changeset:   105249:4de956751cf1
branch:      2.7
user:        Martin Panter <vadmium+py@gmail.com>
date:        Sun Nov 20 09:35:06 2016 +0000
files:       Lib/ctypes/test/test_frombuffer.py Misc/NEWS Modules/_ctypes/_ctypes.c
description:
Issue #25659: Change assert to TypeError in from_buffer/_copy()

Based on suggestion by Eryk Sun.


diff -r ca46883fc5cf -r 4de956751cf1 Lib/ctypes/test/test_frombuffer.py
--- a/Lib/ctypes/test/test_frombuffer.py	Sun Nov 20 09:31:41 2016 +0000
+++ b/Lib/ctypes/test/test_frombuffer.py	Sun Nov 20 09:35:06 2016 +0000
@@ -77,5 +77,13 @@
         self.assertRaises(ValueError,
                           (c_int * 1).from_buffer_copy, a, 16 * sizeof(c_int))
 
+    def test_abstract(self):
+        self.assertRaises(TypeError, Array.from_buffer, bytearray(10))
+        self.assertRaises(TypeError, Structure.from_buffer, bytearray(10))
+        self.assertRaises(TypeError, Union.from_buffer, bytearray(10))
+        self.assertRaises(TypeError, Array.from_buffer_copy, b"123")
+        self.assertRaises(TypeError, Structure.from_buffer_copy, b"123")
+        self.assertRaises(TypeError, Union.from_buffer_copy, b"123")
+
 if __name__ == '__main__':
     unittest.main()
diff -r ca46883fc5cf -r 4de956751cf1 Misc/NEWS
--- a/Misc/NEWS	Sun Nov 20 09:31:41 2016 +0000
+++ b/Misc/NEWS	Sun Nov 20 09:35:06 2016 +0000
@@ -63,6 +63,9 @@
 Library
 -------
 
+- Issue #25659: In ctypes, prevent a crash calling the from_buffer() and
+  from_buffer_copy() methods on abstract classes like Array.
+
 - Issue #28563: Fixed possible DoS and arbitrary code execution when handle
   plural form selections in the gettext module.  The expression parser now
   supports exact syntax supported by GNU gettext.
diff -r ca46883fc5cf -r 4de956751cf1 Modules/_ctypes/_ctypes.c
--- a/Modules/_ctypes/_ctypes.c	Sun Nov 20 09:31:41 2016 +0000
+++ b/Modules/_ctypes/_ctypes.c	Sun Nov 20 09:35:06 2016 +0000
@@ -501,7 +501,10 @@
     Py_ssize_t offset = 0;
     PyObject *obj, *result;
     StgDictObject *dict = PyType_stgdict(type);
-    assert (dict);
+    if (!dict) {
+        PyErr_SetString(PyExc_TypeError, "abstract class");
+        return NULL;
+    }
 
     if (!PyArg_ParseTuple(args,
 #if (PY_VERSION_HEX < 0x02050000)
@@ -557,13 +560,16 @@
     Py_ssize_t offset = 0;
     PyObject *obj, *result;
     StgDictObject *dict = PyType_stgdict(type);
-    assert (dict);
+    if (!dict) {
+        PyErr_SetString(PyExc_TypeError, "abstract class");
+        return NULL;
+    }
 
     if (!PyArg_ParseTuple(args,
 #if (PY_VERSION_HEX < 0x02050000)
-                          "O|i:from_buffer",
+                          "O|i:from_buffer_copy",
 #else
-                          "O|n:from_buffer",
+                          "O|n:from_buffer_copy",
 #endif
                           &obj, &offset))
         return NULL;