From 40a77c33819606b40ca04f680a06fcf31e2151a6 Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Sat, 13 Aug 2016 18:15:28 -0700 Subject: do not allow reading negative values with getstr() --- Lib/test/test_curses.py | 3 +++ Misc/NEWS | 3 +++ Modules/_cursesmodule.c | 8 ++++++++ 3 files changed, 14 insertions(+) diff --git a/Lib/test/test_curses.py b/Lib/test/test_curses.py index bd7d4fc..f049c29 100644 --- a/Lib/test/test_curses.py +++ b/Lib/test/test_curses.py @@ -163,6 +163,9 @@ class TestCurses(unittest.TestCase): if hasattr(curses, 'enclose'): stdscr.enclose() + self.assertRaises(ValueError, stdscr.getstr, -400) + self.assertRaises(ValueError, stdscr.getstr, 2, 3, -400) + def test_module_funcs(self): "Test module-level functions" diff --git a/Misc/NEWS b/Misc/NEWS index 2611c09..ca80c73 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -13,6 +13,9 @@ Core and Builtins Library ------- +- In the curses module, raise an error if window.getstr() is passed a negative + value. + - Issue #27758: Fix possible integer overflow in the _csv module for large record lengths. diff --git a/Modules/_cursesmodule.c b/Modules/_cursesmodule.c index 5ffce2f..a8735f2 100644 --- a/Modules/_cursesmodule.c +++ b/Modules/_cursesmodule.c @@ -1284,6 +1284,10 @@ PyCursesWindow_GetStr(PyCursesWindowObject *self, PyObject *args) case 1: if (!PyArg_ParseTuple(args,"i;n", &n)) return NULL; + if (n < 0) { + PyErr_SetString(PyExc_ValueError, "'n' must be nonnegative"); + return NULL; + } Py_BEGIN_ALLOW_THREADS rtn2 = wgetnstr(self->win, rtn, Py_MIN(n, 1023)); Py_END_ALLOW_THREADS @@ -1302,6 +1306,10 @@ PyCursesWindow_GetStr(PyCursesWindowObject *self, PyObject *args) case 3: if (!PyArg_ParseTuple(args,"iii;y,x,n", &y, &x, &n)) return NULL; + if (n < 0) { + PyErr_SetString(PyExc_ValueError, "'n' must be nonnegative"); + return NULL; + } #ifdef STRICT_SYSV_CURSES Py_BEGIN_ALLOW_THREADS rtn2 = wmove(self->win,y,x)==ERR ? ERR : -- cgit v0.12