If either python-2.3.5-r2 or python-2.4.2 are compiled with an SSP-enabled GCC and their test suite is run, both give an error about a stack smashing attack in symtable_node() during test_syntax. Pertinent function seems to have been replaced on the Python trunk according to http://svn.python.org/view/python/trunk/Python/compile.c?rev=39758&r1=39251&r2=39758
liquidx please advise
Ccing kloeri as he did the last Python bumps. Not too sure about this, if this is just a DoS then this should be filed as bug. Setting to Auditing so that our auditors can investigate. Also the proposed patch is a complete rewrite of compile.c... probably not production-ready.
This issue is already described in bug 82469. Especially interesting is comment #12 in that bug as this looks like a toolchain issue. Rewriting compile.c may very well "fix" this of course :)
i agree with kloeri on this. the last comment in bug #82469 shows it is a gcc problem rather than a specific python problem.
Looks very much the same, yes. *** This bug has been marked as a duplicate of 82469 ***
