Patches item #1200134, was opened at 2005-05-11 16:15 Message generated for change (Settings changed) made by akuchling You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1200134&group_id=5470
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Modules Group: Python 2.4 Status: Open Resolution: None Priority: 5 Submitted By: Jan Michael H�lsbergen (avu) >Assigned to: A.M. Kuchling (akuchling) Summary: buffer overflow in _cursesmodule.c Initial Comment: In PyCursesWindow_GetStr(), a buffer with a fixed size of 1024 byte is used for reading the input from the user. This leads to a buffer overflow. If the user does not provide a limit to win.getstr(), wgetstr() is used, enforcing no limit at all, if the user provides a limit, it can be greater than 1024, leading to the same problem. My Patch replaces the buffer with a dynamicly allocated one, if the user does not provide a limit the maximum still is 1024. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1200134&group_id=5470 _______________________________________________ Patches mailing list [email protected] http://mail.python.org/mailman/listinfo/patches
