Bugs item #1501223, was opened at 2006-06-05 13:45 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1501223&group_id=5470
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Windows Group: Python 2.5 Status: Open Resolution: None Priority: 5 Submitted By: Brett Cannon (bcannon) Assigned to: Nobody/Anonymous (nobody) Summary: Possible buffer overflow in Python/sysmodule.c Initial Comment: Line 1070 (along with lines 1075 and 1080) have sprintf() calls that store "cp%d" into a buffer that is 10 characters long. But an unsigned int could be 32 bits, which means 10 digits on its own. Add in the need for a null byte and the "cp" part and it would seem the buffer is 3 characters short. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1501223&group_id=5470 _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
