> On Tue, Feb 9, 2010 at 11:55 PM, "Martin v. Löwis" <martin at v.loewis.de> wrote: >>> Le Tue, 09 Feb 2010 12:16:15 +0200, anatoly techtonik a écrit : >>>> I've noticed a couple of issues that 100% crash Python 2.6.4 like this >>>> one - http://bugs.python.org/issue6608 Is it ok to release new versions >>>> that are known to crash? >>> I've changed this issue to release blocker. What are the other issues? >> For a bug fix release, it should (IMO) be a release blocker *only* if >> this is a regression in the branch or some recent bug fix release over >> some earlier bug fix release. > > Is it possible to make exploits out of crashers? It depends on the specific crasher. In Python, it depends on the application as well. In the specific issue you mentioned, it doesn't crash because of a memory overwrite, but because of a deliberate process shutdown in the C runtime. So you can't construct arbitrary code execution out of that. Regards, Martin
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4