[Python-Dev] Deprecate invalid ctypes call protection on Windows
Antoine Pitrou
solipsis at pitrou.net
Tue May 23 11:28:31 EDT 2017
On Mon, 22 May 2017 11:17:18 -0700
Steve Dower <steve.dower at python.org> wrote:
>
> I'd like to propose a highly-accelerated deprecation period for this
> specific feature, starting in CPython 3.6.2 and being "completed" in
> 3.7.0, when we will hopefully move onto a newer libffi.
>
> In general, the "feature" is a misfeature anyway, since calling a native
> function with incorrect arguments is unsupported and a very easy way to
> cause information leakage or code execution vulnerabilities.
Agreed.
> Does anyone have any reasons to oppose this? It already has votes from
> another Windows expert and the 3.6/3.7 Release Manager, but we wanted to
> see if anyone has a concern we haven't thought of.
+1 from me.
Regards
Antoine.
More information about the Python-Dev
mailing list