Patches item #1200134, was opened at 2005-05-11 16:15 Message generated for change (Comment added) made by akuchling You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1200134&group_id=5470
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Modules Group: Python 2.4 >Status: Closed >Resolution: Fixed Priority: 5 Submitted By: Jan Michael H�lsbergen (avu) Assigned to: A.M. Kuchling (akuchling) Summary: buffer overflow in _cursesmodule.c Initial Comment: In PyCursesWindow_GetStr(), a buffer with a fixed size of 1024 byte is used for reading the input from the user. This leads to a buffer overflow. If the user does not provide a limit to win.getstr(), wgetstr() is used, enforcing no limit at all, if the user provides a limit, it can be greater than 1024, leading to the same problem. My Patch replaces the buffer with a dynamicly allocated one, if the user does not provide a limit the maximum still is 1024. ---------------------------------------------------------------------- >Comment By: A.M. Kuchling (akuchling) Date: 2005-06-09 13:56 Message: Logged In: YES user_id=11375 Fixed on both CVS HEAD and 2.4-maint branches. Thanks for reporting this and for providing a fix. I simply constrained the results to fit within the 1024-byte buffer. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1200134&group_id=5470 _______________________________________________ Patches mailing list [email protected] http://mail.python.org/mailman/listinfo/patches
