[Python-Dev] Is core dump always a bug? Advice requested
Michael Hudson
mwh at python.net
Tue May 18 07:04:46 EDT 2004
Michel Pelletier <michel at dialnetwork.com> writes:
> do you think there is a risk of exploitation? for example, STORE_FAST, which
> does a direct set into PyObject **fastlocals, could be used to overwrite
> beyond the bounds of the array. Can this or a stack over/underflow be used
> to execute arbitrary machine code?
If you're loading arbitrary bytecode, you will presumably at some
point be executing it, and that seems a much greater risk to me.
Cheers,
mwh
--
We've had a lot of problems going from glibc 2.0 to glibc 2.1.
People claim binary compatibility. Except for functions they
don't like. -- Peter Van Eynde, comp.lang.lisp
More information about the Python-Dev
mailing list