mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-03 08:34:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

[security] bpo-13617: Reject embedded null characters in wchar* strings. (#2302)

Browse source 
Based on patch by Victor Stinner.

Add private C API function _PyUnicode_AsUnicode() which is similar to
PyUnicode_AsUnicode(), but checks for null characters.
This commit is contained in:
Serhiy Storchaka 2017-06-28 08:30:06 +03:00 committed by GitHub
parent 592eda1233
commit f7eae0adfc
22 changed files with 115 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Modules/spwdmodule.c
View file

@ -134,6 +134,7 @@ spwd_getspnam_impl(PyObject *module, PyObject *arg)
if ((bytes = PyUnicode_EncodeFSDefault(arg)) == NULL)
return NULL;
/* check for embedded null bytes */
if (PyBytes_AsStringAndSize(bytes, &name, NULL) == -1)
goto out;
if ((p = getspnam(name)) == NULL) {