Is python buffer overflow proof?
Marcus Wanner
marcusw at cox.net
Mon Aug 3 08:01:00 EDT 2009
On 8/3/2009 3:45 AM, Diez B. Roggisch wrote:
> Marcus Wanner schrieb:
>> On 8/2/2009 10:43 AM, Christian Heimes wrote:
>>> Marcus Wanner wrote:
>>>> I believe that python is buffer overflow proof. In fact, I think
>>>> that even ctypes is overflow proof...
>>>
>>> No, ctypes isn't buffer overflow proof. ctypes can break and crash a
>>> Python interpreter easily.
>>>
>>> Christian
>>>
>> I see. I thought that it said "invalid array index" when you try to
>> read/write outside of an array's bounds, though...
>
>
> But you can cast the resulting pointer to an array of larger size, and
> there you are.
>
> Diez
Ah, that makes sense. I had forgotten about ctypes.cast().
Marcus
More information about the Python-list
mailing list