Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2015-May/140034.html below:

[Python-Dev] PyObject_IsInstance is dangerous

• Previous message (by thread): [Python-Dev] PEP 485 isclose() implementation review requested
• Next message (by thread): [Python-Dev] PyObject_IsInstance is dangerous
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

PyObject_IsInstance is not safe when used to check if the object is an 
instance of specified builtin type. Typical code:

     rc = PyObject_IsInstance(obj, &Someting_Type);
     if (rc < 0) return NULL;
     if (rc) {
         SometingObject *something = (SometingObject *)obj;
         something->some_field ...
     }

The __class__ attribute can be modified and PyObject_IsInstance() can 
return true if the object has not layout compatible with specified 
structure. And even worse, __class__  can be dynamic property and 
PyObject_IsInstance() can execute arbitrary Python code, that can 
invalidate cached values of pointers and sizes in C code.

More safe way would be to use PyObject_IsSubclass().

     rc = PyObject_IsSubclass((Py_Object *)obj->ob_type, &Someting_Type);
     if (rc < 0) return NULL;
     if (rc) {
         SometingObject *something = (SometingObject *)obj;
         something->some_field ...
     }

For example see issue24102 [1], issue24091 [2] and many other issues 
opened by pkt.

[1] http://bugs.python.org/issue24102
[2] http://bugs.python.org/issue24091

• Previous message (by thread): [Python-Dev] PEP 485 isclose() implementation review requested
• Next message (by thread): [Python-Dev] PyObject_IsInstance is dangerous
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4