mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-04 00:48:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

bpo-30730: Prevent environment variables injection in subprocess on Windows. (#2325)

Browse source 
Prevent passing other invalid environment variables and command arguments.
This commit is contained in:
Serhiy Storchaka 2017-06-23 19:39:27 +03:00 committed by GitHub
parent d352d68977
commit d174d24a5d
5 changed files with 72 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Objects/abstract.c
View file

@ -2558,8 +2558,8 @@ _PySequence_BytesToCharpArray(PyObject* self)
array[i] = NULL;
goto fail;
}
data = PyBytes_AsString(item);
if (data == NULL) {
/* check for embedded null bytes */
if (PyBytes_AsStringAndSize(item, &data, NULL) < 0) {
/* NULL terminate before freeing. */
array[i] = NULL;
goto fail;