[Python-checkins] r50596 - python/branches/bcannon-sandboxing/sandboxing_design_doc.txt
brett.cannon
python-checkins at python.org
Wed Jul 12 05:07:13 CEST 2006
Author: brett.cannon
Date: Wed Jul 12 05:07:12 2006
New Revision: 50596
Modified:
python/branches/bcannon-sandboxing/sandboxing_design_doc.txt
Log:
Add comments on what needs to be covered to properly watch all memory allocation.
Modified: python/branches/bcannon-sandboxing/sandboxing_design_doc.txt
==============================================================================
--- python/branches/bcannon-sandboxing/sandboxing_design_doc.txt (original)
+++ python/branches/bcannon-sandboxing/sandboxing_design_doc.txt Wed Jul 12 05:07:12 2006
@@ -49,7 +49,30 @@
Implementation
--------------
+* add __sandbox__
+* merge from HEAD
+ + last merge on rev. 47248
+* remove bare malloc()/realloc()/free() uses
* note in SpecialBuilds.txt
+* protect memory usage
+ - _PyObject_New
+ - _PyObject_NewVar
+ - _PyObject_Del
+ - PyObject_New
+ - PyObject_NewVar
+ - PyObject_Del
+ - PyMem_Malloc
+ - PyMem_Realloc
+ - PyMem_Free
+ - PyMem_New
+ - PyMem_Resize
+ - PyMem_Del
+ - PyMem_MALLOC
+ - PyMem_REALLOC
+ - PyMem_FREE
+ - PyMem_NEW
+ - PyMem_RESIZE
+ - PyMem_DEL
Goal
@@ -493,6 +516,44 @@
also allows the protection to be at the interpreter level instead of at
the process level.
+Existing APIs to protect:
+- _PyObject_New()
+ protected directly
+- _PyObject_NewVar()
+ protected directly
+- _PyObject_Del()
+ remove macro that uses PyObject_Free() and protect directly
+- PyObject_New()
+ implicitly by macro using _PyObject_New()
+- PyObject_NewVar()
+ implicitly by macro using _PyObject_NewVar()
+- PyObject_Del()
+ redefine macro to use _PyObject_Del() instead of PyObject_Free()
+- PyMem_Malloc()
+ protected directly
+- PyMem_Realloc()
+ protected directly
+- PyMem_Free()
+ protected directly
+- PyMem_New()
+ implicitly protected by macro using PyMem_Malloc()
+- PyMem_Resize
+ implicitly protected by macro using PyMem_Realloc()
+- PyMem_Del
+ implicitly protected by macro using PyMem_Free()
+- PyMem_MALLOC
+ redefine macro to use PyMem_Malloc()
+- PyMem_REALLOC
+ redefine macro to use PyMem_Realloc()
+- PyMem_FREE
+ redefine macro to use PyMem_Free()
+- PyMem_NEW
+ implicitly protected by macro using PyMem_MALLOC()
+- PyMem_RESIZE
+ implicitly protected by macro using PyMem_REALLOC()
+- PyMem_DEL
+ implicitly protected by macro using PyMem_FREE()
+
Why
--------------
@@ -523,7 +584,8 @@
* PySandbox_AllowedMemoryAlloc(integer, error_return)
Macro to increase the amount of memory that is reported that the
running sandboxed interpreter is using. If the increase puts the
- total count passed the set limit, raise an SandboxError exception
+ total count passed the set limit or leads to integer overflow in
+ the allocation count, raise an SandboxError exception
and cause the calling function to return with the value of
'error_return', otherwise do nothing.
More information about the Python-checkins
mailing list