Serhiy Storchaka added the comment:
This is a deliberate decision. In general, it is very difficult to verify the
bytecode for correctness (whatever correctness criterion has been chosen). Any
check takes time and this will slow down the execution in the normal case. This
is not considered
LCatro added the comment:
actually ,LOAD_CONST is taking an correct offset .I make a Python opcode
compiler ,LOAD_CONST '\x41\x41\x41\x41' will
conver to LOAD_CONST 1 .look back the poc ,it mean :
LOAD_CONST 1 => Load a string object from co->consts to
Jelle Zijlstra added the comment:
I don't think this is a bug; it is known and expected that you can do all kinds
of bad things by writing bytecode manually. (You can already make Python write
to random memory by giving it LOAD_FAST or STORE_FAST opcodes with incorrect
offsets.)
This doesn't
New submission from LCatro:
PyFunction_New() not validate code object ,so we can make a string object to
fake code object
This is Python ByteCode :
LOAD_CONST '\x41\x41\x41\x41'
MAKE_FUNCTION 0
in source code ,we can see that string object trace to variant