[issue42938] [security][CVE-2021-3177] ctypes double representation BoF

2021-02-22 Thread Alexander Riccio
Alexander Riccio added the comment: Yes, I definitely should. I work on https://bugs.python.org/issue25878 sometimes, which encompasses this. -- ___ Python tracker <https://bugs.python.org/issue42

[issue42938] [security][CVE-2021-3177] ctypes double representation BoF

2021-02-22 Thread Alexander Riccio
Alexander Riccio added the comment: Petition to remove all uses of the unchecked string handling functions from CPython? Sidenote: if C4996 was on, this would be a warning. -- nosy: +Alexander Riccio ___ Python tracker <https://bugs.python.

[issue40145] Pyshellext room for binary size improvement

2020-04-03 Thread Alexander Riccio
Alexander Riccio added the comment: Oh, uh, also, do you prefer I add a commit or a new branch & PR? -- ___ Python tracker <https://bugs.python.org/iss

[issue40145] Pyshellext room for binary size improvement

2020-04-03 Thread Alexander Riccio
Alexander Riccio added the comment: Ahh, ok. Even though I question the usefulness of manually maintaining MSBuild files instead of something like CMake, I can work with that. Is there a preferred way to do it? It looks like I can do a Condition="'$(Configuration)|$(Platform)'=='Releas

[issue40161] Name collisions in pythoncore, preventing unity/jumbo build

2020-04-02 Thread Alexander Riccio
New submission from Alexander Riccio : This isn't a priority issue I'd say. However, fixing it could yield nice benefits. I ran into this while experimenting with JUMBO/Unity builds as part of a bit of fun I've been having tweaking build options across the CPython ecosystem. Theoretically

[issue40151] _overlapped room for improvement

2020-04-01 Thread Alexander Riccio
Change by Alexander Riccio : -- keywords: +patch pull_requests: +18658 stage: -> patch review pull_request: https://github.com/python/cpython/pull/19298 ___ Python tracker <https://bugs.python.org/issu

[issue40145] Pyshellext room for binary size improvement

2020-04-01 Thread Alexander Riccio
Change by Alexander Riccio : -- pull_requests: +18659 pull_request: https://github.com/python/cpython/pull/19298 ___ Python tracker <https://bugs.python.org/issue40

[issue40151] _overlapped room for improvement

2020-04-01 Thread Alexander Riccio
New submission from Alexander Riccio : Similarly to bpo-40145, I've tweaked build options to reduce the size of the binary. This patch turns on (for release builds) Whole Program Optimization, MinSpace optimization, /Ob2 AnySuitable function inlining, /Zo (so that people can still debug

[issue40150] (minor) mismatched argument in overlapped_RegisterWaitWithQueue call to RegisterWaitForSingleObject

2020-04-01 Thread Alexander Riccio
New submission from Alexander Riccio : This popped out at me while looking for something else. It's probably not much of an actual problem, since the wrong datatype is larger than the correct one, but it's worth fixing. The problem is in overlapped_RegisterWaitWithQueue, at overlapped.c:297

[issue40145] Pyshellext room for binary size improvement

2020-04-01 Thread Alexander Riccio
Alexander Riccio added the comment: If this patch is merged, and all 7 million (estimated) Python developers update their installation, I calculate that I just saved the PSF 119GB worth of bandwidth costs :) I'll take my 10 cents in the mail please :D

[issue40145] Pyshellext room for binary size improvement

2020-04-01 Thread Alexander Riccio
Change by Alexander Riccio : -- keywords: +patch pull_requests: +18642 stage: -> patch review pull_request: https://github.com/python/cpython/pull/19284 ___ Python tracker <https://bugs.python.org/issu

[issue40145] Pyshellext room for binary size improvement

2020-04-01 Thread Alexander Riccio
New submission from Alexander Riccio : I've tweaked the pcbuild options for pyshellext to reduce the size of the binary. Since this is a very simple component, there really isn't much benefit of optimizing for speed, likely the slowest part of this component's lifetime is simply loading

