Message296401
| Author |
serhiy.storchaka |
| Recipients |
ezio.melotti, serhiy.storchaka, steve.dower, vstinner |
| Date |
2017年06月20日.04:38:09 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<1497933490.61.0.851016867821.issue30708@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
The second parameter of the PyUnicode_AsWideCharString() function
wchar_t* PyUnicode_AsWideCharString(PyObject *unicode, Py_ssize_t *size)
is a pointer to Py_ssize_t. The size of created wchar_t array is saved on this pointer if it is not NULL. If NULL is passed as the second argument, the only way to determine the size of the wchar_t string is using wcslen(). But if the string contains the null characters, it looks truncated for wcslen() and other C API functions.
Reliable code should always pass the non-NULL second argument and check that wcslen() is equal to the returned string size. See for example the code in Modules/_io/winconsoleio.c. Passing NULL as the second argument is unsafe. But most code doesn't do such check (see all other usages of PyUnicode_AsWideCharString(..., NULL)). And this check complicates the callers code.
I propose to make the check for null characters inside of PyUnicode_AsWideCharString() if NULL is passes as the second argument. This will fix all unsafe usages of PyUnicode_AsWideCharString() and allow to simplify the reliable code.
This issue fixes the part of issue13617. |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2017年06月20日 04:38:10 | serhiy.storchaka | set | recipients:
+ serhiy.storchaka, vstinner, ezio.melotti, steve.dower |
| 2017年06月20日 04:38:10 | serhiy.storchaka | set | messageid: <1497933490.61.0.851016867821.issue30708@psf.upfronthosting.co.za> |
| 2017年06月20日 04:38:10 | serhiy.storchaka | link | issue30708 messages |
| 2017年06月20日 04:38:09 | serhiy.storchaka | create |
|