Is python buffer overflow proof?

Neil Hodgson nyamatongwe+thunder at
Tue Aug 4 15:32:55 CEST 2009

Thorsten Kampe:

> You cannot create "your own" buffer overflow in Python as you can in C 
> and C++ but your code could still be vulnerable if the underlying Python 
> construct is written in C.

   Python's standard library does now include unsafe constructs.

import ctypes
x = '1234'
# Munging byte 1 OK
ctypes.memset(x, 1, 1)
# Next line writes beyond end of variable and crashes
ctypes.memset(x, 1, 20000)


More information about the Python-list mailing list