Skip to content

gh-106844: Fix null-bytes handling in LCMapStringEx in _winapi#107832

Merged
serhiy-storchaka merged 6 commits intopython:mainfrom
serhiy-storchaka:issue-106844
Aug 11, 2023
Merged

gh-106844: Fix null-bytes handling in LCMapStringEx in _winapi#107832
serhiy-storchaka merged 6 commits intopython:mainfrom
serhiy-storchaka:issue-106844

Conversation

@serhiy-storchaka
Copy link
Member

@serhiy-storchaka serhiy-storchaka commented Aug 10, 2023
edited by bedevere-bot
Loading

@serhiy-storchaka serhiy-storchaka added needs backport to 3.11 only security fixes needs backport to 3.12 only security fixes labels Aug 10, 2023
@serhiy-storchaka serhiy-storchaka requested a review from zooba August 10, 2023 08:41
@bedevere-bot bedevere-bot mentioned this pull request Aug 10, 2023
Closed
@serhiy-storchaka serhiy-storchaka mentioned this pull request Aug 10, 2023
Closed
zooba
zooba approved these changes Aug 10, 2023
View reviewed changes
Copy link
Member

@zooba zooba left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Just be aware it won't backport cleanly to 3.11, and the LPCWSTR converter has a memory leak in that version and shouldn't be used.

@serhiy-storchaka
Copy link
Member Author

serhiy-storchaka commented Aug 10, 2023

Before merging it I want to manually test it on Windows with large strings, and maybe add bigmem tests if it is feasible.

serhiy-storchaka
serhiy-storchaka commented Aug 11, 2023
View reviewed changes
Modules/_winapi.c
NULL, NULL, 0);
if (dest_size == 0) {
return PyErr_SetFromWindowsErr(0);
if (dest_size <= 0) {
Copy link
Member Author

@serhiy-storchaka serhiy-storchaka Aug 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It can return negative value. At least if src_size is negative. But the second call returns 0 anyway.

Modules/_winapi.c
if (dest_size == 0) {
return PyErr_SetFromWindowsErr(0);
if (dest_size <= 0) {
DWORD error = GetLastError();
Copy link
Member Author

@serhiy-storchaka serhiy-storchaka Aug 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Other code calls GetLastError() as early as possible, before PyMem_Free(). Perhaps there is a reason of it.

Modules/_winapi.c
Comment on lines +1590 to +1591
PyMem_Free(src_);
PyObject *ret = PyUnicode_FromWideChar(dest, nmapped);
Copy link
Member Author

@serhiy-storchaka serhiy-storchaka Aug 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It reduces the maximal total memory consumption if free this memory before allocating new memory in PyUnicode_FromWideChar().

@serhiy-storchaka serhiy-storchaka merged commit 04cc014 into python:main Aug 11, 2023
@miss-islington
Copy link
Contributor

miss-islington commented Aug 11, 2023

Thanks @serhiy-storchaka for the PR 🌮🎉.. I'm working now to backport this PR to: 3.11, 3.12.
🐍🍒⛏🤖

@serhiy-storchaka serhiy-storchaka deleted the issue-106844 branch August 11, 2023 18:13
@miss-islington
Copy link
Contributor

miss-islington commented Aug 11, 2023

Sorry, @serhiy-storchaka, I could not cleanly backport this to 3.12 due to a conflict.
Please backport using cherry_picker on command line.
cherry_picker 04cc01453db2f0af72a06440831637f8bf512daf 3.12

@miss-islington
Copy link
Contributor

miss-islington commented Aug 11, 2023

Sorry, @serhiy-storchaka, I could not cleanly backport this to 3.11 due to a conflict.
Please backport using cherry_picker on command line.
cherry_picker 04cc01453db2f0af72a06440831637f8bf512daf 3.11

serhiy-storchaka added a commit to serhiy-storchaka/cpython that referenced this pull request Aug 11, 2023
@serhiy-storchaka
[3.12] pythongh-106844: Fix issues in _winapi.LCMapStringEx (pythonGH…
21a0b8d 
…-107832)

* Strings with length from 2**31-1 to 2**32-2 always caused MemoryError,
   it doesn't matter how much memory is available.
* Strings with length exactly 2**32-1 caused OSError.
* Strings longer than 2**32-1 characters were truncated due to integer overflow bug.
* Strings containing the null character were truncated at the first null character.

