more thorough unicode tainting

Author: zeldovich

Include/unicodeobject.h

@@ -472,9 +472,10 @@ PyAPI_FUNC(PyObject*) PyUnicode_FromUnicodeT(
     const Py_UNICODE *u, Py_ssize_t size, PyObject *taint);
 
 /* Similar to PyUnicode_FromUnicode(), but u points to Latin-1 encoded bytes */
-PyAPI_FUNC(PyObject*) PyUnicode_FromStringAndSize(
+PyAPI_FUNC(PyObject*) PyUnicode_FromStringAndSizeT(
     const char *u,        /* char buffer */
-    Py_ssize_t size       /* size of buffer */
+    Py_ssize_t size,       /* size of buffer */
+    PyObject *taint
     );
 
 /* Similar to PyUnicode_FromUnicode(), but u points to null-terminated
@@ -679,6 +680,7 @@ PyAPI_FUNC(int) PyUnicode_SetDefaultEncoding(
 PyAPI_FUNC(PyObject*) PyUnicode_Decode(
     const char *s,              /* encoded string */
     Py_ssize_t size,            /* size of buffer */
+    PyObject *taint,
     const char *encoding,       /* encoding */
     const char *errors          /* error handling */
     );
@@ -689,6 +691,7 @@ PyAPI_FUNC(PyObject*) PyUnicode_Decode(
 PyAPI_FUNC(PyObject*) PyUnicode_Encode(
     const Py_UNICODE *s,        /* Unicode char buffer */
     Py_ssize_t size,            /* number of Py_UNICODE chars to encode */
+    PyObject *taint,
     const char *encoding,       /* encoding */
     const char *errors          /* error handling */
     );
@@ -721,19 +724,22 @@ PyAPI_FUNC(PyObject*) PyUnicode_BuildEncodingMap(
 PyAPI_FUNC(PyObject*) PyUnicode_DecodeUTF7(
     const char *string, 	/* UTF-7 encoded string */
     Py_ssize_t length,	 	/* size of string */
+    PyObject *taint,
     const char *errors		/* error handling */
     );
 
 PyAPI_FUNC(PyObject*) PyUnicode_DecodeUTF7Stateful(
     const char *string, 	/* UTF-7 encoded string */
     Py_ssize_t length,	 	/* size of string */
+    PyObject *taint,
     const char *errors,		/* error handling */
     Py_ssize_t *consumed	/* bytes consumed */
     );
 
 PyAPI_FUNC(PyObject*) PyUnicode_EncodeUTF7(
     const Py_UNICODE *data, 	/* Unicode char buffer */
     Py_ssize_t length,	 		/* number of Py_UNICODE chars to encode */
+    PyObject *taint,
     int encodeSetO,             /* force the encoder to encode characters in
                                    Set O, as described in RFC2152 */
     int encodeWhiteSpace,       /* force the encoder to encode space, tab,
@@ -974,6 +980,7 @@ PyObject *_PyUnicode_DecodeUnicodeInternal(
 PyAPI_FUNC(PyObject*) PyUnicode_DecodeLatin1(
     const char *string, 	/* Latin-1 encoded string */
     Py_ssize_t length,	 	/* size of string */
+    PyObject *taint,
     const char *errors		/* error handling */
     );
 
@@ -997,6 +1004,7 @@ PyAPI_FUNC(PyObject*) PyUnicode_EncodeLatin1(
 PyAPI_FUNC(PyObject*) PyUnicode_DecodeASCII(
     const char *string, 	/* ASCII encoded string */
     Py_ssize_t length,	 	/* size of string */
+    PyObject *taint,
     const char *errors		/* error handling */
     );
 
@@ -1036,6 +1044,7 @@ PyAPI_FUNC(PyObject*) PyUnicode_EncodeASCII(
 PyAPI_FUNC(PyObject*) PyUnicode_DecodeCharmap(
     const char *string, 	/* Encoded string */
     Py_ssize_t length,	 	/* size of string */
+    PyObject *taint,
     PyObject *mapping,		/* character mapping 
 				   (char ordinal -> unicode ordinal) */
     const char *errors		/* error handling */
@@ -1050,6 +1059,7 @@ PyAPI_FUNC(PyObject*) PyUnicode_AsCharmapString(
 PyAPI_FUNC(PyObject*) PyUnicode_EncodeCharmap(
     const Py_UNICODE *data, 	/* Unicode char buffer */
     Py_ssize_t length,	 	/* Number of Py_UNICODE chars to encode */
+    PyObject *taint,
     PyObject *mapping,		/* character mapping 
 				   (unicode ordinal -> char ordinal) */
     const char *errors		/* error handling */
@@ -1071,6 +1081,7 @@ PyAPI_FUNC(PyObject*) PyUnicode_EncodeCharmap(
 PyAPI_FUNC(PyObject *) PyUnicode_TranslateCharmap(
     const Py_UNICODE *data, 	/* Unicode char buffer */
     Py_ssize_t length,	 		/* Number of Py_UNICODE chars to encode */
+    PyObject *taint,
     PyObject *table,		/* Translate table */
     const char *errors		/* error handling */
     );

