https://github.com/python/cpython/commit/7a29c9883f4cf61372895362e865f7d2f99bd4ca
commit: 7a29c9883f4cf61372895362e865f7d2f99bd4ca
branch: main
author: Gregory P. Smith <g...@krypto.org>
committer: gpshead <g...@krypto.org>
date: 2025-04-14T06:22:29Z
summary:
GH-115322: fix ctypes call_function audit hook on 32-bit platforms (GH-132496)
* GH-115322: fix ctypes call_function audit hook on 32-bit platforms.
It was using a signed conversion to communicate the function id (pointer) value.
files:
M Lib/test/audit-tests.py
M Misc/NEWS.d/next/Security/2024-02-18-02-53-25.gh-issue-115322.Um2Sjx.rst
M Modules/_ctypes/callproc.c
diff --git a/Lib/test/audit-tests.py b/Lib/test/audit-tests.py
index 3d81f27e5cb46d..08b638e4b8d524 100644
--- a/Lib/test/audit-tests.py
+++ b/Lib/test/audit-tests.py
@@ -311,10 +311,10 @@ def test_ctypes_call_function():
with TestHook() as hook:
_ctypes.call_function(ctypes._memmove_addr, (0, 0, 0))
- assert ("ctypes.call_function", (ctypes._memmove_addr, (0, 0, 0))) in
hook.seen
+ assert ("ctypes.call_function", (ctypes._memmove_addr, (0, 0, 0))) in
hook.seen, f"{ctypes._memmove_addr=} {hook.seen=}"
ctypes.CFUNCTYPE(ctypes.c_voidp)(ctypes._memset_addr)(1, 0, 0)
- assert ("ctypes.call_function", (ctypes._memset_addr, (1, 0, 0))) in
hook.seen
+ assert ("ctypes.call_function", (ctypes._memset_addr, (1, 0, 0))) in
hook.seen, f"{ctypes._memset_addr=} {hook.seen=}"
with TestHook() as hook:
ctypes.cast(ctypes.c_voidp(0), ctypes.POINTER(ctypes.c_char))
diff --git
a/Misc/NEWS.d/next/Security/2024-02-18-02-53-25.gh-issue-115322.Um2Sjx.rst
b/Misc/NEWS.d/next/Security/2024-02-18-02-53-25.gh-issue-115322.Um2Sjx.rst
index a09e1f1fcdcab7..8eb5c3ed04ee2c 100644
--- a/Misc/NEWS.d/next/Security/2024-02-18-02-53-25.gh-issue-115322.Um2Sjx.rst
+++ b/Misc/NEWS.d/next/Security/2024-02-18-02-53-25.gh-issue-115322.Um2Sjx.rst
@@ -1,4 +1,5 @@
The underlying extension modules behind :mod:`readline`:, :mod:`subprocess`,
and :mod:`ctypes` now raise audit events on previously uncovered code paths
that could lead to file system access related to C function calling and
-external binary execution.
+external binary execution. The ``ctypes.call_function`` audit hook has also
+been fixed to use an unsigned value for its ``function pointer``.
diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c
index f5db49ff4bc61c..cb8ab7b33a2953 100644
--- a/Modules/_ctypes/callproc.c
+++ b/Modules/_ctypes/callproc.c
@@ -1199,8 +1199,17 @@ PyObject *_ctypes_callproc(ctypes_state *st,
PyObject *retval = NULL;
// Both call_function and call_cdeclfunction call us:
+#if SIZEOF_VOID_P == SIZEOF_LONG
+ if (PySys_Audit("ctypes.call_function", "kO",
+ (unsigned long)pProc, argtuple) < 0) {
+#elif SIZEOF_VOID_P == SIZEOF_LONG_LONG
+ if (PySys_Audit("ctypes.call_function", "KO",
+ (unsigned long long)pProc, argtuple) < 0) {
+#else
+# warning "unexpected pointer size, you may see odd values in audit hooks"
if (PySys_Audit("ctypes.call_function", "nO",
(Py_ssize_t)pProc, argtuple) < 0) {
+#endif
return NULL;
}
_______________________________________________
Python-checkins mailing list -- python-checkins@python.org
To unsubscribe send an email to python-checkins-le...@python.org
https://mail.python.org/mailman3/lists/python-checkins.python.org/
Member address: arch...@mail-archive.com
