Author belopolsky
Recipients amaury.forgeotdarc, belopolsky, jnferguson
Date 2008-04-09.15:04:20
SpamBayes Score 0.173776
Marked as misclassified No
Message-id <1207753463.37.0.775913322207.issue2587@psf.upfronthosting.co.za>
In-reply-to
Content
I agree that PySSL_SSLread should check that its argument is >= 0.  I 
don't think this check belongs to PyString_FromStringAndSize.   It 
should be the responsibility of the caller to verify that the 
precondition size >= 0 is satisfied before calling PyString_FromStringAndSize.  Oftentimes the caller can ascertain size >= 
0 without an explicit check, for example, if size is the size of a 
buffer or length of a valid string object.

On the other hand, an external input such as the len argument to the 
read function should be checked before used.

I would also suggest changing the len type from int to Py_ssize_t.

I agree with Amaury that assert(size>=0) is sufficient in PyString_FromStringAndSize(), but its documentation should emphasize 
that the caller is responsible for assuring that the requested length is  
nonnegative.

I don't think the upper bound check is necessary: sizeof(PyStringObject) 
+ size will not wrap around as long as size >= 0.
History
Date User Action Args
2008-04-09 15:04:23belopolskysetspambayes_score: 0.173776 -> 0.173776
recipients: + belopolsky, amaury.forgeotdarc, jnferguson
2008-04-09 15:04:23belopolskysetspambayes_score: 0.173776 -> 0.173776
messageid: <1207753463.37.0.775913322207.issue2587@psf.upfronthosting.co.za>
2008-04-09 15:04:21belopolskylinkissue2587 messages
2008-04-09 15:04:20belopolskycreate