[issue40143] shutil.rmtree will frequently fail on Windows under heavy load due to racy deletion

2020-04-01 Thread Alexander Riccio
New submission from Alexander Riccio : The "obvious" way to delete a directory tree on Windows is wrong. It's inherently racy, since deleting a file on Windows *doesn't actually delete it*, instead it marks the file for deletion. The system will eventually get around t

[issue25878] CPython on Windows builds with /W3, not /W4

2020-03-31 Thread Alexander Riccio
Alexander Riccio added the comment: Ok, so a draft of this produces 34 warnings, but makes way more changes to the .vcxproj and .filters files than I think it should: https://github.com/ariccio/cpython/commit/60152aa065a3ad861f0359a8ada7f2fbc83a3933 Before I submit a PR, I think I should

[issue40020] growable_comment_array_add leaks, causes crash

2020-03-31 Thread Alexander Riccio
Alexander Riccio added the comment: Sure, should I open a new issue? -- nosy: -vstinner resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker <https://bugs.python.or

[issue40082] Assertion failure in trip_signal

2020-03-27 Thread Alexander Riccio
Alexander Riccio added the comment: Hmmm, happens every time I interrupt while attached. Is there some obvious gotcha in the docs that I'm missing? -- ___ Python tracker <https://bugs.python.org/issue40

[issue40082] Assertion failure in trip_signal

2020-03-27 Thread Alexander Riccio
Alexander Riccio added the comment: Lmao the name mangling comes up as a mailto. That's interesting. -- ___ Python tracker <https://bugs.python.org/issue40

[issue40082] Assertion failure in trip_signal

2020-03-27 Thread Alexander Riccio
New submission from Alexander Riccio : While trying to make sense of some static analysis warnings for the Windows console IO module, I Ctrl+C'd in the middle of an intentionally absurd __repr__ output, and on proceeding in the debugger (which treated it as an exception), I immediately hit

[issue40079] NULL pointer deref on error path in _ssl debughelpers.c

2020-03-26 Thread Alexander Riccio
New submission from Alexander Riccio : At line 138 in debughelpers.c, ssl_obj, which was set to NULL on line 122, is dereferenced. I think the original intent was to actually bubble the error up through the ssl object. Full function: static void _PySSL_keylog_callback(const SSL *ssl

[issue40020] growable_comment_array_add leaks, causes crash

2020-03-19 Thread Alexander Riccio
Change by Alexander Riccio : -- keywords: +patch pull_requests: +18442 stage: -> patch review pull_request: https://github.com/python/cpython/pull/19083 ___ Python tracker <https://bugs.python.org/issu

[issue40020] growable_comment_array_add leaks, causes crash

2020-03-19 Thread Alexander Riccio
Alexander Riccio added the comment: Sidenote: visual studio was misleading and made this look like a use-after-free for a little while, which was interesting. -- nosy: +pablogsal ___ Python tracker <https://bugs.python.org/issue40

[issue40020] growable_comment_array_add leaks, causes crash

2020-03-19 Thread Alexander Riccio
New submission from Alexander Riccio : growable_comment_array_add in parsetok.c incorrectly uses realloc, which leaks the array when allocation fails, and then causes a null pointer deref crash later when the array is freed in growable_comment_array_deallocate (the array pointer

[issue25878] CPython on Windows builds with /W3, not /W4

2020-03-19 Thread Alexander Riccio
Alexander Riccio added the comment: Ok, so I finally have some proper time to work on this. How would people (who are higher up in python than me, obviously) feel about suppressing most of the warnings via a user macro in Visual Studio? I've found that it's quite easy to add a macro

[issue36790] test_asyncio fails with application verifier!

2019-05-14 Thread Alexander Riccio
Alexander Riccio added the comment: It's part of the Windows SDK, and is installed with it. To enable for this error, add the Python executable in Application Verifier, and check the Handles box. -- ___ Python tracker <https://bugs.python.

