Message 324420 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	Eric Lippert, serhiy.storchaka, vstinner
Date	2018-08-31.14:19:52
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1535725192.08.0.56676864532.issue34551@psf.upfronthosting.co.za>
In-reply-to

Content
> I think it is technically not possible. Neither PyDict_Next() nor Py_INCREF() mutate the dict, call the user code or release GIL. If it could be possible, we would have a potential writing out of a buffer here. When I read PyDict_Next(), I'm thinking at the Python level which can execute arbitrary code. But it seems like you are right: the exact C implementation of PyDict_Next() doesn't seem to modify the dictionary. PR 9009 seems safe.

> I think it is technically not possible. Neither PyDict_Next() nor Py_INCREF() mutate the dict, call the user code or release GIL. If it could be possible, we would have a potential writing out of a buffer here.

When I read PyDict_Next(), I'm thinking at the Python level which can execute arbitrary code. But it seems like you are right: the exact C implementation of PyDict_Next() doesn't seem to modify the dictionary.

PR 9009 seems safe.

History
Date	User	Action	Args
2018-08-31 14:19:52	vstinner	set	recipients: + vstinner, serhiy.storchaka, Eric Lippert
2018-08-31 14:19:52	vstinner	set	messageid: <1535725192.08.0.56676864532.issue34551@psf.upfronthosting.co.za>
2018-08-31 14:19:52	vstinner	link	issue34551 messages
2018-08-31 14:19:52	vstinner	create