New submission from Kevin Phillips:
I recently exploited a subtle bug with the msilib module's GetProperty method
on the SummaryInformation class. When retrieving string-typed properties from
the stream the last character in the string gets truncated, replaced by a
null-byte.
I am using Python v3.2.5 64bit on Windows 7, and I've managed to reproduce the
error with the following code snippet:
filename = "sample.msp"
patch_database = msilib.OpenDatabase(filename, msilib.MSIDBOPEN_READONLY |
msilib.MSIDBOPEN_PATCHFILE)
summary_info = patch_database.GetSummaryInformation(20)
print (summary_info.GetProperty(msilib.PID_REVNUMBER))
The PID_REVNUMBER returns the patch-GUID for the Windows Installer patch file.
In this example the GUID is returned properly however the character string is
supposed to be delimited by curly braces - { }. Examination of the returned
byte array shows that the leading curly brace is included by the final curly
brace is not. Closer examination also shows that the last character in the byte
array is \x00.
While it is possible, in this situation, to circumvent the bug by simply
removing the trailing bytes and replacing them with a closing curly brace, this
may not be so easy to work around for general character strings if the last
character in the sequence is not static. As such I'd highly recommend fixing
this in the source for the msilib module.
----------
components: Library (Lib), Windows
messages: 226789
nosy: Kevin.Phillips
priority: normal
severity: normal
status: open
title: MSILIB truncates last character in summary information stream
type: behavior
versions: Python 3.2
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue22391>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
