mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-01 07:33:08 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Issue #5753: A new C API function, :cfunc:PySys_SetArgvEx, allows

Browse source 
embedders of the interpreter to set sys.argv without also modifying
sys.path.  This helps fix `CVE-2008-5983
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983>`_.
This commit is contained in:
Antoine Pitrou 2010-05-21 17:12:38 +00:00
parent a85bd06a82
commit 6a2656094d
4 changed files with 50 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Python/sysmodule.c
View file

@ -1649,7 +1649,7 @@ makeargvobject(int argc, char **argv)
}
void
PySys_SetArgv(int argc, char **argv)
PySys_SetArgvEx(int argc, char **argv, int updatepath)
{
#if defined(HAVE_REALPATH)
char fullpath[MAXPATHLEN];
@ -1662,7 +1662,7 @@ PySys_SetArgv(int argc, char **argv)
Py_FatalError("no mem for sys.argv");
if (PySys_SetObject("argv", av) != 0)
Py_FatalError("can't assign sys.argv");
if (path != NULL) {
if (updatepath && path != NULL) {
char *argv0 = argv[0];
char *p = NULL;
Py_ssize_t n = 0;
@ -1752,6 +1752,12 @@ PySys_SetArgv(int argc, char **argv)
Py_DECREF(av);
}
void
PySys_SetArgv(int argc, char **argv)
{
PySys_SetArgvEx(argc, argv, 1);
}
/* APIs to write to sys.stdout or sys.stderr using a printf-like interface.
Adapted from code submitted by Just van Rossum.