[issue36790] test_asyncio fails with application verifier!

2019-05-03 Thread Alexander Riccio
Alexander Riccio added the comment: Hmm, proceeding a bit further pointed to finish_recv in windows_events.py -- Added file: https://bugs.python.org/file48299/python_invalid_handle.PNG ___ Python tracker <https://bugs.python.org/issue36

[issue36790] test_asyncio fails with application verifier!

2019-05-03 Thread Alexander Riccio
New submission from Alexander Riccio : I compiled PCBuild Debug x64 from an updated clone of upstream, and when running the testsuite under Application Verifier with handle verification, the test triggers an invalid handle access by passing an invalid overlapped handle to CancelIoEx

[issue25878] CPython on Windows builds with /W3, not /W4

2019-04-18 Thread Alexander Riccio
Alexander Riccio added the comment: One more thing, after I ran code analysis: This is obviously a potential memory leak: Warning C6308 'realloc' might return null pointer: assigning null pointer to 'arr->items', which is passed as an argument to 'realloc', will cause the original mem

[issue25878] CPython on Windows builds with /W3, not /W4

2019-04-18 Thread Alexander Riccio
Alexander Riccio added the comment: I decided to come back to this after a python meetup last night. By messing with this a bit, building in VS2019 with /W4, I see that fully 2/3rds of the total warnings are from two specific warnings: C4100 (unreferenced formal parameter) C4127

[issue26137] [idea] use the Microsoft Antimalware Scan Interface

2016-07-02 Thread Alexander Riccio
Alexander Riccio added the comment: We might want to use some kind of Group Policy setting, for the same reason that many Windows security configuration options are there, and that DoD STIGs for Windows https://www.stigviewer.com/stig/windows_8_8.1/ are almost totally about configuring Group

[issue26137] [idea] use the Microsoft Antimalware Scan Interface

2016-07-02 Thread Alexander Riccio
Alexander Riccio added the comment: It's not just Stuxnet, as at least one other Advanced Persistent Threat uses that tactic. An APT (likely Russian intelligence) recently used encoded PowerShell to break into the Democratic National Committe: https://www.crowdstrike.com/blog/bears-midst

[issue26139] libmpdec: disable /W4 warning (non-standard dllimport behavior)

2016-01-18 Thread Alexander Riccio
Alexander Riccio added the comment: > Please stop educating us. Sorry, not what was intended! Tone transmits poorly. -- ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.or

[issue25878] CPython on Windows builds with /W3, not /W4

2016-01-17 Thread Alexander Riccio
Alexander Riccio added the comment: If there are few enough instances, then using a #pragma warning(suppress:4232) is probably the best idea. -- ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/i

[issue26137] [idea] use the Microsoft Antimalware Scan Interface

2016-01-17 Thread Alexander Riccio
New submission from Alexander Riccio: I'm really not sure what it'd look like, or how it'd work, but CPython should take advantage of Microsoft's Antimalware Scan Interface, which is new to Windows 10. It's designed for applications like interpreters, which can execute u trusted code that may

[issue26137] [idea] use the Microsoft Antimalware Scan Interface

2016-01-17 Thread Alexander Riccio
Alexander Riccio added the comment: See also: "Security Focus: Defending PowerShell with the Anti-Malware Scan Interface (AMSI)" http://blogs.technet.com/b/poshchap/archive/2015/10/16/security-focus-defending-powershell-with-windows-def

[issue26137] [idea] use the Microsoft Antimalware Scan Interface

2016-01-17 Thread Alexander Riccio
Alexander Riccio added the comment: When I say "I'm really not sure what it'd look like, or how it'd work" I mean at the C level. At a higher level, there are many places that I imagine are good places to use AMSI: Perhaps expressions passed in from the command line (-c) should

[issue26137] [idea] use the Microsoft Antimalware Scan Interface

2016-01-17 Thread Alexander Riccio
Alexander Riccio added the comment: See "Windows 10 to offer application developers new malware defenses" https://blogs.technet.microsoft.com/mmpc/2015/06/09/windows-10-to-offer-application-developers-new-malware-defenses/ for an example of how AMSI works with PowerShell

