Message 140393 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	ghaering, jeremybanks, ned.deily, vstinner
Date	2011-07-15.08:02:16
SpamBayes Score	4.318308e-08
Marked as misclassified	No
Message-id	<1310716937.38.0.0160250522365.issue12569@psf.upfronthosting.co.za>
In-reply-to

Content
> I already fixed this issue in Python 3.1, 3.2 and 3.3: > issue #6697 (e.g. commit 7ba851d1b46e). Oh, wrong: the bug was only fixed in Python 3.2 and 3.3. There was already a check after _PyUnicode_AsStringAndSize(), but the test was on the wrong variable (operation vs operation_cstr). Because only security bugs can be fixed in Python 3.1, I think that this issue should be closed. Or do you consider dereferencing a NULL pointer in sqlite3 as a security vulnerability?

> I already fixed this issue in Python 3.1, 3.2 and 3.3:
> issue #6697 (e.g. commit 7ba851d1b46e).

Oh, wrong: the bug was only fixed in Python 3.2 and 3.3. There was already a check after _PyUnicode_AsStringAndSize(), but the test was on the wrong variable (operation vs operation_cstr).

Because only security bugs can be fixed in Python 3.1, I think that this issue should be closed. Or do you consider dereferencing a NULL pointer in sqlite3 as a security vulnerability?

History
Date	User	Action	Args
2011-07-15 08:02:17	vstinner	set	recipients: + vstinner, ghaering, ned.deily, jeremybanks
2011-07-15 08:02:17	vstinner	set	messageid: <1310716937.38.0.0160250522365.issue12569@psf.upfronthosting.co.za>
2011-07-15 08:02:16	vstinner	link	issue12569 messages
2011-07-15 08:02:16	vstinner	create