➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2005-05-11 20:15 by avu, last changed 2022-04-11 14:56 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| _cursesmodule.c.patch | avu, 2005-05-11 20:15 | |||
| Messages (2) | |||
|---|---|---|---|
| msg48338 - (view) | Author: Jan Michael Hülsbergen (avu) | Date: 2005-05-11 20:15 | |
In PyCursesWindow_GetStr(), a buffer with a fixed size of 1024 byte is used for reading the input from the user. This leads to a buffer overflow. If the user does not provide a limit to win.getstr(), wgetstr() is used, enforcing no limit at all, if the user provides a limit, it can be greater than 1024, leading to the same problem. My Patch replaces the buffer with a dynamicly allocated one, if the user does not provide a limit the maximum still is 1024. |
|||
| msg48339 - (view) | Author: A.M. Kuchling (akuchling) *  |
Date: 2005-06-09 17:56 | |
Logged In: YES user_id=11375 Fixed on both CVS HEAD and 2.4-maint branches. Thanks for reporting this and for providing a fix. I simply constrained the results to fit within the 1024-byte buffer. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:56:11 | admin | set | github: 41973 |
| 2005-05-11 20:15:09 | avu | create | |