Patch #1638879: don't accept strings with embedded NUL bytes in long().

(backport from rev. 54173)

Lib/test/test_builtin.py

@@ -1017,6 +1017,11 @@ class BuiltinTest(unittest.TestCase):
         self.assertRaises(ValueError, long, '53', 40)
         self.assertRaises(TypeError, long, 1, 12)
 
+        # SF patch #1638879: embedded NULs were not detected with
+        # explicit base
+        self.assertRaises(ValueError, long, '123\0', 10)
+        self.assertRaises(ValueError, long, '123\x00 245', 20)
+
         self.assertEqual(long('100000000000000000000000000000000', 2),
                          4294967296)
         self.assertEqual(long('102002022201221111211', 3), 4294967296)

Misc/NEWS

@@ -12,6 +12,8 @@ What's New in Python 2.5.1c1?
 Core and builtins
 -----------------
 
+- Patch #1638879: don't accept strings with embedded NUL bytes in long().
+
 - Bug #1674503: close the file opened by execfile() in an error condition.
 
 - Patch #1674228: when assigning a slice (old-style), check for the

Objects/longobject.c

@@ -3287,8 +3287,25 @@ long_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
 		return PyLong_FromLong(0L);
 	if (base == -909)
 		return PyNumber_Long(x);
-	else if (PyString_Check(x))
+	else if (PyString_Check(x)) {
+		/* Since PyLong_FromString doesn't have a length parameter,
+		 * check here for possible NULs in the string. */
+		char *string = PyString_AS_STRING(x);
+		if (strlen(string) != PyString_Size(x)) {
+			/* create a repr() of the input string,
+			 * just like PyLong_FromString does. */
+			PyObject *srepr;
+			srepr = PyObject_Repr(x);
+			if (srepr == NULL)
+				return NULL;
+			PyErr_Format(PyExc_ValueError,
+			     "invalid literal for long() with base %d: %s",
+			     base, PyString_AS_STRING(srepr));
+			Py_DECREF(srepr);
+			return NULL;
+		}
 		return PyLong_FromString(PyString_AS_STRING(x), NULL, base);
+	}
 #ifdef Py_USING_UNICODE
 	else if (PyUnicode_Check(x))
 		return PyLong_FromUnicode(PyUnicode_AS_UNICODE(x),