buffer overflow

Florian Schulze florian.proff.schulze at gmx.net
Fri Jan 17 22:22:30 CET 2003


On Fri, 17 Jan 2003 14:16:38 -0500 Tim Peters <tim.one at comcast.net> wrote:

> [Florian Schulze, on a segfaulting buffer() example]
> > This should easily be resolved by proper reference counting. Then it
> would
> > point to the old list object, but I think seen pythonically this is
> even
> > correct.
> 
> Nope -- the buffer object captures a memory address not associated with
> any
> Python object, so there's no refcount to *be* bumped.  That memory can
> get
> recycled and the buffer object pointing to it has neither a way to stop
> ir
> nor to know about it when it happens.  Dig into the Python-Dev archive
> for
> years of argument about this.  The current buffer object is plain broken.
> That goes a long way toward explaining why you rarely hear about it, BTW
> <wink>.
> 
> dead-feature-walking-ly y'rs  - tim

Ahhh, now I understand why things like readinto aren't documented. I try to
look into the Python-Dev archives later. Are there any plans to fix the
buffer object to do it right by implementing it differently? I think there
are some places where a correct buffer object could speed up execution or
lead to more efficient algorithms, reading binary data from files into
things like numeric arrays for example.

Florian









More information about the Python-list mailing list