s); + PyErr_SetString(PyExc_OverflowError, + "size does not fit in an int"); + return converterr("", arg, msgbuf, bufsize); + } + *q = (int)size; + } } else { /* Using a 0-terminated buffer: |