[issue10833] Replace %.100s by %s in PyErr_Format(): the arbitrary limit of 500 bytes is outdated
STINNER Victor
report at bugs.python.org
Sun Jan 9 13:52:12 CET 2011
STINNER Victor <victor.stinner at haypocalc.com> added the comment:
> I am concerned about conditions that are impossible in a valid
> program. However, if you have a buffer overflow that trashes your
> tp_name pointer so that it suddenly resolves to a binary code section,
Yes, %.100s may avoid a crash after the buffer overflow on the string formatting, but it may quickly crash on another instruction. I don't think that you should limit the error message length to protect Python against buffer overflow. A buffer overflow can corrupt everything, and we should fix the buffer overflow instead :-)
> you will need all help you can get to find the bug.
You have debuggers like gdb for that.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue10833>
_______________________________________
More information about the Python-bugs-list
mailing list