[issue2591] ErrorHandler buffer overflow in ?unused? SGI extension module almodule.c
Justin Ferguson
report at bugs.python.org
Tue Apr 8 18:13:33 CEST 2008
New submission from Justin Ferguson <justin.ferguson at ioactive.com>:
I don't think any of these SGI modules even get used, but they're really
buggy-- you guys might want to consider just dropping them all together.
When printing errors larger than 128 bytes a stack based overflow occurs.
44 static void
45 ErrorHandler(long code, const char *fmt, ...)
46 {
47 va_list args;
48 char buf[128];
49
50 va_start(args, fmt);
51 vsprintf(buf, fmt, args);
52 va_end(args);
53 PyErr_SetString(ErrorObject, buf);
54 }
----------
components: Extension Modules
messages: 65180
nosy: jnferguson
severity: normal
status: open
title: ErrorHandler buffer overflow in ?unused? SGI extension module almodule.c
type: security
versions: Python 2.5
__________________________________
Tracker <report at bugs.python.org>
<http://bugs.python.org/issue2591>
__________________________________
More information about the Python-bugs-list
mailing list