diff options
| author | Guido van Rossum <guido@python.org> | 1999-08-03 19:41:10 (GMT) |
|---|---|---|
| committer | Guido van Rossum <guido@python.org> | 1999-08-03 19:41:10 (GMT) |
| commit | 6a619f44c567efe859b4b94a710b718d475a57fe (patch) | |
| tree | 0c42776db89af408bdc247b6a52583e99a72252b /Modules | |
| parent | 46ab6dfa89e2d5eeed8f85b40c022161e2493800 (diff) | |
| download | cpython-6a619f44c567efe859b4b94a710b718d475a57fe.zip cpython-6a619f44c567efe859b4b94a710b718d475a57fe.tar.gz cpython-6a619f44c567efe859b4b94a710b718d475a57fe.tar.bz2 | |
It turns out that modifying the environment strings is not safe.
Treat them as read-only, and make a copy as appropriately. This was
first reported by Bill Janssend and later by Craig Rowland and Ron
Sedlmeyer. This fix is mine.
Diffstat (limited to 'Modules')
| -rw-r--r-- | Modules/posixmodule.c | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/Modules/posixmodule.c b/Modules/posixmodule.c index 2a1efa6..947e169 100644 --- a/Modules/posixmodule.c +++ b/Modules/posixmodule.c @@ -290,19 +290,29 @@ convertenviron() return NULL; if (environ == NULL) return d; - /* XXX This part ignores errors */ + /* This part ignores errors */ for (e = environ; *e != NULL; e++) { + PyObject *k; PyObject *v; char *p = strchr(*e, '='); if (p == NULL) continue; + k = PyString_FromStringAndSize(*e, (int)(p-*e)); + if (k == NULL) { + PyErr_Clear(); + continue; + } v = PyString_FromString(p+1); - if (v == NULL) + if (v == NULL) { + PyErr_Clear(); + Py_DECREF(k); continue; - *p = '\0'; - if (PyDict_GetItemString(d, *e) == NULL) - (void) PyDict_SetItemString(d, *e, v); - *p = '='; + } + if (PyDict_GetItem(d, k) == NULL) { + if (PyDict_SetItem(d, k, v) != 0) + PyErr_Clear(); + } + Py_DECREF(k); Py_DECREF(v); } #if defined(PYOS_OS2) |