gumpy <[EMAIL PROTECTED]> added the comment: It turns out the problems in array are more serious than I thought and allow writing to unallocated memory through a memoryview leading to memory corruption, segfaults and possibly exploits. The following example extends an array enough to trigger a realloc of the array's buffer.
Python 3.0 (r30:67503, Dec 4 2008, 13:30:57) [GCC 4.2.4 (Ubuntu 4.2.4-1ubuntu3)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> from array import array >>> a = array('i', range(16)) >>> m = memoryview(a) >>> a.extend(array('i', range(48)) ... ) >>> m[:] = array('i', [0] * (len(m) // m.itemsize)) *** glibc detected *** python3.0: corrupted double-linked list: 0x0822c1f8 *** _______________________________________ Python tracker <[EMAIL PROTECTED]> <http://bugs.python.org/issue4509> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com