]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a1a5a89) | patch
Backport of SF patch 590294: os._execvpe security fix (Zack Weinberg).
authorGuido van Rossum <guido@python.org>
Thu, 8 Aug 2002 19:46:52 +0000 (19:46 +0000)
committerGuido van Rossum <guido@python.org>
Thu, 8 Aug 2002 19:46:52 +0000 (19:46 +0000)
commitd31a8036fe416bfd68cb4da99db7ffaca2041420
treee704f9d8c4ab97d69cb440a03414bd2ce1dbfbf6tree | snapshot
parenta1a5a89b48177808e82b3858c6b4fa9afdf1c10bcommit | diff
Backport of SF patch 590294: os._execvpe security fix (Zack Weinberg).

1) Do not attempt to exec a file which does not exist
just to find out what error the operating system
returns. This is an exploitable race on all platforms
that support symbolic links.

2) Immediately re-raise the exception if we get an
error other than errno.ENOENT or errno.ENOTDIR. This
may need to be adapted for other platforms.
Lib/os.py diff | blob | blame | history
Mirror of https://github.com/python/cpython.git