Message170373
Coverity has found a buffer overrun in wcstombs_errorpos() defined at
http://hg.python.org/cpython/file/25e41fdc4e60/Objects/unicodeobject.c#l3237
Message:
CID 719672: Out-of-bounds access (OVERRUN)At (2): Overrunning array "buf" of 2 4-byte elements by passing it to a function which accesses it at element index 15 (byte offset 60) using argument "16UL".
On a 64bit Linux system SIZE_OF_WCHAR_T is 4 and MB_LEN_MAX 16. In this constellation buf is 8 bytes long (wchar_t[2]) but outbuf has a size of 16 bytes. This causes a buffer overrun in wcstombs(outbuf, buf, sizeof(outbuf)). |
|
Date |
User |
Action |
Args |
2012-09-12 12:37:02 | christian.heimes | set | recipients:
+ christian.heimes, vstinner |
2012-09-12 12:37:02 | christian.heimes | set | messageid: <1347453422.44.0.810518034926.issue15930@psf.upfronthosting.co.za> |
2012-09-12 12:36:41 | christian.heimes | link | issue15930 messages |
2012-09-12 12:36:40 | christian.heimes | create | |
|