summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFred Drake <fdrake@acm.org>2000-06-30 16:18:57 (GMT)
committerFred Drake <fdrake@acm.org>2000-06-30 16:18:57 (GMT)
commit4c82b2366ff2eb38f062fc5da1b15ddd1c01fa4b (patch)
tree9706525a1647754a3d5aed1ba183b4544acaaebe
parent4358b2c928e756a77613da7cb8c57676e8872935 (diff)
downloadcpython-4c82b2366ff2eb38f062fc5da1b15ddd1c01fa4b.zip
cpython-4c82b2366ff2eb38f062fc5da1b15ddd1c01fa4b.tar.gz
cpython-4c82b2366ff2eb38f062fc5da1b15ddd1c01fa4b.tar.bz2
Trent Mick <trentm@activestate.com>:
This patch fixes possible overflow in the use of PyOS_GetLastModificationTime in getmtime.c and Python/import.c. Currently PyOS_GetLastModificationTime returns a C long. This can overflow on Win64 where sizeof(time_t) > sizeof(long). Besides it should logically return a time_t anyway (this patch changes this). As well, import.c uses PyOS_GetLastModificationTime for .pyc timestamping. There has been recent discussion about the .pyc header format on python-dev. This patch adds oveflow checking to import.c so that an exception will be raised if the modification time overflows. There are a few other minor 64-bit readiness changes made to the module as well: - size_t instead of int or long for function-local buffer and string length variables - one buffer overflow check was added (raises an exception on possible overflow, this overflow chance exists on 32-bit platforms as well), no other possible buffer overflows existed (from my analysis anyway) Closes SourceForge patch #100509.
-rw-r--r--Python/getmtime.c3
-rw-r--r--Python/import.c44
2 files changed, 33 insertions, 14 deletions
diff --git a/Python/getmtime.c b/Python/getmtime.c
index 4bf2adf..aea6909 100644
--- a/Python/getmtime.c
+++ b/Python/getmtime.c
@@ -33,13 +33,14 @@ PERFORMANCE OF THIS SOFTWARE.
/* (A separate file because this may be OS dependent) */
+#include "Python.h"
#include "config.h"
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
-long
+time_t
PyOS_GetLastModificationTime(path, fp)
char *path;
FILE *fp;
diff --git a/Python/import.c b/Python/import.c
index a23b71b..ede6cb6 100644
--- a/Python/import.c
+++ b/Python/import.c
@@ -74,7 +74,7 @@ PERFORMANCE OF THIS SOFTWARE.
#endif
-extern long PyOS_GetLastModificationTime(); /* In getmtime.c */
+extern time_t PyOS_GetLastModificationTime(); /* In getmtime.c */
/* Magic word to reject .pyc files generated by other Python versions */
/* Change for each incompatible change */
@@ -549,9 +549,9 @@ static char *
make_compiled_pathname(pathname, buf, buflen)
char *pathname;
char *buf;
- int buflen;
+ size_t buflen;
{
- int len;
+ size_t len;
len = strlen(pathname);
if (len+2 > buflen)
@@ -732,7 +732,7 @@ load_source_module(name, pathname, fp)
char *pathname;
FILE *fp;
{
- long mtime;
+ time_t mtime;
FILE *fpc;
char buf[MAXPATHLEN+1];
char *cpathname;
@@ -740,7 +740,20 @@ load_source_module(name, pathname, fp)
PyObject *m;
mtime = PyOS_GetLastModificationTime(pathname, fp);
- cpathname = make_compiled_pathname(pathname, buf, MAXPATHLEN+1);
+ if (mtime == -1)
+ return NULL;
+#if SIZEOF_TIME_T > 4
+ /* Python's .pyc timestamp handling presumes that the timestamp fits
+ in 4 bytes. This will be fine until sometime in the year 2038,
+ when a 4-byte signed time_t will overflow.
+ */
+ if (mtime >> 32) {
+ PyErr_SetString(PyExc_OverflowError,
+ "modification time overflows a 4 bytes");
+ return NULL;
+ }
+#endif
+ cpathname = make_compiled_pathname(pathname, buf, (size_t)MAXPATHLEN+1);
if (cpathname != NULL &&
(fpc = check_compiled_module(pathname, mtime, cpathname))) {
co = read_compiled_module(cpathname, fpc);
@@ -771,7 +784,7 @@ load_source_module(name, pathname, fp)
/* Forward */
static PyObject *load_module Py_PROTO((char *, FILE *, char *, int));
static struct filedescr *find_module Py_PROTO((char *, PyObject *,
- char *, int, FILE **));
+ char *, size_t, FILE **));
static struct _frozen *find_frozen Py_PROTO((char *name));
/* Load a package and return its module object WITH INCREMENTED
@@ -869,10 +882,11 @@ find_module(realname, path, buf, buflen, p_fp)
PyObject *path;
/* Output parameters: */
char *buf;
- int buflen;
+ size_t buflen;
FILE **p_fp;
{
- int i, npath, len, namelen;
+ int i, npath;
+ size_t len, namelen;
struct _frozen *f;
struct filedescr *fdp = NULL;
FILE *fp = NULL;
@@ -882,6 +896,10 @@ find_module(realname, path, buf, buflen, p_fp)
static struct filedescr fd_package = {"", "", PKG_DIRECTORY};
char name[MAXPATHLEN+1];
+ if (strlen(realname) > MAXPATHLEN) {
+ PyErr_SetString(PyExc_OverflowError, "module name is too long");
+ return NULL;
+ }
strcpy(name, realname);
if (path != NULL && PyString_Check(path)) {
@@ -933,7 +951,7 @@ find_module(realname, path, buf, buflen, p_fp)
if (len + 2 + namelen + MAXSUFFIXSIZE >= buflen)
continue; /* Too long */
strcpy(buf, PyString_AsString(v));
- if ((int)strlen(buf) != len)
+ if (strlen(buf) != len)
continue; /* v contains '\0' */
#ifdef macintosh
#ifdef INTERN_STRINGS
@@ -1181,8 +1199,8 @@ static int
find_init_module(buf)
char *buf;
{
- int save_len = strlen(buf);
- int i = save_len;
+ size_t save_len = strlen(buf);
+ size_t i = save_len;
struct stat statbuf;
if (save_len + 13 >= MAXPATHLEN)
@@ -1577,7 +1595,7 @@ get_parent(globals, buf, p_buflen)
else {
char *start = PyString_AS_STRING(modname);
char *lastdot = strrchr(start, '.');
- int len;
+ size_t len;
if (lastdot == NULL)
return Py_None;
len = lastdot - start;
@@ -1612,7 +1630,7 @@ load_next(mod, altmod, p_name, buf, p_buflen)
{
char *name = *p_name;
char *dot = strchr(name, '.');
- int len;
+ size_t len;
char *p;
PyObject *result;