Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/1999-November/001248.html below:

[Python-Dev] PyErr_Format security note

• Previous message: [Python-Dev] PyErr_Format security note
• Next message: [Python-Dev] PyErr_Format security note
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

M.-A. Lemburg writes:
>Ouch, yes, you are right... but who could exploit this security
>hole ? Since PyErr_Format() is only reachable for C code, only
>bad programming style in extensions could make it exploitable
>via user input.

99% of security holes arise out of carelessness, and besides, this
buffer size doesn't seem to be documented in either api.tex or
ext.tex.  I'll look into borrowing Apache's implementation and
modifying it into a varargs form.

-- 
A.M. Kuchling			http://starship.python.net/crew/amk/
I can also withstand considerably more G-force than most people, even though I
do say so myself.
    -- The Doctor, in "The Ambassadors of Death"

• Previous message: [Python-Dev] PyErr_Format security note
• Next message: [Python-Dev] PyErr_Format security note
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4