fix: programs/_freeze_module in _freeze_module.c

[orbisai0security]

Summary

Fix critical severity security issue in Programs/_freeze_module.c.

Vulnerability

Field	Value
ID	V-002
Severity	CRITICAL
Scanner	multi_agent_ai
Rule	V-002
File	Programs/_freeze_module.c:129
CWE	CWE-120

Description: Programs/_freeze_module.c:129 uses sprintf(filename, "<frozen %s>", name) where 'name' is the module name argument. If 'name' exceeds the fixed-size filename buffer minus the 9-character surrounding literal '', the buffer overflows. Parser/string_parser.c:185 uses sprintf(p, "\U%08x", chr) where 'p' points into a string buffer whose remaining capacity is not validated before the write. Both calls use the unsafe sprintf() function which performs no bounds checking on the destination buffer.

Changes

• Programs/_freeze_module.c
• Parser/string_parser.c

Verification

• Build passes
• Scanner re-scan confirms fix
• LLM code review passed

---

Automated security fix by OrbisAI Security

[python-cla-bot]

All commit authors signed the Contributor License Agreement.

[bedevere-app]

Most changes to Python require a NEWS entry. Add one using the blurb_it web app or the blurb command-line tool.

If this change has little impact on Python users, wait for a maintainer to apply the skip news label instead.

[picnixz]

p has enough size, please don't open PRs without issues, nor without reading the devguide otherwise we will be forced to lock you from contributing to our repositories. See https://devguide.python.org/getting-started/pull-request-lifecycle/.