STINNER Victor <victor.stin...@haypocalc.com> added the comment: > I already fixed this issue in Python 3.1, 3.2 and 3.3: > issue #6697 (e.g. commit 7ba851d1b46e).
Oh, wrong: the bug was only fixed in Python 3.2 and 3.3. There was already a check after _PyUnicode_AsStringAndSize(), but the test was on the wrong variable (operation vs operation_cstr). Because only security bugs can be fixed in Python 3.1, I think that this issue should be closed. Or do you consider dereferencing a NULL pointer in sqlite3 as a security vulnerability? ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue12569> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com