Message 125841 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	amaury.forgeotdarc, belopolsky, eric.smith, vstinner
Date	2011-01-09.12:52:07
SpamBayes Score	2.1721714e-06
Marked as misclassified	No
Message-id	<1294577532.47.0.104678434485.issue10833@psf.upfronthosting.co.za>
In-reply-to

Content
> I am concerned about conditions that are impossible in a valid > program. However, if you have a buffer overflow that trashes your > tp_name pointer so that it suddenly resolves to a binary code section, Yes, %.100s may avoid a crash after the buffer overflow on the string formatting, but it may quickly crash on another instruction. I don't think that you should limit the error message length to protect Python against buffer overflow. A buffer overflow can corrupt everything, and we should fix the buffer overflow instead :-) > you will need all help you can get to find the bug. You have debuggers like gdb for that.

> I am concerned about conditions that are impossible in a valid
> program.  However, if you have a buffer overflow that trashes your
> tp_name pointer so that it suddenly resolves to a binary code section,

Yes, %.100s may avoid a crash after the buffer overflow on the string formatting, but it may quickly crash on another instruction. I don't think that you should limit the error message length to protect Python against buffer overflow. A buffer overflow can corrupt everything, and we should fix the buffer overflow instead :-)

> you will need all help you can get to find the bug.

You have debuggers like gdb for that.

History
Date	User	Action	Args
2011-01-09 12:52:12	vstinner	set	recipients: + vstinner, amaury.forgeotdarc, belopolsky, eric.smith
2011-01-09 12:52:12	vstinner	set	messageid: <1294577532.47.0.104678434485.issue10833@psf.upfronthosting.co.za>
2011-01-09 12:52:07	vstinner	link	issue10833 messages
2011-01-09 12:52:07	vstinner	create