event_str buffer overflow

Issue #67 resolved
René Dudfield created an issue

== Tom Knight, 2011-03-17 08:57:30 -0700

{{{ Created attachment 41 Example code

In method event_str of src/event.c there is a buffer overflow if you create an event that contains enough data as shown in the attached example (just press w).

The main problem arises from the fixed length str buffer on line 404, this should be dynamically allocated based on the lengths of the arguments passed to sprintf on line 427 (name_from_eventtype and s). }}}

Attachments: [[http://www.pygame.org/old_bug_attachments/41/foo.py| foo.py]]

== Tom Knight, 2011-03-18 12:56:05 -0700

{{{ Created attachment 42 Patch to fix buffer overflow

quick patch to fix the problem. }}}

Attachments: [[http://www.pygame.org/old_bug_attachments/42/buffer.patch| buffer.patch]]

Comments (3)

  1. Log in to comment