[Patches] [ python-Patches-1428655 ] Use snprintf for static buffers
SourceForge.net
noreply at sourceforge.net
Mon Feb 13 20:13:10 CET 2006
Patches item #1428655, was opened at 2006-02-09 22:35
Message generated for change (Comment added) made by calvin
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1428655&group_id=5470
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core (C code)
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Wummel (calvin)
Assigned to: Nobody/Anonymous (nobody)
Summary: Use snprintf for static buffers
Initial Comment:
Hi,
there are some uses of sprintf in the Python C code.
Unfortunately sprintf is known to cause buffer
overruns. To prevent this I have written a patch that
replaces sprintf with snprintf. To be on the safe side
(and since I don't know much of the C code internals) I
only changed static buffers, where the sizeof()
operator is known to work.
The patch is against SVN 42293, and tested on a i386
Debian Linux system.
----------------------------------------------------------------------
>Comment By: Wummel (calvin)
Date: 2006-02-13 20:13
Message:
Logged In: YES
user_id=9205
The snprintf had implementations which did not
null-terminate the buffer if it was too small. I detected
that Python itself has a wrapper function defined for that
reason: PyOS_snprintf.
I will attach a patch in the next days that makes use of
PyOS_snprintf, which should remove the trailing null-byte lines.
I noted that none of the calls of both sprintf and
PyOS_snprintf actually check the return code. But I found
out that Guido does not care, as said in this message:
http://permalink.gmane.org/gmane.comp.python.devel/33591
----------------------------------------------------------------------
Comment By: Martin v. Löwis (loewis)
Date: 2006-02-10 20:51
Message:
Logged In: YES
user_id=21627
The patch has several problems:
1. It is unnecessary. The print calls actually *cannot*
cause buffer overruns, because in all cases, the buffers are
large enough.
2. The insertion of a trailing null-byte is unnecessary:
snprintf will already add that byte, even if it runs out of
space.
The first argument could be discarded, since using snprintf
can be considered as improving maintainability; point 2
actually decreases maintainability.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1428655&group_id=5470
More information about the Patches
mailing list