On 1 July 2014 10:33, Steven D'Aprano email@example.com wrote:
[Aside: does Python do any sort of verification of the bytecode before executing it, as Java does?]
Nope, it will happily attempt to execute invalid bytecode. That's actually one of the reasons executing untrusted bytecode is even less safe than executing untrusted source code - it's likely to be possible to trigger segfaults that way.
There's an initial attempt at a bytecode verifier on PyPI (https://pypi.python.org/pypi/Python-Bytecode-Verifier/), and I have a vague recollection that Google have a bytecode verifier kicking around somewhere, but there's nothing built in to the CPython runtime.