Message65237
I agree that PySSL_SSLread should check that its argument is >= 0. I
don't think this check belongs to PyString_FromStringAndSize. It
should be the responsibility of the caller to verify that the
precondition size >= 0 is satisfied before calling PyString_FromStringAndSize. Oftentimes the caller can ascertain size >=
0 without an explicit check, for example, if size is the size of a
buffer or length of a valid string object.
On the other hand, an external input such as the len argument to the
read function should be checked before used.
I would also suggest changing the len type from int to Py_ssize_t.
I agree with Amaury that assert(size>=0) is sufficient in PyString_FromStringAndSize(), but its documentation should emphasize
that the caller is responsible for assuring that the requested length is
nonnegative.
I don't think the upper bound check is necessary: sizeof(PyStringObject)
+ size will not wrap around as long as size >= 0. |
|
Date |
User |
Action |
Args |
2008-04-09 15:04:23 | belopolsky | set | spambayes_score: 0.173776 -> 0.173776 recipients:
+ belopolsky, amaury.forgeotdarc, jnferguson |
2008-04-09 15:04:23 | belopolsky | set | spambayes_score: 0.173776 -> 0.173776 messageid: <1207753463.37.0.775913322207.issue2587@psf.upfronthosting.co.za> |
2008-04-09 15:04:21 | belopolsky | link | issue2587 messages |
2008-04-09 15:04:20 | belopolsky | create | |
|