On Fri, Mar 23, 2012 at 1:44 PM, Eric Snow
Will we see a "significantly" higher number of bugs about segfaults where we have to respond with "don't do that"? Probably not. But should any solution here guard (at some expense) against such mistakes that currently are much more difficult to make? Nick already alluded to double-checking the code somewhat to that effect.
Yes, while I'm in favour of the writable closure attribute idea in principle, the details of how we access the closure array are the kind of thing I'm worried about when I say I need to check the source code before commenting on the implementation details. Setting "f.__closure__ = []" is a lot easier than crafting the necessary bytecode to cause problems with the current setup, so "Can the new behaviour be abused to segfault CPython with pure Python code?" is exactly the right question to be asking. With Victor's recent work to close some longstanding segfault vulnerabilities, I really don't want us to be adding anything that goes in the other direction. However, I won't be doing that investigation myself until my broadband provider finally finishes setting up the connection at my new place, so if anyone wants to cast an appropriately paranoid eye over Yury's patch in the meantime, please go ahead :) Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia