STINNER Victor <vstin...@redhat.com> added the comment:
> In Modules/socketmodule.c , the bluetooth address supplied is vulnerable to > integer overflow. Attached PR 12864 modifies the following code: unsigned int b0, b1, b2, b3, b4, b5; char ch; int n; n = sscanf(name, "%X:%X:%X:%X:%X:%X%c", &b5, &b4, &b3, &b2, &b1, &b0, &ch); Can someone please elaborate how this code can trigger an integer overflow? What is the consequence of an integer overflow? Does Python crash? ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue18564> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
