Message 248219 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	tom.pohl
Recipients	docs@python, eryksun, tom.pohl
Date	2015-08-07.19:41:54
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1438976514.93.0.0624641056926.issue24823@psf.upfronthosting.co.za>
In-reply-to

Content
I agree: not every buffer is null-terminated. But the function name suggests that it creates a _string_ buffer which will most likely be used as an input to a C function. There, it can easily trigger a buffer overflow without a null termination which can be considered a severe security risk.

I agree: not every buffer is null-terminated.

But the function name suggests that it creates a _string_ buffer which will most likely be used as an input to a C function. There, it can easily trigger a buffer overflow without a null termination which can be considered a severe security risk.

History
Date	User	Action	Args
2015-08-07 19:41:55	tom.pohl	set	recipients: + tom.pohl, docs@python, eryksun
2015-08-07 19:41:54	tom.pohl	set	messageid: <1438976514.93.0.0624641056926.issue24823@psf.upfronthosting.co.za>
2015-08-07 19:41:54	tom.pohl	link	issue24823 messages
2015-08-07 19:41:54	tom.pohl	create