[Python-Dev] sprintf() usage (Re: mysnprintf broken)

[M.-A. Lemburg]

Grepping through the Python source code there are 191
usages of sprintf() -- shouldn't these be modified to
use PyOS_snprintf() instead ?

Python/getargs.c would be a particularly important case
to fix, since the sprintf()s in there are not protected
against buffer overflows -- it seems that long function 
names could be used to exploit this, e.g. in multi-user
environments like Zope to obtain admin priviledges.

-- 
Marc-Andre Lemburg
CEO eGenix.com Software GmbH
______________________________________________________________________
Consulting & Company:                           http://www.egenix.com/
Python Software:                        http://www.lemburg.com/python/