Message248219
I agree: not every buffer is null-terminated.
But the function name suggests that it creates a _string_ buffer which will most likely be used as an input to a C function. There, it can easily trigger a buffer overflow without a null termination which can be considered a severe security risk. |
|
Date |
User |
Action |
Args |
2015-08-07 19:41:55 | tom.pohl | set | recipients:
+ tom.pohl, docs@python, eryksun |
2015-08-07 19:41:54 | tom.pohl | set | messageid: <1438976514.93.0.0624641056926.issue24823@psf.upfronthosting.co.za> |
2015-08-07 19:41:54 | tom.pohl | link | issue24823 messages |
2015-08-07 19:41:54 | tom.pohl | create | |
|