> All but one (checked them all): Thanks for checking. > In ceval.c, function call_builtin, there is a possible security hole. > If an extension module happens to create a very long type name > (maybe just via a bug), we will crash. > > } > PyErr_Format(PyExc_TypeError, "call of non-function (type %s)", > func->ob_type->tp_name); > return NULL; > } I would think that an extension module with a name of nearly 500 characters would draw a lot of attention as being ridiculous. If there was a bug through which you could make tp_name point to such a long string, you could probably exploit that bug without having to use this particular PyErr_Format() statement. However, I agree it's better to be safe than sorry, so I've checked in a fix making it %.400s. --Guido van Rossum (home page: http://www.python.org/~guido/)
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4