Steve Dower added the comment: Having now read over this whole issue, I don't actually see where the security vulnerability is (on Windows at least).
This is a user-mode read, so it can only access memory in the same process, and it doesn't display it anywhere. The worst that can happen is that it hits an unreadable page and crashes, which falls under "undefined behaviour due to invalid input". I think we should just revert the patch completely. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue24917> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
