BIND 10 #363: "H" and "I" are probably harmful for PyArg_ParseTuple()
BIND 10 Development
do-not-reply at isc.org
Thu Oct 7 12:31:23 UTC 2010
#363: "H" and "I" are probably harmful for PyArg_ParseTuple()
----------------------------+-----------------------------------------------
Reporter: jinmei | Owner: jinmei
Type: defect | Status: new
Priority: minor | Milestone: y2 12 month milestone
Component: DNSPacket API | Keywords:
Sensitive: 0 | Estimatedhours: 0
Hours: 0 | Billable: 1
Totalhours: 0 | Internal: 0
----------------------------+-----------------------------------------------
Some of our python binding code uses "H" (unsigned short) and "I"
(unsigned int) with !PyArg_ParseTuple().
I suspect most (if not all) of this usage is questionable because
overflows are ignored. For example, the following test current passes:
{{{
self.assertEqual(RRType("A"), RRType(0x100000001))
}}}
(assuming sizeof(int) is 4)
Admittedly this is an artificial case but it still makes it awkward even
if we don't call it a bug.
I think we should use a signed version of larger size of integer ("h",
"i", etc) and perform more strict range checks, i.e., reject value < 0 and
value > possible_max.
--
Ticket URL: <http://bind10.isc.org/ticket/363>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list