[ctypes-users] bug report: int overflow in ctypeslib
by Daniele Varrazzo other posts by this author
Nov 21 2006 5:42PM messages near this date
Re: [ctypes-users] Anyone with a working gccxml on Win32 want to give me a hand?
|
Re: [ctypes-users] bug report: int overflow in ctypeslib
Hello,
while i was wrapping the SpiderMonkey library, ctypeslib crashed in two
distinct points (but for the same reason): converting t.max into int
when isinstance(t, typedesc.ArrayType). When t.max is the string
"0xffffffffffffffff", int(t.max) fails with a ValueError. Tested with
Python 2.4.3 on a 32 bit Gentoo system. int(t.max, 16) works fine anyway.
The crash happens on both lines 66 and 214 in
ctypeslib/codegen/codegenerator.py (revision 52818) when calling
xml2py. the offending structure is in gconv.h. Even with the patch on,
the __gconv_info structure generates a warning (packing fails)
The steps to reproduce the bugs on Linux are: (sorry if i don't reduce
the matter to fewer steps, but i'm just starting with ctypes and i don't
know where to start pruning)
* download and untar:
http://ftp.mozilla.org/pub/mozilla.org/js/js-1.5.tar.gz
* cmake it
* compile with:
make -f Makefile.ref XMKSHLIBOPTS="-soname libjs.so.1"
* have an xml with:
h2xml.py jsapi.h -o js1.5.xml -D XP_UNIX -I js/ -I js/Linux_All_DBG.OBJ/
* have a traceback with:
xml2py.py -l js -o libjs.py -v js1.5.xml
The patch below solves "minimally" the problem. mmm... probably this is
actually a Python bug: i will check how it works on Python 2.5 and try
to file a bug.
Regards, and thank you for your white magic
Daniele
Index: ctypeslib/codegen/codegenerator.py
===================================================================
--- ctypeslib/codegen/codegenerator.py (revision 52818)
+++ ctypeslib/codegen/codegenerator.py (working copy)
@@ -57,13 +57,23 @@
################
+def safe_int(s):
+ """Convert to int, without overflow fears..."""
+ if isinstance(s, str):
+ if s.lower().startswith('0x'):
+ return int(s, 16)
+ elif s.startswith('0'):
+ return int(s, 8)
+
+ return int(s)
+
def storage(t):
# return the size and alignment of a type
if isinstance(t, typedesc.Typedef):
return storage(t.typ)
elif isinstance(t, typedesc.ArrayType):
s, a = storage(t.typ)
- return s * (int(t.max) - int(t.min) + 1), a
+ return s * (safe_int(t.max) - int(t.min) + 1), a
return int(t.size), int(t.align)
class PackingError(Exception):
@@ -211,7 +221,7 @@
return "c_void_p"
return result
elif isinstance(t, typedesc.ArrayType):
- return "%s * %s" % (self.type_name(t.typ, generate),
int(t.max)+1)
+ return "%s * %s" % (self.type_name(t.typ, generate),
safe_int(t.max)+1)
elif isinstance(t, typedesc.FunctionType):
args = [self.type_name(x, generate) for x in [t.returns] +
list(t.iterArgTypes())]
if "__stdcall__" in t.attributes:
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
ctypes-users mailing list
ctypes-users@[...].net
https://lists.sourceforge.net/lists/listinfo/ctypes-users
Thread:
Daniele Varrazzo
Thomas Heller
|
