Full title: Python 3.5 time_strftime() Buffer Over-Read Vulnerability 
Category: remote exploits
Platform: python
Python 3.5 suffers from a vulnerability caused by the behavior of the time_strftime() function. When called, the function loops over the format string provided, using strchr to search for each instance of '%'. After finding a '%', it continues to search two characters ahead, assuming that each instance is the beginning of a well formed format string token. However, if a string ends with '%', this logic will result in a call to strchr that reads off the end of the format string buffer.

# 0day.today @ http://0day.today/