_ctypes.dlsym (py_dl_sym) does not trigger audit hooks #82803
Comments
|
The dlsym operation generally (e.g. when done through a ctypes.CDLL object) triggers the "ctypes.dlsym" audit event. However, using _ctypes.dlsym directly does not trigger this event. This appears to be an oversight, given that _ctypes.dlopen *does* trigger the "ctypes.dlopen" audit event. A (very minimal) patch is attached. I was not entirely sure what format the DLL handle should take when it is passed to the audit function, so for now it just turns it back into a number via PyLong_FromVoidPtr (i.e. into the same format in which it is passed into _ctypes.dlsym in the first place). |
TobiasHoll
mannequin
added
3.8
|
I probably should have done this earlier, but here's a small test case that reproduces the issue. The assert fails in vanilla Python 3.8, but passes with the patch. |
|
Thanks! Would you like to create a PR on GitHub for this? Or are you happy for me to do it. |
|
Actually, it looks like we need to add events for many of the _ctypes functions, so I'll go through and do them. |
|
Typically, as soon as I merge, I spot an edge case issue. PySys_Audit(n, "O", a) is deliberately going to treat 'a' as the tuple of arguments (when it is a tuple). This lets us simplify/optimise events where the event arguments match the function arguments exactly. If 'a' is not a tuple, it gets wrapped in one. When 'a' is meant to be a single argument that _might_ be a tuple, such as in PyObj_FromPtr, the format string needs to be "(O)" to ensure it is treated as a one element tuple. This is just how Py_BuildValue works - multiple elements become a tuple and the parens are optional unless you want a one-element tuple. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: