Message 329401 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	josh.r
Recipients	execve, josh.r
Date	2018-11-07.02:46:10
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1541558770.67.0.788709270274.issue35180@psf.upfronthosting.co.za>
In-reply-to

Content
As soon as you use ctypes, you sign up for all the security vulnerabilities, including denial of service, buffer overrun, use-after-free, etc. that plain old C programs are subject to. In this case, it's just a NULL pointer dereference (read: segfault in most normal cases), but in general, if you don't use ctypes with the same discipline as you would actual C code (at best it provides a little in the way of automatic memory management), you're subject to all the same problems. Side-note: When replying to e-mails, don't include the quotes from the e-mail you're replying to; it just clutters the tracker.

As soon as you use ctypes, you sign up for all the security vulnerabilities, including denial of service, buffer overrun, use-after-free, etc. that plain old C programs are subject to. In this case, it's just a NULL pointer dereference (read: segfault in most normal cases), but in general, if you don't use ctypes with the same discipline as you would actual C code (at best it provides a little in the way of automatic memory management), you're subject to all the same problems.

Side-note: When replying to e-mails, don't include the quotes from the e-mail you're replying to; it just clutters the tracker.

History
Date	User	Action	Args
2018-11-07 02:46:10	josh.r	set	recipients: + josh.r, execve
2018-11-07 02:46:10	josh.r	set	messageid: <1541558770.67.0.788709270274.issue35180@psf.upfronthosting.co.za>
2018-11-07 02:46:10	josh.r	link	issue35180 messages
2018-11-07 02:46:10	josh.r	create