[issue25878] CPython on Windows builds with /W3, not /W4

2015-12-21 Thread Alexander Riccio
Alexander Riccio added the comment: > This should be about a 2 line change, but the current patch is several > hundred lines of spam. I agree, but wasn't immediately sure how to do so. Unfortunately, I've been working on other things, and I'm not sure when I'll be able to

[issue25891] Stray variable meth_idx in enable_symlink

2015-12-16 Thread Alexander Riccio
New submission from Alexander Riccio: See: https://hg.python.org/cpython/file/tip/Modules/posixmodule.c#l12383 The variable int meth_idx is initialized but not used. I have no idea how it got there. -- components: Windows messages: 256553 nosy: Alexander Riccio, paul.moore

[issue25893] Second variable DWORD reqdSize in getpythonregpath is initialized but not used

2015-12-16 Thread Alexander Riccio
New submission from Alexander Riccio: See: https://hg.python.org/cpython/file/tip/PC/getpathp.c#l324 The second variable named `reqdSize` in getpythonregpath is initialized but not used. -- components: Windows messages: 256555 nosy: Alexander Riccio, paul.moore, steve.dower

[issue25890] PyObject *po in _listdir_windows_no_opendir is initialized but not used

2015-12-16 Thread Alexander Riccio
New submission from Alexander Riccio: See: https://hg.python.org/cpython/file/tip/Modules/posixmodule.c#l3466 The variable PyObject *po in _listdir_windows_no_opendir is initialized but not used. Given that there's a variable named po_wchars, and two PyObject variables, I'm going to guess

[issue25890] PyObject *po in _listdir_windows_no_opendir is initialized but not used

2015-12-16 Thread Alexander Riccio
Alexander Riccio added the comment: (in the same function, char *bufptr is ALSO unused) -- ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/i

[issue25892] PyObject *exc in encode_code_page_strict is initialized but not used

2015-12-16 Thread Alexander Riccio
New submission from Alexander Riccio: See: https://hg.python.org/cpython/file/tip/Objects/unicodeobject.c#l7335 The variable PyObject *exc in encode_code_page_strict is initialized but not used. -- components: Windows messages: 256554 nosy: Alexander Riccio, paul.moore, steve.dower

[issue25878] CPython on Windows builds with /W3, not /W4

2015-12-16 Thread Alexander Riccio
Alexander Riccio added the comment: > The problem with this bug report is that there is little chance that it gets > resolved in the near term, and it's quite possible that it will stay open for > years. Somebody would have to sit down and start producing patches to fix > th

[issue25889] Find_BOM accepts a char*, but is passed an unsigned char*; and related usage

2015-12-16 Thread Alexander Riccio
New submission from Alexander Riccio: This is safe, but warns on /W4. In maybe_handle_shebang, an unsigned char* is passed to find_BOM, which accepts a char* (https://hg.python.org/cpython/file/tip/PC/launcher.c#l1139). Without an explicit cast, this generates a warning: 10>..\PC\launche

[issue25878] CPython on Windows builds with /W3, not /W4

2015-12-16 Thread Alexander Riccio
Alexander Riccio added the comment: Cut out more noisy warnings. -- Added file: http://bugs.python.org/file41333/W4_v3.patch ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/i

[issue25847] CPython not using Visual Studio code analysis!

2015-12-15 Thread Alexander Riccio
Alexander Riccio added the comment: I'll open up a new issue for /W4, and deal with that first. -- ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/i

[issue25878] CPython on Windows builds with /W3, not /W4

2015-12-15 Thread Alexander Riccio
New submission from Alexander Riccio: This issue is related to Issue25847. Compiling at /W4 is generally a good idea. It's an industry best practice, and even though I don't expect disagreement, I'll throw in a few coding standard links: https://www.securecoding.cert.org/confluence/display/c

[issue25847] CPython not using Visual Studio code analysis!

