On Fri, Jun 26, 2015 at 7:21 PM, Chris Angelico <ros...@gmail.com> wrote: > On Sat, Jun 27, 2015 at 6:09 AM, Randall Smith <rand...@tnr.cc> wrote: >> Give me one plausible scenario where an attacker can cause malware to hit >> the disk after bytearray.translate with a 256 byte translation table and >> I'll be thankful to you. > > The entire 256-byte translation table is significant ONLY if you need > all 256 possible bytes. Suppose I want to generate the following byte > sequence: > > "\xCD\x19" > > (Okay, this is a slightly oversimplified example, as this attack > doesn't work on a modern Windows. But back in the days of DOS, this > program would reboot your computer.)
Nice! When I suggested the possibility of a two byte value malicious payload, I thought it an extreme example of the hypothetical attack. I didn't expect that somebody might actually produce one. -- https://mail.python.org/mailman/listinfo/python-list