Security vulnerability identified in pymongo code (file \bson\time64.c)

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Done
    • Priority: Major - P3
    • 2.2
    • Affects Version/s: None
    • Component/s: None
    • None
    • None
    • Fully Compatible
    • None
    • None
    • None
    • None
    • None
    • None

      Hello,

      The format string argument to sprintf() at time64.c line 793 does not properly limit the amount of data the function can write, which allows the program to write outside the bounds of allocated memory. This behavior could corrupt data, crash the program, or lead to the execution of malicious code:

      \bson\time64.c (release 2.0.1)
      ...
      793    sprintf(result, TM64_ASCTIME_FORMAT,
      794        wday_name[date->tm_wday],
      795        mon_name[date->tm_mon],
      ...

      Kind Regards,
      Martin

            Assignee:
            Bernie Hackett
            Reporter:
            Martin Fischer
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: