Is python buffer overflow proof?
Steven D'Aprano
steven at REMOVE.THIS.cybersource.com.au
Tue Aug 4 02:09:52 EDT 2009
On Mon, 03 Aug 2009 21:34:15 -0700, Paul Rubin wrote:
> Steven D'Aprano <steven at REMOVE.THIS.cybersource.com.au> writes:
>> > The Python interpreter is written in C. Python extension modules are
>> > written in C (or something similar). If you find an unprotected
>> > buffer in this C code, you can possibly overflow this buffer.
>>
>> How are C extension modules "_pure_ python"?
>
> A lot of basic Python constructs (like numbers and dictionaries) are
> implemented as C extension modules. It is reasonable to consider "pure
> Python" to include the contents of the Python standard library.
Well, yes, but we're not saying that Python is bug-free. There could be
bugs in the Python VM for that matter.
The point is that code you write yourself can rely on "pure Python" to be
free of buffer-overflows (for some definition of "rely") rather than
having to worry about managing memory yourself. If you do this:
buffer = [0]*1024
buffer[:] = [1]*1025
you don't over-write some random piece of memory, the list object resizes
to accommodate, or fails with an exception instead. No special action is
needed to avoid buffer overflows. You can't make that claim about C
extensions.
It's interesting to contrast that with DoS vulnerabilities in pure Python
code. Python won't stop you from trying to calculate a googolplex:
googol = 10**100
googolplex = 10**googol
and doing so will be a moderately effective denial of service against
your Python application. If you're concerned with that, you need to code
defensively in the Python layer. Protecting against time-consuming
operations is not part of Python's design.
--
Steven
More information about the Python-list
mailing list