Author martin.panter
Recipients JohnLeitch, eric.smith, mark.dickinson, martin.panter, serhiy.storchaka
Date 2015-11-05.00:01:01
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Going through the commits for Issue 22896, I noticed compile(), eval() and exec() also suffer from a similar flaw. They check strlen(buffer) but the buffer may not be null-terminated:

>>> eval(memoryview(b"1234")[1:3])
TypeError: source code string cannot contain null bytes
Date User Action Args
2015-11-05 00:01:01martin.pantersetrecipients: + martin.panter, mark.dickinson, eric.smith, serhiy.storchaka, JohnLeitch
2015-11-05 00:01:01martin.pantersetmessageid: <>
2015-11-05 00:01:01martin.panterlinkissue24802 messages
2015-11-05 00:01:01martin.pantercreate