Eryk Sun <eryk...@gmail.com> added the comment:
I'm changing this issue to a behavior bug. Many issues have the potential to be exploited as a security vulnerability in some contrived scenario, but the security issue type is for cases that have provably significant security implications, such as privilege escalation, which should be reported using the documented procedure [1]. Registry keys are secured, and modifying system keys requires privileged access, so a bug that sets an incorrect value is not particularly exploitable. Anyone that can set a system value already has full control of the system. The suggested fix is correct, except the C macro is `FALSE`, not `False`. I would simply cast to DWORD instead of `unsigned long`. Also, the REG_QWORD conversion has the same problem with not checking for an overflow after calling PyLong_AsUnsignedLongLong(). --- [1] https://www.python.org/dev/security ---------- components: +Windows -Library (Lib) nosy: +eryksun stage: -> needs patch title: [security] winreg.SetValueEx should check the returned value -> winreg.SetValueEx should check the returned value type: security -> behavior versions: +Python 3.10, Python 3.11 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue43984> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
