[Python-Dev] Deprecate invalid ctypes call protection on Windows
Guido van Rossum
guido at python.org
Mon May 22 14:25:00 EDT 2017
More information about the Python-Dev mailing list
Mon May 22 14:25:00 EDT 2017
- Previous message (by thread): [Python-Dev] Deprecate invalid ctypes call protection on Windows
- Next message (by thread): [Python-Dev] Deprecate invalid ctypes call protection on Windows
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sounds good to me. On Mon, May 22, 2017 at 11:17 AM, Steve Dower <steve.dower at python.org> wrote: > One of the main reasons we are stuck with an old libffi fork in CPython is > because the newer versions do not support protection from calling functions > with too few/many arguments: > > https://docs.python.org/3/library/ctypes.html?highlight=ctyp > es#calling-functions > > There are a number of caveats here, including "this only works on > Windows", but since it is documented we cannot just remove the behaviour > without a deprecation period. > > I'd like to propose a highly-accelerated deprecation period for this > specific feature, starting in CPython 3.6.2 and being "completed" in 3.7.0, > when we will hopefully move onto a newer libffi. > > In general, the "feature" is a misfeature anyway, since calling a native > function with incorrect arguments is unsupported and a very easy way to > cause information leakage or code execution vulnerabilities. There may be > an argument for removing the functionality immediately, but honestly I > think changing libffi in a point release is higher risk. > > Once the special protection is removed, most of these cases will become > OSError due to the general protection against segmentation faults. Some > will undoubtedly fall through the cracks and crash the entire interpreter, > but these are unavoidable (and really ought to crash to avoid potential > exploits). > > Does anyone have any reasons to oppose this? It already has votes from > another Windows expert and the 3.6/3.7 Release Manager, but we wanted to > see if anyone has a concern we haven't thought of. > > Cheers, > Steve > _______________________________________________ > Python-Dev mailing list > Python-Dev at python.org > https://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: https://mail.python.org/mailman/options/python-dev/guido% > 40python.org > -- --Guido van Rossum (python.org/~guido) -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20170522/57d970e5/attachment.html>
- Previous message (by thread): [Python-Dev] Deprecate invalid ctypes call protection on Windows
- Next message (by thread): [Python-Dev] Deprecate invalid ctypes call protection on Windows
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list