PyObject_CallObject code dump after calling 4 times
Fredrik Lundh
fredrik at pythonware.com
Fri Jan 4 04:17:01 EST 2008
grbgooglefan wrote:
> char* plevel = NULL;
> if(NULL != (plevel = PyString_AsString(pResult))){
> ret = 0;
> strncpy(szEvalResult,plevel,strlen(plevel));
strncpy doesn't check the size of the target buffer, so that's no
different from just doing strcpy(szEvalResult, plevel). or in other
words, it's still trivial to crash your program simply by returning
too much data from the Python code.
</F>
More information about the Python-list
mailing list