[security] bpo-13617: Reject embedded null characters in wchar* strings. (#2302) Based on patch by Victor Stinner. Add private C API function _PyUnicode_AsUnicode() which is similar to PyUnicode_AsUnicode(), but checks for null characters.

commit: f7eae0adfcd4c50034281b2c69f461b43b68db84 [log] [tgz]
author: Serhiy Storchaka <storchaka@gmail.com> Wed Jun 28 08:30:06 2017 +0300
committer: GitHub <noreply@github.com> Wed Jun 28 08:30:06 2017 +0300
tree: 02d6a582fd81f615e71c55365f1b37a774fc0a4e
parent: 592eda123329bb5ce2bffcbe3701be6b909f1b2a [diff] [blame]
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
index 646de0e..e396d68 100644
--- a/Objects/unicodeobject.c
+++ b/Objects/unicodeobject.c

@@ -4133,6 +4133,20 @@
     return PyUnicode_AsUnicodeAndSize(unicode, NULL);
 }
 
+const Py_UNICODE *
+_PyUnicode_AsUnicode(PyObject *unicode)
+{
+    Py_ssize_t size;
+    const Py_UNICODE *wstr;
+
+    wstr = PyUnicode_AsUnicodeAndSize(unicode, &size);
+    if (wstr && wcslen(wstr) != (size_t)size) {
+        PyErr_SetString(PyExc_ValueError, "embedded null character");
+        return NULL;
+    }
+    return wstr;
+}
+
 
 Py_ssize_t
 PyUnicode_GetSize(PyObject *unicode)
commit	f7eae0adfcd4c50034281b2c69f461b43b68db84	[log] [tgz]
author	Serhiy Storchaka <storchaka@gmail.com>	Wed Jun 28 08:30:06 2017 +0300
committer	GitHub <noreply@github.com>	Wed Jun 28 08:30:06 2017 +0300
tree	02d6a582fd81f615e71c55365f1b37a774fc0a4e
parent	592eda123329bb5ce2bffcbe3701be6b909f1b2a [diff] [blame]