diff options
| author | Martin v. Löwis <martin@v.loewis.de> | 2005-03-04 14:38:07 (GMT) |
|---|---|---|
| committer | Martin v. Löwis <martin@v.loewis.de> | 2005-03-04 14:38:07 (GMT) |
| commit | dce2f3605bc56187d1b8af83920d1a210443ec70 (patch) | |
| tree | 174a50f63eab80d6b66053845f1f6b4eed86619d | |
| parent | ac62bc7e6523f05930649cfc4a7ab663f697fa08 (diff) | |
| download | cpython-dce2f3605bc56187d1b8af83920d1a210443ec70.zip cpython-dce2f3605bc56187d1b8af83920d1a210443ec70.tar.gz cpython-dce2f3605bc56187d1b8af83920d1a210443ec70.tar.bz2 | |
Patches #925152, #1118602: Avoid reading after the end of the buffer
in pyexpat.GetInputContext.
| -rw-r--r-- | Misc/NEWS | 3 | ||||
| -rw-r--r-- | Modules/pyexpat.c | 2 |
2 files changed, 4 insertions, 1 deletions
@@ -33,6 +33,9 @@ Core and builtins Extension Modules ----------------- +- Patches #925152, #1118602: Avoid reading after the end of the buffer + in pyexpat.GetInputContext. + - Patch #1093585: raise a ValueError for negative history items in readline. {remove_history,replace_history} diff --git a/Modules/pyexpat.c b/Modules/pyexpat.c index d359a74..e6c14f8 100644 --- a/Modules/pyexpat.c +++ b/Modules/pyexpat.c @@ -1082,7 +1082,7 @@ xmlparse_GetInputContext(xmlparseobject *self, PyObject *args) = XML_GetInputContext(self->itself, &offset, &size); if (buffer != NULL) - result = PyString_FromStringAndSize(buffer + offset, size); + result = PyString_FromStringAndSize(buffer + offset, size - offset); else { result = Py_None; Py_INCREF(result); |