[security] bpo-13617: Reject embedded null characters in wchar* strings. (#2302) Based on patch by Victor Stinner. Add private C API function _PyUnicode_AsUnicode() which is similar to PyUnicode_AsUnicode(), but checks for null characters.

commit: f7eae0adfcd4c50034281b2c69f461b43b68db84 [log] [tgz]
author: Serhiy Storchaka <storchaka@gmail.com> Wed Jun 28 08:30:06 2017 +0300
committer: GitHub <noreply@github.com> Wed Jun 28 08:30:06 2017 +0300
tree: 02d6a582fd81f615e71c55365f1b37a774fc0a4e
parent: 592eda123329bb5ce2bffcbe3701be6b909f1b2a [diff] [blame]
diff --git a/Lib/test/test_locale.py b/Lib/test/test_locale.py
index 668f3cb..d93b3ad 100644
--- a/Lib/test/test_locale.py
+++ b/Lib/test/test_locale.py

@@ -346,9 +346,14 @@
         self.assertLess(locale.strcoll('a', 'b'), 0)
         self.assertEqual(locale.strcoll('a', 'a'), 0)
         self.assertGreater(locale.strcoll('b', 'a'), 0)
+        # embedded null character
+        self.assertRaises(ValueError, locale.strcoll, 'a\0', 'a')
+        self.assertRaises(ValueError, locale.strcoll, 'a', 'a\0')
 
     def test_strxfrm(self):
         self.assertLess(locale.strxfrm('a'), locale.strxfrm('b'))
+        # embedded null character
+        self.assertRaises(ValueError, locale.strxfrm, 'a\0')
 
 
 class TestEnUSCollation(BaseLocalizedTest, TestCollation):
commit	f7eae0adfcd4c50034281b2c69f461b43b68db84	[log] [tgz]
author	Serhiy Storchaka <storchaka@gmail.com>	Wed Jun 28 08:30:06 2017 +0300
committer	GitHub <noreply@github.com>	Wed Jun 28 08:30:06 2017 +0300
tree	02d6a582fd81f615e71c55365f1b37a774fc0a4e
parent	592eda123329bb5ce2bffcbe3701be6b909f1b2a [diff] [blame]