]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bd1ada6) | patch
gh-139283: correctly handle `size` limit in `cursor.fetchmany()` (#139296)
authorBénédikt Tran <10796600+picnixz@users.noreply.github.com>
Tue, 30 Sep 2025 09:18:55 +0000 (11:18 +0200)
committerGitHub <noreply@github.com>
Tue, 30 Sep 2025 09:18:55 +0000 (11:18 +0200)
commitbc172ee8307431caf4c89612e9e454081635191f
treed178b596fdd1d52bf0ad1d1a5794a368e29a33fbtree | snapshot
parentbd1ada6df35f29069fc478ce3b0fee3372df075acommit | diff
gh-139283: correctly handle `size` limit in `cursor.fetchmany()` (#139296)

Passing a negative or zero size to `cursor.fetchmany()` made it fetch all rows
instead of none.

While this could be considered a security vulnerability, it was decided to treat
this issue as a regular bug as passing a non-sanitized *size* value in the first
place is not recommended.
Doc/library/sqlite3.rst diff | blob | blame | history
Lib/test/test_sqlite3/test_dbapi.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2025-09-24-13-39-56.gh-issue-139283.jODz_q.rst [new file with mode: 0644] blob
Modules/_sqlite/clinic/cursor.c.h diff | blob | blame | history
Modules/_sqlite/cursor.c diff | blob | blame | history
Modules/_sqlite/cursor.h diff | blob | blame | history
Mirror of https://github.com/python/cpython.git