Modules/_codecsmodule.c

@@ -243,7 +243,7 @@ utf_7_decode(PyObject *self,
 	return NULL;
     consumed = pbuf.len;
 
-    decoded = PyUnicode_DecodeUTF7Stateful(pbuf.buf, pbuf.len, errors,
+    decoded = PyUnicode_DecodeUTF7Stateful(pbuf.buf, pbuf.len, 0, errors,
 					   final ? NULL : &consumed);
 	PyBuffer_Release(&pbuf);
     if (decoded == NULL)
@@ -526,7 +526,7 @@ latin_1_decode(PyObject *self,
 			  &pbuf, &errors))
 	return NULL;
 
-	unicode = PyUnicode_DecodeLatin1(pbuf.buf, pbuf.len, errors);
+	unicode = PyUnicode_DecodeLatin1(pbuf.buf, pbuf.len, 0, errors);
 	PyBuffer_Release(&pbuf);
 	return codec_tuple(unicode, pbuf.len);
 }
@@ -543,7 +543,7 @@ ascii_decode(PyObject *self,
 			  &pbuf, &errors))
 	return NULL;
 
-	unicode = PyUnicode_DecodeASCII(pbuf.buf, pbuf.len, errors);
+	unicode = PyUnicode_DecodeASCII(pbuf.buf, pbuf.len, 0, errors);
 	PyBuffer_Release(&pbuf);
 	return codec_tuple(unicode, pbuf.len);
 }
@@ -563,7 +563,7 @@ charmap_decode(PyObject *self,
     if (mapping == Py_None)
 	mapping = NULL;
 
-	unicode = PyUnicode_DecodeCharmap(pbuf.buf, pbuf.len, mapping, errors);
+	unicode = PyUnicode_DecodeCharmap(pbuf.buf, pbuf.len, 0, mapping, errors);
 	PyBuffer_Release(&pbuf);
 	return codec_tuple(unicode, pbuf.len);
 }
@@ -672,6 +672,7 @@ utf_7_encode(PyObject *self,
 	return NULL;
     v = codec_tuple(PyUnicode_EncodeUTF7(PyUnicode_AS_UNICODE(str),
 					 PyUnicode_GET_SIZE(str),
+					 PyUnicode_TAINT(str),
 					 0,
 					 0,
 					 errors),
@@ -968,6 +969,7 @@ charmap_encode(PyObject *self,
     v = codec_tuple(PyUnicode_EncodeCharmap(
 			       PyUnicode_AS_UNICODE(str),
 			       PyUnicode_GET_SIZE(str),
+			       PyUnicode_TAINT(str),
 			       mapping,
 			       errors),
 		    PyUnicode_GET_SIZE(str));

Modules/posixmodule.c

@@ -2035,7 +2035,7 @@ posix_getcwdu(PyObject *self, PyObject *noargs)
 	Py_END_ALLOW_THREADS
 	if (res == NULL)
 		return posix_error();
-	return PyUnicode_Decode(buf, strlen(buf), Py_FileSystemDefaultEncoding,"strict");
+	return PyUnicode_Decode(buf, strlen(buf), 0, Py_FileSystemDefaultEncoding,"strict");
 }
 #endif
 #endif

Objects/bytearrayobject.c

@@ -3094,7 +3094,7 @@ bytes_reduce(PyByteArrayObject *self)
     PyObject *latin1, *dict;
     if (self->ob_bytes)
         latin1 = PyUnicode_DecodeLatin1(self->ob_bytes,
-                                        Py_SIZE(self), NULL);
+                                        Py_SIZE(self), 0, NULL);
     else
         latin1 = PyUnicode_FromString("");
 

