[Bf-committers] [Patch]Solving security issues CVE-2008-1103 (partialy) and CVE-2008-4083
Campbell Barton
ideasman42 at gmail.com
Wed Jan 20 20:39:54 CET 2010
Committed this...
sys.path[:] = filter(None, sys.path)
Note that this filters out anything that is evaluated as False. in
this case an empty string acts like ".", come to think of it, shouldnt
"." get filtered out also?
On Wed, Jan 20, 2010 at 8:27 PM, Jochen Schmitt <Jochen at herr-schmitt.de> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Am 20.01.2010 20:11, schrieb Campbell Barton:
>
>>>>> filter(None, sys.path)
>> <filter object at 0x4ca4eb0>
>>
>> Can write this differently in the bpy __init__.py file
>
> OK, regarding of
>
> http://diveintopython3.org/porting-code-to-python-3-with-2to3.html#filter
>
> it should be:
>
> PyRun_SimpleString("import sys; sys.path = [for i in sys.path if i]");
>
> A modified version of the patch is attached on this mail.
>
> Best Regards:
>
> Jochen Schmitt
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
>
> iJwEAQECAAYFAktXWTIACgkQZLAIBz9lVu/3dAP/R6y8Kkm91Odhc3FmoIY7IZKC
> WC7P+Fh5zJQxkkm3cas4XwZXM4Ov9ChXibiRf7/TaYi4/+WFIGuQedOFVkW84Eur
> OTLGERtKPhu111SbQ/8EkGZW5oxetENul7+AdA8d++cv73NjiwlivMQcM7V+zduZ
> YoOl9whJTVblXifUd1c=
> =2+f1
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers
>
>
--
- Campbell
More information about the Bf-committers
mailing list