[Full-disclosure] python <= 2.5.1 standart librairy multiples int overflow, heap overflow in imageop module
Andrew Farmer
andfarm at gmail.com
Sun Sep 16 08:24:04 BST 2007
On 15 Sep 07, at 16:53, Slythers Bro wrote:
> The module imageop contains a lots of int overflow, which result in
> heap overflow, and maybe memory dump.
> The files imageop.c and rbgimgmodule.c are examples.
<snip>
The real question: Does anybody actually use those modules? Most
Python programs that I've seen that do image processing use other
methods, like PIL or calling out to Imagemagick.
A bit of searching on Google Code Search didn't find me anything that
actually used imageop or rgbimgmodule except test cases for those
modules. rgbimgmodule isn't even part of a standard build of Python 2.5.
Remember that Python is *not* a managed language - there's no
guarantees of safety inherent in the language. In fact, there are
easier ways to execute native code: take a look at ctypes, for
example. While I'd definitely classify the behavior you've identified
as a bug, it's unlikely to be exploitable in the context of any
programs which use it (if, indeed, there are any).
Full-Disclosure is hosted and sponsored by Secunia.