Eryk Sun added the comment:
The old CRT doesn't do any parameter validation on the nbytes parameter. It
just passes it directly to Windows LockFile as follows:
LockFile((HANDLE)_get_osfhandle(fh), lockoffset, 0L, nbytes, 0L)
which is locking (DWORD)-1 bytes, i.e. 0xFFFFFFFF. This allows users to
sneakily lock more than 2 GiB by passing a negative value. Python could do its
own validation in 2.7 to raise an exception for negative values, but I think
it's too late; that ship has sailed.
The parameter is validated by the new CRT in 3.5+, which limits nbytes to
non-negative values. There we need the _Py_BEGIN_SUPPRESS_IPH and
_Py_END_SUPPRESS_IPH macros to handle the failed call without crashing the
process.
----------
nosy: +eryksun
_______________________________________
Python tracker <[email protected]>
<http://bugs.python.org/issue29392>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
