You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
assignee=Noneclosed_at=Nonecreated_at=<Date2021-04-30.08:42:01.576>labels= ['3.10', 'type-bug', '3.9', 'OS-windows', '3.11']
title='winreg.SetValueEx should check the returned value'updated_at=<Date2021-05-01.09:48:29.376>user='https://bugs.python.org/r3pwnx'
I'm changing this issue to a behavior bug. Many issues have the potential to be exploited as a security vulnerability in some contrived scenario, but the security issue type is for cases that have provably significant security implications, such as privilege escalation, which should be reported using the documented procedure . Registry keys are secured, and modifying system keys requires privileged access, so a bug that sets an incorrect value is not particularly exploitable. Anyone that can set a system value already has full control of the system.
The suggested fix is correct, except the C macro is FALSE, not False. I would simply cast to DWORD instead of unsigned long. Also, the REG_QWORD conversion has the same problem with not checking for an overflow after calling PyLong_AsUnsignedLongLong().