Message96795
Various functions in the 'posix' module that take filename arguments
accept bytearray values for those arguments, and mishandle those objects
in a way that leads to segfaults.
Python 3.1 (r31:73572, Jul 23 2009, 23:41:26)
[GCC 4.3.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> os.mkdir(bytearray(b'/'))
Segmentation fault
There's at least two seperate problems with the way posixmodule handles
these objects. The first is that the code isn't set up to handle NULL
retvals from PyByteArray_AS_STRING(), which occur for zero-byte
bytearray objects. This causes a NULL-pointer dereference in
PyUnicode_FSConverter() if you pass a zero-length bytearray.
The second issue is that release_bytes() calls bytearray_releasebuffer()
with NULL for the first argument, which directly leads to a NULL-pointer
dereference.
I'm attaching a patch against SVN 77001 which should fix both of these
issues. |
|
Date |
User |
Action |
Args |
2009-12-22 07:31:45 | sh | set | recipients:
+ sh |
2009-12-22 07:31:43 | sh | set | messageid: <1261467103.65.0.513251554155.issue7561@psf.upfronthosting.co.za> |
2009-12-22 07:31:41 | sh | link | issue7561 messages |
2009-12-22 07:31:40 | sh | create | |
|