[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Python 2.4 & 2.5 vulnerable, Patches inside
Jonathan Schleifer wrote:
> Christian Biere <christianbiere%gmx.de@localhost> wrote:
> > As expected from Apple, this is junk. People who don't understand
> > the meaning of undefined behavior and integer overflow shouldn't be
> > let anywhere near a C compiler.
> To which patch exactly are you reffering, as the other patches I
> included were taken from Gentoo. I only had a quick look at them, I
> must admit, though, and did not check if they really fix the issue.
I'm talking about nonsense such as this:
+ int bytesize, nsize
+ bytesize = nsize * 2;
+ if (bytesize / 2 != nsize)
+ return PyErr_NoMemory();
The use of INT_MAX is rather funny. I guess Python is called "high-level"
because it was developed at the top of an ivory tower.
Main Index |
Thread Index |