Is python buffer overflow proof?

Steven D'Aprano steven at REMOVE.THIS.cybersource.com.au
Tue Aug 4 08:09:52 CEST 2009


On Mon, 03 Aug 2009 21:34:15 -0700, Paul Rubin wrote:

> Steven D'Aprano <steven at REMOVE.THIS.cybersource.com.au> writes:
>> > The Python interpreter is written in C. Python extension modules are
>> > written in C (or something similar). If you find an unprotected
>> > buffer in this C code, you can possibly overflow this buffer.
>> 
>> How are C extension modules "_pure_ python"?
> 
> A lot of basic Python constructs (like numbers and dictionaries) are
> implemented as C extension modules.  It is reasonable to consider "pure
> Python" to include the contents of the Python standard library.

Well, yes, but we're not saying that Python is bug-free. There could be 
bugs in the Python VM for that matter.

The point is that code you write yourself can rely on "pure Python" to be 
free of buffer-overflows (for some definition of "rely") rather than 
having to worry about managing memory yourself. If you do this:

buffer = [0]*1024
buffer[:] = [1]*1025

you don't over-write some random piece of memory, the list object resizes 
to accommodate, or fails with an exception instead. No special action is 
needed to avoid buffer overflows. You can't make that claim about C 
extensions.

It's interesting to contrast that with DoS vulnerabilities in pure Python 
code. Python won't stop you from trying to calculate a googolplex:

googol = 10**100
googolplex = 10**googol

and doing so will be a moderately effective denial of service against 
your Python application. If you're concerned with that, you need to code 
defensively in the Python layer. Protecting against time-consuming 
operations is not part of Python's design.



-- 
Steven



More information about the Python-list mailing list