[ python-Bugs-1013418 ] Win XP DEP prevents Python call to 'C' DLL

SourceForge.net noreply at sourceforge.net
Sun Aug 22 22:54:35 CEST 2004


Bugs item #1013418, was opened at 2004-08-21 17:05
Message generated for change (Settings changed) made by loewis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1013418&group_id=5470

Category: Extension Modules
Group: Python 2.3
>Status: Closed
>Resolution: Invalid
Priority: 5
Submitted By: ajhewitt (ajhewitt)
Assigned to: Nobody/Anonymous (nobody)
Summary: Win XP DEP prevents Python call to 'C' DLL

Initial Comment:
Following Mark Hammond's description in "Python 
Programming on Win32" I built his sample 'C' program, 
Hello.c which is called from Hellouse.py. The environment 
in which the DLL file was built is Visual Studio 2003 .NET 
and Windows XP SP2. When an attempt was made to 
run the example program hellouse.py, the program 
aborted with a "Data buffer overflow - program is 
corrupt" message from XP. I then moved the program 
files to Windows 2000 (just moved the library and 
python file) and the program executed correctly (as 
shown in Mark's book)! I then moved the program to a 
Windows XP SP1 based system and the program again 
executed as expected. I then poked around on the XP 
SP2 box and discovered a new "feature" called Data 
Execution Prevention. You can see this feature by right 
clicking on the "My Computer" icon and then clicking 
on "Properties" and "Advanced". I tried adding Python 
2.3 (python and pythonw) to the exceptions list but 
that didn't help. I don't see any problem executing pure 
Python programs on the XP SP2 system.

-Alex


----------------------------------------------------------------------

Comment By: ajhewitt (ajhewitt)
Date: 2004-08-22 19:39

Message:
Logged In: YES 
user_id=1108513

Bingo! That fixed it. Thanks for looking. I probably should 
have caught that myself but I assumed (and we know what 
assume does ;^)) that the code was fully vetted and correct. 
I'll report that to the author of the book (Mark Hammond) and 
see that it get's added to the errata. Unfortunately, you may 
see more of these "bugs" because XP SP2 is now checking for 
this kind of thing. BTW, according to the documentation that 
Microsoft adds to this new feature, there are two types of 
implementation. One is the software only implementation 
(that's what I had on my system) and the second would 
require an AMD 64/Opteron processor. I don't own one of 
those (yet). You can close this one as a program/user error.

Thanks for checking,

-Alex


----------------------------------------------------------------------

Comment By: Martin v. Löwis (loewis)
Date: 2004-08-22 09:06

Message:
Logged In: YES 
user_id=21627

Thanks. I cannot reproduce this at the moment (and I'm
uncertain whether reproducing it requires an Athlon
64/Opteron processor), however, mere code inspection shows a
potential problem of data buffer overflows. In the message
function, you have

   char result[64];

so this can accommodate 64 characters. If the string you are
passing is too long, the buffer will overflow, which might
happen when you pass the string "module " + hello.__file__.

As a quick work-around, please try to increase the result
size to, say, 

  char result[10000];

and see whether that makes the problem go away.

If so, then
a) this is a proper bug, and XP has helped to find it, and
b) it is not a bug in Python, but in your code, and
c) the proper solution is to either use a variable-sized
buffer instead of a fixed-size one, or to check whether the
buffer is large enough before copying into it.

----------------------------------------------------------------------

Comment By: ajhewitt (ajhewitt)
Date: 2004-08-21 21:09

Message:
Logged In: YES 
user_id=1108513

Here's the Python program that calls the 'C' function...

-Alex


----------------------------------------------------------------------

Comment By: ajhewitt (ajhewitt)
Date: 2004-08-21 21:08

Message:
Logged In: YES 
user_id=1108513

The problem will definitely need to be resolved. I did find a 
workaround - disabling XP SP2's "Data Execution Prevention" 
by editing the boot.ini file and changing "noexecute:XXXX" 
to "execute". This will degrade XP's security but only to the 
extent that it was vulnerable prior to SP2. 

----------------------------------------------------------------------

Comment By: Martin v. Löwis (loewis)
Date: 2004-08-21 17:25

Message:
Logged In: YES 
user_id=21627

Do you want us to resolve the problem somehow? If so, please
attach the sample code, so we can reproduce it.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1013418&group_id=5470


More information about the Python-bugs-list mailing list