Message232692
I'd also like to add that, although I agree with Guido van Rossum that the likelihood of even triggering this bug in a general programming context is low, there are two buffer overflows at play here (one stack-based and one heap-based), and given an adversary's control over the format and vargs parameters, I'd there is a reasonable likelihood of exploiting it to execute arbitrary code, since the one controlling the parameters has some control as to which bytes end up where outside buffer boundaries. |
|
Date |
User |
Action |
Args |
2014-12-16 00:39:58 | Guido | set | recipients:
+ Guido, gvanrossum, georg.brandl, vstinner, serhiy.storchaka |
2014-12-16 00:39:58 | Guido | set | messageid: <1418690398.53.0.216616576171.issue23055@psf.upfronthosting.co.za> |
2014-12-16 00:39:58 | Guido | link | issue23055 messages |
2014-12-16 00:39:58 | Guido | create | |
|