Message 391536 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	njs
Recipients	christian.heimes, njs, steve.dower
Date	2021-04-21.17:55:13
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<[email protected]>
In-reply-to

Content
Python's 'id' function exposes raw memory addresses constantly. As long as they're just integers, they can't do much harm. (In Rust, taking a pointer to a random object is considered totally safe, can be done anywhere. It's dereferencing a pointer where you need special 'unsafe' annotations.) Addresses can potentially reveal ASLR slides or heap layout to an attacker, but I think the marginal risk here is pretty low. You'd need a situation where someone is like, tricking your program into calling ctx._ssl_ctx_addr() and then sending the result to the attacker? Seems unlikely, and not something anyone worries about with 'id'.

Python's 'id' function exposes raw memory addresses constantly. As long as they're just integers, they can't do much harm.

(In Rust, taking a pointer to a random object is considered totally safe, can be done anywhere. It's *dereferencing* a pointer where you need special 'unsafe' annotations.)

Addresses can potentially reveal ASLR slides or heap layout to an attacker, but I think the marginal risk here is pretty low. You'd need a situation where someone is like, tricking your program into calling ctx._ssl_ctx_addr() and then sending the result to the attacker? Seems unlikely, and not something anyone worries about with 'id'.

History
Date	User	Action	Args
2021-04-21 17:55:13	njs	set	recipients: + njs, christian.heimes, steve.dower
2021-04-21 17:55:13	njs	set	messageid: <[email protected]>
2021-04-21 17:55:13	njs	link	issue43902 messages
2021-04-21 17:55:13	njs	create