[tahoe-dev] [pycryptopp] #19: Segmentation fault in HashMultipleBlocks
pycryptopp
trac at allmydata.org
Mon Sep 7 21:58:40 PDT 2009
#19: Segmentation fault in HashMultipleBlocks
---------------------+------------------------------------------------------
Reporter: francois | Owner: francois
Type: defect | Status: new
Priority: major | Version: 0.5.1
Keywords: | Launchpad_bug:
---------------------+------------------------------------------------------
Comment(by nejucomo):
When looking at the stack trace I see that the message size is ~140
Terrabytes, so either Francois has quite the heavy-duty application, or
this is related to the corruption.
Here's an untested hypothesis:
PyArg_ParseTupleAndKeywords is called with "t#" and passed msgsize, a
Py_ssize_t, to receive the length.
The documentation on python argument parsing says "t#" is like "s#" and
"s#" says:
"""
Starting with Python 2.5 the type of the length argument can be controlled
by defining the macro PY_SSIZE_T_CLEAN before including Python.h. If the
macro is defined, length is a Py_ssize_t rather than an int.
"""
See: http://docs.python.org/c-api/arg.html
So maybe on x86_64 and with PY_SSIZE_T_CLEAN toggled the wrong way,
PyArg_ParseTupleAndKeywords (which is a varargs function) writes the
output arguments using the wrong boundaries.
Another curious potential for a bug is the implicit cast of msgsize to a
size_t when calling VerifyMessage, but I haven't thought that one out yet.
--
Ticket URL: <http://allmydata.org/trac/pycryptopp/ticket/19#comment:5>
pycryptopp <http://allmydata.org/trac/pycryptopp>
Python bindings for the Crypto++ library
More information about the tahoe-dev
mailing list