SF bug 1003471: Python 1.5.2 security vulnerability
This was probably fixed in rev 1.32 of getpath.c, but there are so
many paths thru the code that invoke joinpath() it's not at all
obvious that it *is* fixed. It doesn't help confidence that a crucial
precondition for calling joinpath() was neither documented nor verified.
It is now, and joinpath() will barf with a fatal error now rather than
overrun the buffer, if the precondition isn't met.
Note that this patch only changes the Windows flavor. I attached another
patch to the bug report for the POSIX flavor (which I can't test
conveniently).
1 file changed