New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
'y' does not check for embedded NUL bytes #52838
Comments
The documentation for the 'y' format (PyArg_ParseTuple and friends) states that: « The bytes object must not contain embedded NUL bytes; if it does, a TypeError exception is raised. » But, reading Python/getargs.c, the strlen() check is actually missing in the code for 'y'. |
Same issue for y#: y# (...) This variant on s# doesn’t accept Unicode objects, only bytes-like objects. s# (...) The string may contain embedded null bytes. -- y* might mention that it accepts embedded null bytes. -- grep 'PyArg_Parse[^"]\+"[^:;)"]y[^*]' */.c finds only usage of y# (no usage of y format):
These functions have to support embedded null bytes. So I think that y# should specify explicitly that embedded null bytes are accepted. |
See also bpo-8215. |
See also bpo-8850: Remove "w" format of PyParse_ParseTuple(). -- About "y": the parser HAVE TO check for embedded NUL bytes, because the caller doesn't know the size of the buffer (and strlen() would give the wrong size). |
Attached patch fixes the initial problem: raise an error if the byte strings embeds a NUL-byte. |
I commited a bigger patch: r81973 not only fixes "y" format, but also "u" and "Z". It does also add a lot of tests in test_getargs2.py for many string formats (not all, eg. "es" is not tested). Even if I consider this as a bugfix, I don't want to backport to 3.1 because it might break programs which rely on this strange behaviour. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: