This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author radegand
Recipients radegand, theller
Date 2010-07-26.17:02:33
SpamBayes Score 0.00266668
Marked as misclassified No
Message-id <1280163756.22.0.278914543931.issue9385@psf.upfronthosting.co.za>
In-reply-to
Content
Hi,

Python ctypes module creates a 'rwx' memory mapping (defined in malloc_closure.c) which causes python to crash when running under grsecurity enabled kernel and could also have a negative security impact. 

Is there any specific need for the mmap call to create an executable mapping or can it be safely removed? 

Please refer here for more information and proposed patch:
http://bugs.gentoo.org/show_bug.cgi?id=329499

The actual mmap call:
item = (ITEM *)mmap(NULL,
                            count * sizeof(ITEM),
                            PROT_READ | PROT_WRITE | PROT_EXEC,
                            MAP_PRIVATE | MAP_ANONYMOUS,
                            -1,
                            0);

There has been further investigation done by Gentoo users and work towards python handling this error gracefully rather than segfaulting. It seems that dereference at Py_XDECREF(self->restype); (line 23 of Modules/_ctypes/callbacks.c) causes the segfault.

Thanks.
History
Date User Action Args
2010-07-26 17:02:36radegandsetrecipients: + radegand, theller
2010-07-26 17:02:36radegandsetmessageid: <1280163756.22.0.278914543931.issue9385@psf.upfronthosting.co.za>
2010-07-26 17:02:34radegandlinkissue9385 messages
2010-07-26 17:02:33radegandcreate