[issue32757] Python 2.7 : Buffer Overflow vulnerability in exec() function

2018-03-15 Thread Serhiy Storchaka
Change by Serhiy Storchaka : -- type: security -> crash ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https:

[issue32757] Python 2.7 : Buffer Overflow vulnerability in exec() function

2018-03-15 Thread Serhiy Storchaka
Change by Serhiy Storchaka : -- resolution: -> wont fix stage: -> resolved status: open -> closed ___ Python tracker ___ ___ Python

[issue32757] Python 2.7 : Buffer Overflow vulnerability in exec() function

2018-02-10 Thread Serhiy Storchaka
Serhiy Storchaka added the comment: I was going to write that this issue was fixed in Python 3 and it was decided to not backport the fix to Python 2. This is mostly true. But unfortunately there is a similar way of crashing Python 3 (issue32758). This isn't a vulnerability. To exploit this b

[issue32757] Python 2.7 : Buffer Overflow vulnerability in exec() function

2018-02-09 Thread Terry J. Reedy
Terry J. Reedy added the comment: #32758 is about situations where stackoverflow *can* occur in 3.x. -- nosy: +serhiy.storchaka ___ Python tracker ___ _

[issue32757] Python 2.7 : Buffer Overflow vulnerability in exec() function

2018-02-09 Thread Terry J. Reedy
Terry J. Reedy added the comment: I am pretty sure that if one deletes the prefix 'exec(' and suffic ')' and just executes argument expression that has something on the order of 1 chr(nn) calls added together, one would get the same result. In other words, I believe that the outer exec a

[issue32757] Python 2.7 : Buffer Overflow vulnerability in exec() function

2018-02-03 Thread hadimene
hadimene added the comment: the comments lines are not needed ! -- ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscr

[issue32757] Python 2.7 : Buffer Overflow vulnerability in exec() function

2018-02-03 Thread hadimene
hadimene added the comment: Hello ! Thanks for the fast response but I tested and print() appears to be vulnerable too using chr() characters and yes the junk comments are useless ... -- Added file: https://bugs.python.org/file47423/poc-print.py __

[issue32757] Python 2.7 : Buffer Overflow vulnerability in exec() function

2018-02-03 Thread Josh Rosenberg
Josh Rosenberg added the comment: A server that exposes arbitrary exec's to user-submitted data can already be controlled. exec can do anything that Python can do, that's the whole point. Sure, crashing Python is bad, but it could also keep Python alive and start dumping the database to arbit

[issue32757] Python 2.7 : Buffer Overflow vulnerability in exec() function

2018-02-03 Thread hadimene
New submission from hadimene : Hello ! Recently while debugging my python code I discovered an stack-based Buffer overflow Vulnerability in Python 2.7 and lower versions . This vulnerability is caused by exec() builtin function when we create "recursive" function using exec() ... Example : We