python mktime fails with overflow (same call works in other environments)

Matthew Dillon dillon at
Wed Oct 15 16:52:05 PDT 2008

:I've posted a tzcode upgrade to submit at .
:Could you guys test if it fixes the Python issue?

    The patch looks reasonable though the sprintf's need to be
    turned into snprintf's.  In particular the string looks vulnerable
    to user code that might populate bad values into timeptr.

    There are numerous strcpy's in the code too but I don't know how
    vulnerable those are to the outside.

					Matthew Dillon 
					<dillon at>

More information about the Users mailing list