Author vstinner
Recipients Arfrever, cheryl.sabella, maker, neologix, pitrou, vstinner
Date 2019-04-17.17:00:09
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
> In Modules/socketmodule.c , the bluetooth address supplied is vulnerable to integer overflow.

Attached PR 12864 modifies the following code:

  unsigned int b0, b1, b2, b3, b4, b5;
  char ch;
  int n;
  n = sscanf(name, "%X:%X:%X:%X:%X:%X%c", &b5, &b4, &b3, &b2, &b1, &b0, &ch);

Can someone please elaborate how this code can trigger an integer overflow? What is the consequence of an integer overflow? Does Python crash?
Date User Action Args
2019-04-17 17:00:09vstinnersetrecipients: + vstinner, pitrou, Arfrever, neologix, maker, cheryl.sabella
2019-04-17 17:00:09vstinnersetmessageid: <>
2019-04-17 17:00:09vstinnerlinkissue18564 messages
2019-04-17 17:00:09vstinnercreate