Objects/stringlib/string_format.h

@@ -133,12 +133,23 @@ output_extend(OutputString *output, Py_ssize_t count)
     1 for success.
 */
 static int
-output_data(OutputString *output, const STRINGLIB_CHAR *s, Py_ssize_t count)
+output_data(OutputString *output, const STRINGLIB_CHAR *s, Py_ssize_t count, PyObject *taint)
 {
     if ((count > output->end - output->ptr) && !output_extend(output, count))
         return 0;
     memcpy(output->ptr, s, count * sizeof(STRINGLIB_CHAR));
     output->ptr += count;
+
+    if (STRINGLIB_TAINT(output->obj) == 0 || STRINGLIB_TAINT(output->obj) == Py_None) {
+	STRINGLIB_TAINT(output->obj) = taint;
+    } else if (taint && taint != Py_None) {
+	PyObject *t = PyObject_CallMethodObjArgs(STRINGLIB_TAINT(output->obj), PyString_FromString("merge"), taint, 0);
+	if (!t)
+	    return 0;
+	Py_XDECREF(STRINGLIB_TAINT(output->obj));
+	STRINGLIB_TAINT(output->obj) = t;
+    }
+
     return 1;
 }
 
@@ -546,7 +557,7 @@ render_field(PyObject *fieldobj, SubString *format_spec, OutputString *output)
 #endif
 
     ok = output_data(output,
-                     STRINGLIB_STR(result), STRINGLIB_LEN(result));
+                     STRINGLIB_STR(result), STRINGLIB_LEN(result), STRINGLIB_TAINT(result));
 done:
     Py_XDECREF(format_spec_object);
     Py_XDECREF(result);
@@ -878,7 +889,7 @@ do_markup(SubString *input, PyObject *args, PyObject *kwargs,
     while ((result = MarkupIterator_next(&iter, &literal, &field_name,
                                          &format_spec, &conversion,
                                          &format_spec_needs_expanding)) == 2) {
-        if (!output_data(output, literal.ptr, literal.end - literal.ptr))
+        if (!output_data(output, literal.ptr, literal.end - literal.ptr, 0))
             return 0;
         if (field_name.ptr != field_name.end)
             if (!output_markup(&field_name, &format_spec,

Objects/stringlib/stringdefs.h

@@ -24,5 +24,6 @@
 #define STRINGLIB_CMP            memcmp
 #define STRINGLIB_TOSTR          PyObject_Str
 #define STRINGLIB_GROUPING       _PyString_InsertThousandsGrouping
+#define STRINGLIB_TAINT(o) (((PyStringObject *)o)->ob_taint)
 
 #endif /* !STRINGLIB_STRINGDEFS_H */

Objects/stringlib/unicodedefs.h

@@ -22,6 +22,7 @@
 #define STRINGLIB_RESIZE         PyUnicode_Resize
 #define STRINGLIB_CHECK          PyUnicode_Check
 #define STRINGLIB_GROUPING       _PyUnicode_InsertThousandsGrouping
+#define STRINGLIB_TAINT(o) (((PyUnicodeObject *) o)->ob_taint)
 
 #if PY_VERSION_HEX < 0x03000000
 #define STRINGLIB_TOSTR          PyObject_Unicode

Objects/stringobject.c

@@ -4966,6 +4966,22 @@ PyString_Format(PyObject *format, PyObject *args)
 					goto unicode;
 				}
 #endif
+				if (PyString_TAINT(temp) && PyString_TAINT(temp) != Py_None) {
+				    if (PyString_TAINT(result) && PyString_TAINT(result) != Py_None) {
+					PyObject *taint = PyObject_CallMethodObjArgs(PyString_TAINT(result), PyString_FromString("merge"), PyString_TAINT(temp), 0);
+					if (!temp) {
+					    Py_XDECREF(temp);
+					    goto error;
+					}
+					Py_XDECREF(PyString_TAINT(result));
+					((PyStringObject *) result)->ob_taint = taint;
+				    } else {
+					Py_XINCREF(PyString_TAINT(temp));
+					Py_XDECREF(PyString_TAINT(result));
+					((PyStringObject *) result)->ob_taint = PyString_TAINT(temp);
+				    }
+				}
+
 				/* Fall through */
 			case 'r':
 				if (c == 'r')
@@ -5205,7 +5221,7 @@ PyString_Format(PyObject *format, PyObject *args)
 		goto error;
 	fmtcnt = PyString_GET_SIZE(format) - \
 		 (fmt - PyString_AS_STRING(format));
-	format = PyUnicode_Decode(fmt, fmtcnt, NULL, NULL);
+	format = PyUnicode_Decode(fmt, fmtcnt, 0, NULL, NULL);
 	if (format == NULL)
 		goto error;
 	v = PyUnicode_Format(format, args);