[Python-Dev] PyErr_Format security note
Andrew M. Kuchling
akuchlin@mems-exchange.org
Mon, 15 Nov 1999 10:17:58 -0500 (EST)
M.-A. Lemburg writes:
>Ouch, yes, you are right... but who could exploit this security
>hole ? Since PyErr_Format() is only reachable for C code, only
>bad programming style in extensions could make it exploitable
>via user input.
99% of security holes arise out of carelessness, and besides, this
buffer size doesn't seem to be documented in either api.tex or
ext.tex. I'll look into borrowing Apache's implementation and
modifying it into a varargs form.
--
A.M. Kuchling http://starship.python.net/crew/amk/
I can also withstand considerably more G-force than most people, even though I
do say so myself.
-- The Doctor, in "The Ambassadors of Death"