[Python-Dev] Fuzzing bugs: most bugs are closed
M.-A. Lemburg
mal at egenix.com
Mon Jul 21 14:03:08 CEST 2008
On 2008-07-20 22:45, Victor Stinner wrote:
> Le Saturday 19 July 2008 21:52:09 A.M. Kuchling, vous avez écrit :
>> Excellent work! Another fruitful area for fuzzing might be the
>> miniature virtual machine used by the re module. It's possible to
>> import _sre and call the compile() function directly (see the end of
>> Lib/sre_compile.py for how it's invoked); I wonder how the regex VM
>> copes with random strings of bytecode.
>
> Hum... how can I say it? It's trivial to crash _sre :-) So I blacklisted
> _sre.compile() in my fuzzer.
>
> For information, it's also very easy to crash CPython with fuzzed .pyc file.
>
> It's hard to check bytecode without execute it. It's maybe better to add
> checks directly in the VM.
I don't see that as a big problem: if you execute untrusted byte code,
you are on your own anyway... whether that's byte code for the re
engine or ceval.
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Source (#1, Jul 21 2008)
>>> Python/Zope Consulting and Support ... http://www.egenix.com/
>>> mxODBC.Zope.Database.Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________
:::: Try mxODBC.Zope.DA for Windows,Linux,Solaris,MacOSX for free ! ::::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
More information about the Python-Dev
mailing list