[issue22689] Posix getenv makes no guarantee of lifetime of returned string

2018-07-10 Thread STINNER Victor 


STINNER Victor  added the comment:

> char *_rtpypath = Py_GETENV("PYTHONPATH"); /* XXX use wide version on 
> Windows */

Python now copies the env var. In master, Modules/main.c:

int res = config_get_env_var_dup(, L"PYTHONPATH", "PYTHONPATH");

Moreover, bytes are decoded to Unicode (wchar_t) on UNIX.

This issue is now 4 years old and Serhiy just fixed one issue, so I close the 
issue.

Even if there is a risk of an issue, nobody came up with a concrete way to 
trigger a bug, so I don't think that it's a big issue. For example, the 
reported bug was on Py_GETENV("PYTHONPATH"), whereas this code is critical for 
Python: if it fails, everybody will complain. Except that since the bug has 
been reported, nobody ever saw an issue with this code. The code is part of the 
early code to initialize Python, when there is not possible to execute 
arbitrary code nor have a second thread, so we should be fine.

--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed
versions: +Python 3.8 -Python 2.7, Python 3.4, Python 3.5

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22689] Posix getenv makes no guarantee of lifetime of returned string

2018-07-09 Thread miss-islington 


miss-islington  added the comment:


New changeset 6f4fbf8ea428e13959a7aaba0ac9725ed407752a by Miss Islington (bot) 
in branch '3.7':
bpo-22689: Copy the result of getenv() in sys_breakpointhook(). (GH-8194)
https://github.com/python/cpython/commit/6f4fbf8ea428e13959a7aaba0ac9725ed407752a


--
nosy: +miss-islington

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22689] Posix getenv makes no guarantee of lifetime of returned string

2018-07-09 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +7755

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22689] Posix getenv makes no guarantee of lifetime of returned string

2018-07-09 Thread Serhiy Storchaka 


Serhiy Storchaka  added the comment:


New changeset f60bf0e168255b7675a4c049250ba6b202f8e647 by Serhiy Storchaka in 
branch 'master':
bpo-22689: Copy the result of getenv() in sys_breakpointhook(). (GH-8194)
https://github.com/python/cpython/commit/f60bf0e168255b7675a4c049250ba6b202f8e647


--
nosy: +serhiy.storchaka

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22689] Posix getenv makes no guarantee of lifetime of returned string

2018-07-09 Thread Serhiy Storchaka 


Change by Serhiy Storchaka :


--
keywords: +patch
pull_requests: +7746
stage:  -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22689] Posix getenv makes no guarantee of lifetime of returned string

2014-10-21 Thread Aidan Hobson Sayers 

New submission from Aidan Hobson Sayers:

Posix says the following on the subject of getenv:

 The returned string pointer might be invalidated or the string content might 
 be overwritten by a subsequent call to getenv()

(http://pubs.opengroup.org/onlinepubs/9699919799/functions/getenv.html)

Unfortunately, in Modules/getpath.c:

static void
calculate_path(void)
{
[...]
char *_rtpypath = Py_GETENV(PYTHONPATH); /* XXX use wide version on 
Windows */
wchar_t *rtpypath = NULL;
wchar_t *home = Py_GetPythonHome();
char *_path = getenv(PATH);

So 3 potential getenv calls in quick succession, meaning _rtpypath and home can 
become junk before they get used and Python crashes before it can start up (it 
becomes unable to find the site module).

Unfortunately it looks like the assumption that getenv pointers will remain 
safe forever is used in a few places in python.

Explicit notes on the correct use of getenv: 
https://www.securecoding.cert.org/confluence/display/seccode/ENV34-C.+Do+not+store+pointers+returned+by+certain+functions

Someone's apparently seen this before (but didn't report it?) - 
http://sourceforge.net/p/edk2/mailman/edk2-devel/thread/66bd57653246d24e9698b0a6509545a86ddb8...@orsmsx109.amr.corp.intel.com/

--
components: Interpreter Core
messages: 229788
nosy: aidanhs
priority: normal
severity: normal
status: open
title: Posix getenv makes no guarantee of lifetime of returned string
type: crash
versions: Python 2.7, Python 3.2, Python 3.3, Python 3.4, Python 3.5, Python 3.6

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22689
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22689] Posix getenv makes no guarantee of lifetime of returned string

2014-10-21 Thread STINNER Victor 

Changes by STINNER Victor victor.stin...@gmail.com:


--
nosy: +haypo
versions:  -Python 3.2, Python 3.3, Python 3.6

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22689
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue22689] Posix getenv makes no guarantee of lifetime of returned string

2014-10-21 Thread Aidan Hobson Sayers 

Aidan Hobson Sayers added the comment:

In case it matters, I'm compiling using Emscripten which implements getenv like 
so: https://github.com/kripken/emscripten/blob/1.25.2/src/library.js#L3323

(I personally think it's a bizarre way to do it, but technically I think it's 
ok?)

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22689
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com