Message 170200 - Python tracker

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

In-reply-to
Author	christian.heimes
Recipients	christian.heimes
Date	2012年09月10日.16:09:45
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1347293386.49.0.00561600810364.issue15905@psf.upfronthosting.co.za>

Content
In Python/sysmodule.c the function sys_update_path() uses wcscpy to copy data to a fixed size buffer. The input comes from an external source (argv[0]) and could theoretically be larger than the buffer. Suggested solution: Increase the buffer a bit: wchar_t argv0copy[sizeof(wchar_t)* (MAXPATHLEN+1)]; and use wcsncpy: wcsncpy(argv0copy, argv0, MAXPATHLEN); argv0copy[MAXPATHLEN] = L'0円'; CID 486850

Content

In Python/sysmodule.c the function sys_update_path() uses wcscpy to copy data to a fixed size buffer. The input comes from an external source (argv[0]) and could theoretically be larger than the buffer.
Suggested solution:
Increase the buffer a bit:
 wchar_t argv0copy[sizeof(wchar_t)* (MAXPATHLEN+1)];
and use wcsncpy:
 wcsncpy(argv0copy, argv0, MAXPATHLEN);
 argv0copy[MAXPATHLEN] = L'0円';
CID 486850

History
Date	User	Action	Args
2012年09月10日 16:09:46	christian.heimes	set	recipients: + christian.heimes
2012年09月10日 16:09:46	christian.heimes	set	messageid: <1347293386.49.0.00561600810364.issue15905@psf.upfronthosting.co.za>
2012年09月10日 16:09:46	christian.heimes	link	issue15905 messages
2012年09月10日 16:09:45	christian.heimes	create

homepage