]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: be8f3a6) | patch
[3.13] gh-139283: correctly handle `size` limit in `cursor.fetchmany()` (GH-139296...
authorBénédikt Tran <10796600+picnixz@users.noreply.github.com>
Tue, 7 Oct 2025 11:33:40 +0000 (13:33 +0200)
committerGitHub <noreply@github.com>
Tue, 7 Oct 2025 11:33:40 +0000 (13:33 +0200)
commit7bb51bd5bef5b27d5619c11cb51686ebe22726db
tree716c2bbeacefa86474cc80cd0876c5c6424d88eatree | snapshot
parentbe8f3a68f4df6251ae6b9b8e965861686a8909f1commit | diff
[3.13] gh-139283: correctly handle `size` limit in `cursor.fetchmany()` (GH-139296) (#139444)

Passing a negative or zero size to `cursor.fetchmany()` made it fetch all rows
instead of none.

While this could be considered a security vulnerability, it was decided to treat
this issue as a regular bug as passing a non-sanitized *size* value in the first
place is not recommended.
(cherry picked from commit bc172ee8307431caf4c89612e9e454081635191f)
Doc/library/sqlite3.rst diff | blob | blame | history
Lib/test/test_sqlite3/test_dbapi.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2025-09-24-13-39-56.gh-issue-139283.jODz_q.rst [new file with mode: 0644] blob
Modules/_sqlite/clinic/cursor.c.h diff | blob | blame | history
Modules/_sqlite/cursor.c diff | blob | blame | history
Modules/_sqlite/cursor.h diff | blob | blame | history
Mirror of https://github.com/python/cpython.git