Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 6edddfa

Browse files
vstinnervstinner
committed
Issue #19636: Fix posix__getvolumepathname(), raise an OverflowError if
the length doesn't fit in an DWORD
1 parent f4a4898 commit 6edddfa

1 file changed

Lines changed: 14 additions & 5 deletions

File tree

Modules/posixmodule.c

Lines changed: 14 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -385,6 +385,8 @@ static int win32_can_symlink = 0;
385385
#endif
386386
#endif
387387

388+
#define DWORD_MAX 4294967295U
389+
388390

389391
#ifdef MS_WINDOWS
390392
static int
@@ -4039,24 +4041,31 @@ posix__getvolumepathname(PyObject *self, PyObject *args)
40394041
{
40404042
PyObject *po, *result;
40414043
wchar_t *path, *mountpath=NULL;
4042-
size_t bufsize;
4044+
size_t buflen;
40434045
BOOL ret;
40444046

40454047
if (!PyArg_ParseTuple(args, "U|:_getvolumepathname", &po))
40464048
return NULL;
4047-
path = PyUnicode_AsUnicode(po);
4049+
path = PyUnicode_AsUnicodeAndSize(po, &buflen);
40484050
if (path == NULL)
40494051
return NULL;
4052+
buflen += 1;
40504053

40514054
/* Volume path should be shorter than entire path */
4052-
bufsize = max(MAX_PATH, wcslen(path) * 2 * sizeof(wchar_t)+1);
4053-
mountpath = (wchar_t *)PyMem_Malloc(bufsize);
4055+
buflen = Py_MAX(buflen, MAX_PATH);
4056+
4057+
if (buflen > DWORD_MAX) {
4058+
PyErr_SetString(PyExc_OverflowError, "path too long");
4059+
return NULL;
4060+
}
4061+
4062+
mountpath = (wchar_t *)PyMem_Malloc(buflen * sizeof(wchar_t));
40544063
if (mountpath == NULL)
40554064
return PyErr_NoMemory();
40564065

40574066
Py_BEGIN_ALLOW_THREADS
40584067
ret = GetVolumePathNameW(path, mountpath,
4059-
Py_SAFE_DOWNCAST(bufsize, size_t, DWORD));
4068+
Py_SAFE_DOWNCAST(buflen, size_t, DWORD));
40604069
Py_END_ALLOW_THREADS
40614070

40624071
if (!ret) {

0 commit comments

Comments
 (0)