Message 58560 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	gvanrossum
Recipients	donmez, gvanrossum
Date	2007-12-13.19:06:58
SpamBayes Score	0.07315752
Marked as misclassified	No
Message-id	<1197572819.29.0.0315098150692.issue1608@psf.upfronthosting.co.za>
In-reply-to

Content
Actually, looking at the sample code and the string_expandtabs() implementation it's clear what happened: the test for overflow on line 3318 or 3331 or 3339 must have been optimized out by GCC. This is very inconvenient because lots of buffer overflow protection uses similar code; this means that code that has been audited and fixed in the past will again be vulnerable after compilation by GCC 4.3. I'm going to ask Martin von Loewis to give an opinion on this. Thanks for bringing this up!

Actually, looking at the sample code and the string_expandtabs()
implementation it's clear what happened: the test for overflow on line
3318 or 3331 or 3339 must have been optimized out by GCC.

This is very inconvenient because lots of buffer overflow protection
uses similar code; this means that code that has been audited and fixed
in the past will again be vulnerable after compilation by GCC 4.3.

I'm going to ask Martin von Loewis to give an opinion on this.

Thanks for bringing this up!

History
Date	User	Action	Args
2007-12-13 19:06:59	gvanrossum	set	spambayes_score: 0.0731575 -> 0.07315752 recipients: + gvanrossum, donmez
2007-12-13 19:06:59	gvanrossum	set	spambayes_score: 0.0731575 -> 0.0731575 messageid: <1197572819.29.0.0315098150692.issue1608@psf.upfronthosting.co.za>
2007-12-13 19:06:59	gvanrossum	link	issue1608 messages
2007-12-13 19:06:58	gvanrossum	create