2015-12-15 Thread Alexander Riccio
Alexander Riccio added the comment: See Issue25878. -- ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue25847> ___ ___ Python-bugs-

[issue25878] CPython on Windows builds with /W3, not /W4

2015-12-15 Thread Alexander Riccio
Alexander Riccio added the comment: The warnings that I've disabled are: C4054, "'conversion' : from function pointer 'type1' to data pointer 'type2'": https://msdn.microsoft.com/en-us/library/07d15ax5(v=vs.90).aspx I disabled 4054because there are lots of void* to (s

[issue25878] CPython on Windows builds with /W3, not /W4

2015-12-15 Thread Alexander Riccio
Alexander Riccio added the comment: I've added the text build output. -- Added file: http://bugs.python.org/file41322/W4_v2_build_output ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/i

[issue25878] CPython on Windows builds with /W3, not /W4

2015-12-15 Thread Alexander Riccio
Changes by Alexander Riccio <test35...@gmail.com>: -- nosy: +paul.moore, steve.dower, tim.golden, zach.ware ___ Python tracker <rep...@bugs.python.org> <http://bugs.python

[issue25878] CPython on Windows builds with /W3, not /W4

2015-12-15 Thread Alexander Riccio
Changes by Alexander Riccio <test35...@gmail.com>: -- components: +Windows ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue25878> ___

[issue25847] CPython not using Visual Studio code analysis!

2015-12-14 Thread Alexander Riccio
Alexander Riccio added the comment: > That is, (as I undersatnd it) we've done a lot of work to not have compiler > warnings generated during compilation, and we don't want to backtrack on that. Well, as-is, simply building as x64 generates a bunch of warnings, so it's not *quite* cl

[issue25847] CPython not using Visual Studio code analysis!

2015-12-14 Thread Alexander Riccio
Alexander Riccio added the comment: > In which direction do you find us to be mad? That's really quite a low warning level! For a large project, I can't imagine anything less than /W4! -- ___ Python tracker <rep...@bugs.python.org&

[issue25847] CPython not using Visual Studio code analysis!

2015-12-14 Thread Alexander Riccio
Alexander Riccio added the comment: Actually, hmm... the very naive version *DOES NOT* work. Grr. -- ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/i

[issue25847] CPython not using Visual Studio code analysis!

2015-12-14 Thread Alexander Riccio
Alexander Riccio added the comment: Hold on... CPython builds at /W3???!? What is this madness??!? -- Added file: http://bugs.python.org/file41312/CPythonW3.PNG ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/i

[issue25847] CPython not using Visual Studio code analysis!

2015-12-14 Thread Alexander Riccio
Alexander Riccio added the comment: > OK, let's move this to patch needed, then, and see if anyone is ambitious > enough to do the work needed to make it useful to us :) I can try and hack it in, just as proof of concept. I think I should just be able to add something like: /p:EnableP

[issue25847] CPython not using Visual Studio code analysis!

2015-12-14 Thread Alexander Riccio
Alexander Riccio added the comment: Yup, the very naive version works. -- keywords: +patch Added file: http://bugs.python.org/file41311/EnableCodeAnalysis.patch ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/i

[issue25846] Use of Py_ARRAY_LENGTH on pointer in posixmodule.c, win32_wchdir

2015-12-13 Thread Alexander Riccio
Alexander Riccio added the comment: > Are you aware of the Coverity program? Last time I heard about Coverity, > CPython had 0 bug found by Coverity ;-) Yup, see Issue25847. > The sad part is that Py_ARRAY_LENGTH() is written for static analysis Sadly, yeah. MSVC, when compi

[issue25847] CPython not using Visual Studio code analysis!

