Author eryksun
Recipients RazerM, eryksun, paul.moore, steve.dower, tim.golden, zach.ware
Date 2017-01-30.23:40:32
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
The old CRT doesn't do any parameter validation on the nbytes parameter. It just passes it directly to Windows LockFile as follows:

    LockFile((HANDLE)_get_osfhandle(fh), lockoffset, 0L, nbytes, 0L)

which is locking (DWORD)-1 bytes, i.e. 0xFFFFFFFF. This allows users to sneakily lock more than 2 GiB by passing a negative value. Python could do its own validation in 2.7 to raise an exception for negative values, but I think it's too late; that ship has sailed. 

The parameter is validated by the new CRT in 3.5+, which limits nbytes to non-negative values. There we need the _Py_BEGIN_SUPPRESS_IPH and _Py_END_SUPPRESS_IPH macros to handle the failed call without crashing the process.
Date User Action Args
2017-01-30 23:40:32eryksunsetrecipients: + eryksun, paul.moore, tim.golden, zach.ware, steve.dower, RazerM
2017-01-30 23:40:32eryksunsetmessageid: <>
2017-01-30 23:40:32eryksunlinkissue29392 messages
2017-01-30 23:40:32eryksuncreate