> On Tue, Feb 9, 2010 at 11:55 PM, "Martin v. Löwis" <mar...@v.loewis.de> wrote: >>> Le Tue, 09 Feb 2010 12:16:15 +0200, anatoly techtonik a écrit : >>>> I've noticed a couple of issues that 100% crash Python 2.6.4 like this >>>> one - http://bugs.python.org/issue6608 Is it ok to release new versions >>>> that are known to crash? >>> I've changed this issue to release blocker. What are the other issues? >> For a bug fix release, it should (IMO) be a release blocker *only* if >> this is a regression in the branch or some recent bug fix release over >> some earlier bug fix release. > > Is it possible to make exploits out of crashers?
It depends on the specific crasher. In Python, it depends on the application as well. In the specific issue you mentioned, it doesn't crash because of a memory overwrite, but because of a deliberate process shutdown in the C runtime. So you can't construct arbitrary code execution out of that. Regards, Martin _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
