[Python-Dev] Is core dump always a bug? Advice requested

Greg Ewing greg at cosc.canterbury.ac.nz
Tue May 11 00:20:56 EDT 2004


Guido:

> > As long as it's possible to attempt to execute arbitrary strings
> > as bytecode, I'd say ceval should be robust against this.
> 
> This ought to be a long-term project then: write a bytecode verifier.
> It's not a trivial task!

When I wrote that, I was assuming that ceval was already mostly robust
in this respect, and that what was being reported was a new hole
recently opened up.

But it appears I was gravely mistaken, and that ceval has been full of
gaping holes from the beginning.

I'm disappointed to learn this, because I had always regarded it as an
axiom that no Python-level code should be capable of crashing the
interpreter, and if it can, this represents a bug. However, it seems
this axiom has not been adhered to in the design of ceval.

Greg Ewing, Computer Science Dept, +--------------------------------------+
University of Canterbury,	   | A citizen of NewZealandCorp, a	  |
Christchurch, New Zealand	   | wholly-owned subsidiary of USA Inc.  |
greg at cosc.canterbury.ac.nz	   +--------------------------------------+



More information about the Python-Dev mailing list