It seems that PyString_Size and PyString_AsString aren't getting along?
slen = PyString_Size(pstr); if (slen = 0) goto cleanup; mem = malloc((size_t)slen+1); if (mem == NULL){ PyErr_NoMemory(); goto cleanup; } char *fun = PyString_AsString(pstr); printf("slen:%d strlen(fun):%d\n", slen, strlen(fun)); strcpy(mem, PyString_AsString(pstr));
This prints: slen:0 strlen(fun):1
with the above example script. Perhaps it should be using PyString_AsStringAndSize ? Or just use strdup...
Regardless, this does not appear to be a security issue, but a "normal" bug. Thanks for the backtrace and details!
It seems that PyString_Size and PyString_AsString aren't getting along?
slen = PyString_ Size(pstr) ; (size_t) slen+1) ;
PyErr_ NoMemory( ); AsString( pstr);
printf( "slen:% d strlen(fun):%d\n", slen, strlen(fun)); AsString( pstr));
if (slen = 0)
goto cleanup;
mem = malloc(
if (mem == NULL){
goto cleanup;
}
char *fun = PyString_
strcpy(mem, PyString_
This prints:
slen:0 strlen(fun):1
with the above example script. Perhaps it should be using PyString_ AsStringAndSize ? Or just use strdup...
Regardless, this does not appear to be a security issue, but a "normal" bug. Thanks for the backtrace and details!