➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2007-04-11 19:11 by munawar2007, last changed 2022-04-11 14:56 by admin. This issue is now closed.
| Messages (2) | |||
|---|---|---|---|
| msg52407 - (view) | Author: Munawar (munawar2007) | Date: 2007-04-11 19:11 | |
Hi, I am a Ph.D. student at UIUC working with Professor Ralph Johnson. My research interest is security and software architecture. At this point, I am surveying existing software architecture for buffer overflow vulnerability protection. I need some help understanding the Python codebase. In particular I have three questions. 1. Does the C code use the string library functions (strcpy, strcat, gets etc)? 2. Or does it use some sort of buffer bounds checking, either by rewriting the string library, or checking before every buffer operation? 3. Is the bounds checking available from the first release, or it has been included in a subsequent release? How did the development team go about making this change in the code? Any information would be greatly appreciated. Thanks in advance. Munawar Hafiz UIUC https://netfiles.uiuc.edu/mhafiz/www/ |
|||
| msg52408 - (view) | Author: Georg Brandl (georg.brandl) *  |
Date: 2007-04-11 19:13 | |
Please post such questions on the python-dev mailing list, to be found at <http://mail.python.org/mailman/listinfo/python-dev>. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:56:23 | admin | set | github: 44830 |
| 2007-04-11 19:11:36 | munawar2007 | create | |