Patches item #1428655, was opened at 2006-02-09 22:35 Message generated for change (Comment added) made by calvin You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1428655&group_id=5470
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core (C code) Group: None Status: Open Resolution: None Priority: 5 Submitted By: Wummel (calvin) Assigned to: Nobody/Anonymous (nobody) >Summary: Use PyOS_snprintf for static buffers Initial Comment: Hi, there are some uses of sprintf in the Python C code. Unfortunately sprintf is known to cause buffer overruns. To prevent this I have written a patch that replaces sprintf with snprintf. To be on the safe side (and since I don't know much of the C code internals) I only changed static buffers, where the sizeof() operator is known to work. The patch is against SVN 42293, and tested on a i386 Debian Linux system. ---------------------------------------------------------------------- >Comment By: Wummel (calvin) Date: 2006-02-14 22:27 Message: Logged In: YES user_id=9205 I added an updated patch that uses PyOS_snprintf, and only in places where the Python headers are included. ---------------------------------------------------------------------- Comment By: Wummel (calvin) Date: 2006-02-13 20:13 Message: Logged In: YES user_id=9205 The snprintf had implementations which did not null-terminate the buffer if it was too small. I detected that Python itself has a wrapper function defined for that reason: PyOS_snprintf. I will attach a patch in the next days that makes use of PyOS_snprintf, which should remove the trailing null-byte lines. I noted that none of the calls of both sprintf and PyOS_snprintf actually check the return code. But I found out that Guido does not care, as said in this message: http://permalink.gmane.org/gmane.comp.python.devel/33591 ---------------------------------------------------------------------- Comment By: Martin v. Löwis (loewis) Date: 2006-02-10 20:51 Message: Logged In: YES user_id=21627 The patch has several problems: 1. It is unnecessary. The print calls actually *cannot* cause buffer overruns, because in all cases, the buffers are large enough. 2. The insertion of a trailing null-byte is unnecessary: snprintf will already add that byte, even if it runs out of space. The first argument could be discarded, since using snprintf can be considered as improving maintainability; point 2 actually decreases maintainability. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1428655&group_id=5470 _______________________________________________ Patches mailing list [email protected] http://mail.python.org/mailman/listinfo/patches
