From ff2b21991558cc8b38a527b106e4a68e248b980a Mon Sep 17 00:00:00 2001 From: katsuhisa yuasa Date: Mon, 10 Oct 2022 20:49:23 +0900 Subject: [PATCH] use PyUnicode_AsUTF8AndSize instead of PyUnicode_AsUTF8 so that vulnerable strlen can be avoided explicitly cast function pointer to void* before copying it to void* type variable --- sakura_core/macro/CPythonMacroManager.cpp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/sakura_core/macro/CPythonMacroManager.cpp b/sakura_core/macro/CPythonMacroManager.cpp index 0f32a27950..d98c95c910 100644 --- a/sakura_core/macro/CPythonMacroManager.cpp +++ b/sakura_core/macro/CPythonMacroManager.cpp @@ -856,8 +856,9 @@ PyObject* handleFunction(PyObject* self, PyObject* args) ::VariantInit(&vtArgs[i]); if (varType == VT_BSTR) { - const char* str = PyUnicode_AsUTF8(arg); - SysString S(str, (int)strlen(str)); + Py_ssize_t sz = 0; + const char* str = PyUnicode_AsUTF8AndSize(arg, &sz); + SysString S(str, (int)sz); Wrap(&vtArgs[i])->Receive(S); }else if (varType == VT_I4) { vtArgs[i].vt = VT_I4; @@ -930,7 +931,7 @@ bool CPythonMacroManager::ExecKeyMacro(CEditView *EditView, int flags) const for (size_t i = 0; i < _countof(symbols); ++i) { auto& s = symbols[i]; auto sym = ::GetProcAddress(s_hModule, s.name); - *(void**)s.ptr = sym; + *(void**)s.ptr = (void*)sym; } if (PyImport_AppendInittab("SakuraEditor", PyInit_SakuraEditor) == -1) {