2015-12-13 Thread Alexander Riccio
Alexander Riccio added the comment: > Is analyze something that can be used from the command line only, or does it > require the GUI? You can do it from the command line - Chrome/chromium makes use of it as such. See: https://code.google.com/p/chromium/issues/detail?id=427616 The /a

[issue25844] Pylauncher, launcher.c: Assigning NULL to a pointer instead of testing against NULL

2015-12-11 Thread Alexander Riccio
New submission from Alexander Riccio: I found this while writing up a separate bug (CPython doesn't use static analysis!). In PC/launcher.c, get_env has a bug: /* Large environment variable. Accept some leakage */ wchar_t *buf2 = (wchar_t*)malloc(sizeof(wchar_t) * (result+1

[issue25844] Pylauncher, launcher.c: Assigning NULL to a pointer instead of testing against NULL

2015-12-11 Thread Alexander Riccio
Changes by Alexander Riccio <test35...@gmail.com>: -- type: -> crash ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue25844> ___ __

[issue25846] Use of Py_ARRAY_LENGTH on pointer in posixmodule.c, win32_wchdir

2015-12-11 Thread Alexander Riccio
New submission from Alexander Riccio: I found this while writing up a separate bug (CPython doesn't use static analysis!). In modules/posixmodule.c, win32_wchdir uses Py_ARRAY_LENGTH on a wchar_t*: wchar_t _new_path[MAX_PATH], *new_path = _new_path; int result; wchar_t env[4] = L

[issue25845] _ctypes\cfield.c identical subexpressions in Z_set

2015-12-11 Thread Alexander Riccio
New submission from Alexander Riccio: I found this while writing up a separate bug (CPython doesn't use static analysis!). In _ctypes/cfield.c, Z_set has a bug of some sort: if (PyLong_Check(value) || PyLong_Check(value)) { See: https://hg.python.org/cpython/file/tip/Modules/_ctypes

[issue25847] CPython not using Visual Studio code analysis!

2015-12-11 Thread Alexander Riccio
New submission from Alexander Riccio: Visual Studio comes with static analysis, enabled by /analyze (command line) or "Code analysis" in the project configuration dialog. Currently, none of the CPython projects in PCbuild have Code Analysis turned on, in any configuration. I

[issue25386] msvcrt_putch/msvcrt_putwch don't check the return value of _putch/_putwch

2015-10-22 Thread Alexander Riccio
Alexander Riccio added the comment: Sorry for the delay: Gmail actually directed the update emails to my spam folder! Gmail said (something like): "It is in violation of Google's recommended email sender guidelines." ...and it's apparently not the first time this has happened with

[issue25386] msvcrt_putch/msvcrt_putwch don't check the return value of _putch/_putwch

2015-10-12 Thread Alexander Riccio
Alexander Riccio added the comment: For your convenience, the MSDN docs for the _putch/_putwch functions: https://msdn.microsoft.com/en-us/library/azb6c04e.aspx -- ___ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/i

[issue25386] msvcrt_putch/msvcrt_putwch don't check the return value of _putch/_putwch

2015-10-12 Thread Alexander Riccio
New submission from Alexander Riccio: A minor issue (probably qualifies for the "easy" keyword): All functions in msvcrtmodule.c (I'm looking at http://svn.python.org/projects/python/trunk/PC/msvcrtmodule.c) except msvcrt_putch and msvcrt_putwch properly check return values aga

[issue25387] sound_msgbeep doesn't check the return value of MessageBeep

2015-10-12 Thread Alexander Riccio
New submission from Alexander Riccio: A really minor issue (probably qualifies for the "easy" keyword): sound_msgbeep (in http://svn.python.org/projects/python/trunk/PC/winsound.c) doesn't check the return value of MessageBeep (https://msdn.microsoft.com/en-us/library/windows/deskto

[issue25387] sound_msgbeep doesn't check the return value of MessageBeep

2015-10-12 Thread Alexander Riccio
Changes by Alexander Riccio <test35...@gmail.com>: -- components: Windows nosy: Alexander Riccio, paul.moore, steve.dower, tim.golden, zach.ware priority: normal severity: normal status: open title: sound_msgbeep doesn't check the return value of MessageBeep type: behavior ve