[security] bpo-13617: Reject embedded null characters in wchar* strings. (#2302) Based on patch by Victor Stinner. Add private C API function _PyUnicode_AsUnicode() which is similar to PyUnicode_AsUnicode(), but checks for null characters.

commit: f7eae0adfcd4c50034281b2c69f461b43b68db84 [log] [tgz]
author: Serhiy Storchaka <storchaka@gmail.com> Wed Jun 28 08:30:06 2017 +0300
committer: GitHub <noreply@github.com> Wed Jun 28 08:30:06 2017 +0300
tree: 02d6a582fd81f615e71c55365f1b37a774fc0a4e
parent: 592eda123329bb5ce2bffcbe3701be6b909f1b2a [diff] [blame]
diff --git a/Modules/_io/fileio.c b/Modules/_io/fileio.c
index a09c39f7..cc7061f 100644
--- a/Modules/_io/fileio.c
+++ b/Modules/_io/fileio.c

@@ -271,11 +271,10 @@
 
     if (fd < 0) {
 #ifdef MS_WINDOWS
-        Py_ssize_t length;
         if (!PyUnicode_FSDecoder(nameobj, &stringobj)) {
             return -1;
         }
-        widename = PyUnicode_AsUnicodeAndSize(stringobj, &length);
+        widename = PyUnicode_AsUnicode(stringobj);
         if (widename == NULL)
             return -1;
 #else
commit	f7eae0adfcd4c50034281b2c69f461b43b68db84	[log] [tgz]
author	Serhiy Storchaka <storchaka@gmail.com>	Wed Jun 28 08:30:06 2017 +0300
committer	GitHub <noreply@github.com>	Wed Jun 28 08:30:06 2017 +0300
tree	02d6a582fd81f615e71c55365f1b37a774fc0a4e
parent	592eda123329bb5ce2bffcbe3701be6b909f1b2a [diff] [blame]