Issue #15905: Fix theoretical buffer overflow in handling of sys.argv[0], prefix and exec_prefix if the operation system does not obey MAXPATHLEN.

commit: 60a60677093e2792439c9e34debe6d55feead63f [log] [tgz]
author: Christian Heimes <christian@cheimes.de> Mon Jul 22 12:53:32 2013 +0200
committer: Christian Heimes <christian@cheimes.de> Mon Jul 22 12:53:32 2013 +0200
tree: 89fc77fe5cdf82f498c990466ec0a69efa789d26
parent: 37c916dd18df3442a4d8f79d14f5f23ba87e3fe5 [diff] [blame]
diff --git a/Python/sysmodule.c b/Python/sysmodule.c
index 20bfa55..edd6649 100644
--- a/Python/sysmodule.c
+++ b/Python/sysmodule.c

@@ -1856,10 +1856,11 @@
             if (q == NULL)
                 argv0 = link; /* argv0 without path */
             else {
-                /* Must make a copy */
-                wcscpy(argv0copy, argv0);
+                /* Must make a copy, argv0copy has room for 2 * MAXPATHLEN */
+                wcsncpy(argv0copy, argv0, MAXPATHLEN);
                 q = wcsrchr(argv0copy, SEP);
-                wcscpy(q+1, link);
+                wcsncpy(q+1, link, MAXPATHLEN);
+                q[MAXPATHLEN + 1] = L'\0';
                 argv0 = argv0copy;
             }
         }
commit	60a60677093e2792439c9e34debe6d55feead63f	[log] [tgz]
author	Christian Heimes <christian@cheimes.de>	Mon Jul 22 12:53:32 2013 +0200
committer	Christian Heimes <christian@cheimes.de>	Mon Jul 22 12:53:32 2013 +0200
tree	89fc77fe5cdf82f498c990466ec0a69efa789d26
parent	37c916dd18df3442a4d8f79d14f5f23ba87e3fe5 [diff] [blame]