summaryrefslogtreecommitdiffstats
path: root/Python
diff options
context:
space:
mode:
authorSerhiy Storchaka <storchaka@gmail.com>2017-06-28 05:30:06 (GMT)
committerGitHub <noreply@github.com>2017-06-28 05:30:06 (GMT)
commitf7eae0adfcd4c50034281b2c69f461b43b68db84 (patch)
tree02d6a582fd81f615e71c55365f1b37a774fc0a4e /Python
parent592eda123329bb5ce2bffcbe3701be6b909f1b2a (diff)
downloadcpython-f7eae0adfcd4c50034281b2c69f461b43b68db84.zip
cpython-f7eae0adfcd4c50034281b2c69f461b43b68db84.tar.gz
cpython-f7eae0adfcd4c50034281b2c69f461b43b68db84.tar.bz2
[security] bpo-13617: Reject embedded null characters in wchar* strings. (#2302)
Based on patch by Victor Stinner. Add private C API function _PyUnicode_AsUnicode() which is similar to PyUnicode_AsUnicode(), but checks for null characters.
Diffstat (limited to 'Python')
-rw-r--r--Python/dynload_win.c4
-rw-r--r--Python/fileutils.c23
2 files changed, 19 insertions, 8 deletions
diff --git a/Python/dynload_win.c b/Python/dynload_win.c
index 05050cf..0fdf77f 100644
--- a/Python/dynload_win.c
+++ b/Python/dynload_win.c
@@ -190,13 +190,13 @@ dl_funcptr _PyImport_FindSharedFuncptrWindows(const char *prefix,
{
dl_funcptr p;
char funcname[258], *import_python;
- wchar_t *wpathname;
+ const wchar_t *wpathname;
#ifndef _DEBUG
_Py_CheckPython3();
#endif
- wpathname = PyUnicode_AsUnicode(pathname);
+ wpathname = _PyUnicode_AsUnicode(pathname);
if (wpathname == NULL)
return NULL;
diff --git a/Python/fileutils.c b/Python/fileutils.c
index f3764e4..97505e5 100644
--- a/Python/fileutils.c
+++ b/Python/fileutils.c
@@ -711,21 +711,32 @@ _Py_stat(PyObject *path, struct stat *statbuf)
#ifdef MS_WINDOWS
int err;
struct _stat wstatbuf;
- wchar_t *wpath;
+ const wchar_t *wpath;
- wpath = PyUnicode_AsUnicode(path);
+ wpath = _PyUnicode_AsUnicode(path);
if (wpath == NULL)
return -2;
+
err = _wstat(wpath, &wstatbuf);
if (!err)
statbuf->st_mode = wstatbuf.st_mode;
return err;
#else
int ret;
- PyObject *bytes = PyUnicode_EncodeFSDefault(path);
+ PyObject *bytes;
+ char *cpath;
+
+ bytes = PyUnicode_EncodeFSDefault(path);
if (bytes == NULL)
return -2;
- ret = stat(PyBytes_AS_STRING(bytes), statbuf);
+
+ /* check for embedded null bytes */
+ if (PyBytes_AsStringAndSize(bytes, &cpath, NULL) == -1) {
+ Py_DECREF(bytes);
+ return -2;
+ }
+
+ ret = stat(cpath, statbuf);
Py_DECREF(bytes);
return ret;
#endif
@@ -1080,7 +1091,7 @@ _Py_fopen_obj(PyObject *path, const char *mode)
FILE *f;
int async_err = 0;
#ifdef MS_WINDOWS
- wchar_t *wpath;
+ const wchar_t *wpath;
wchar_t wmode[10];
int usize;
@@ -1094,7 +1105,7 @@ _Py_fopen_obj(PyObject *path, const char *mode)
Py_TYPE(path));
return NULL;
}
- wpath = PyUnicode_AsUnicode(path);
+ wpath = _PyUnicode_AsUnicode(path);
if (wpath == NULL)
return NULL;