Now strings longer than 2**31-1 characters caused OverflowError and the null character is allowed..
(cherry picked from commit 04cc014)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
@bedevere-bot
Copy link

bedevere-bot commented Aug 11, 2023

GH-107874 is a backport of this pull request to the 3.12 branch.

@bedevere-bot bedevere-bot removed the needs backport to 3.12 only security fixes label Aug 11, 2023
serhiy-storchaka added a commit to serhiy-storchaka/cpython that referenced this pull request Aug 11, 2023
@serhiy-storchaka
[3.11] pythongh-106844: Fix issues in _winapi.LCMapStringEx (pythonGH…
a1a91e7 
…-107832)

* Strings with length from 2**31-1 to 2**32-2 always caused MemoryError,
   it doesn't matter how much memory is available.
* Strings with length exactly 2**32-1 caused OSError.
* Strings longer than 2**32-1 characters were truncated due to integer overflow bug.
* Strings containing the null character were truncated at the first null character.

Now strings longer than 2**31-1 characters caused OverflowError and the null character is allowed..
(cherry picked from commit 04cc014)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
@bedevere-bot
Copy link

bedevere-bot commented Aug 11, 2023

GH-107875 is a backport of this pull request to the 3.11 branch.

@bedevere-bot bedevere-bot removed the needs backport to 3.11 only security fixes label Aug 11, 2023
@sobolevn
Copy link
Member

sobolevn commented Aug 11, 2023

Thanks for fixing this! 👍

serhiy-storchaka added a commit that referenced this pull request Aug 12, 2023
@serhiy-storchaka
[3.11] gh-106844: Fix issues in _winapi.LCMapStringEx (GH-107832) (GH…
ec254c5 
…-107875)

* Strings with length from 2**31-1 to 2**32-2 always caused MemoryError,
   it doesn't matter how much memory is available.
* Strings with length exactly 2**32-1 caused OSError.
* Strings longer than 2**32-1 characters were truncated due to integer overflow bug.

Now strings longer than 2**31-1 characters caused OverflowError.
(cherry picked from commit 04cc014)
@finnagin finnagin mentioned this pull request Aug 14, 2023
Merged
zooba pushed a commit to zooba/cpython that referenced this pull request Aug 15, 2023
@serhiy-storchaka @zooba
pythongh-106844: Fix issues in _winapi.LCMapStringEx (pythonGH-107832)
5d83c72 
* Strings with length from 2**31-1 to 2**32-2 always caused MemoryError,
   it doesn't matter how much memory is available.
* Strings with length exactly 2**32-1 caused OSError.
* Strings longer than 2**32-1 characters were truncated due to integer overflow bug.
* Strings containing the null character were truncated at the first null character.

Now strings longer than 2**31-1 characters caused OverflowError and the null character is allowed.
Yhg1s pushed a commit that referenced this pull request Aug 16, 2023
@serhiy-storchaka
[3.12] gh-106844: Fix issues in _winapi.LCMapStringEx (GH-107832) (#1…
b5176a8 
…07874)

* Strings with length from 2**31-1 to 2**32-2 always caused MemoryError,
   it doesn't matter how much memory is available.
* Strings with length exactly 2**32-1 caused OSError.
* Strings longer than 2**32-1 characters were truncated due to integer overflow bug.
* Strings containing the null character were truncated at the first null character.

Now strings longer than 2**31-1 characters caused OverflowError and the null character is allowed..
(cherry picked from commit 04cc014)
@serhiy-storchaka serhiy-storchaka removed their assignment Sep 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zooba zooba zooba approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@serhiy-storchaka @miss-islington @bedevere-bot @sobolevn @zooba