Is python buffer overflow proof?
marcusw at cox.net
Mon Aug 3 14:01:00 CEST 2009
On 8/3/2009 3:45 AM, Diez B. Roggisch wrote:
> Marcus Wanner schrieb:
>> On 8/2/2009 10:43 AM, Christian Heimes wrote:
>>> Marcus Wanner wrote:
>>>> I believe that python is buffer overflow proof. In fact, I think
>>>> that even ctypes is overflow proof...
>>> No, ctypes isn't buffer overflow proof. ctypes can break and crash a
>>> Python interpreter easily.
>> I see. I thought that it said "invalid array index" when you try to
>> read/write outside of an array's bounds, though...
> But you can cast the resulting pointer to an array of larger size, and
> there you are.
Ah, that makes sense. I had forgotten about ctypes.cast().
More information about the Python-list