[issue2591] ErrorHandler buffer overflow in ?unused? SGI extension module almodule.c

[Guido van Rossum]

Guido van Rossum gu...@python.org added the comment:

(Almost) nobody uses these any more, so let's close as won't fix.  The
SGI modules are removed from 3.0.  The few people who still have Irix
could probably care less about the buffer overflows, but they *might*
care about the modules (otherwise they wouldn't be on Irix :-).

--
nosy: +gvanrossum
resolution:  - wont fix
status: open - closed

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue2591
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue2591] ErrorHandler buffer overflow in ?unused? SGI extension module almodule.c

[Justin Ferguson]

New submission from Justin Ferguson [EMAIL PROTECTED]:

I don't think any of these SGI modules even get used, but they're really
buggy-- you guys might want to consider just dropping them all together.

When printing errors larger than 128 bytes a stack based overflow occurs.

  44 static void
  45 ErrorHandler(long code, const char *fmt, ...)
  46 {
  47 va_list args;
  48 char buf[128];
  49 
  50 va_start(args, fmt);
  51 vsprintf(buf, fmt, args);
  52 va_end(args);
  53 PyErr_SetString(ErrorObject, buf);
  54 }

--
components: Extension Modules
messages: 65180
nosy: jnferguson
severity: normal
status: open
title: ErrorHandler buffer overflow in ?unused? SGI extension module almodule.c
type: security
versions: Python 2.5

__
Tracker [EMAIL PROTECTED]
http://bugs.python.org/issue2591
__
___
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com