Skip to content

gh-143005: prevent incompatible __class__ reassignment for ctypes arrays #143907

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
VanshAgarwal24036 wants to merge 7 commits into
base: main
Choose a base branch
from
Open

gh-143005: prevent incompatible __class__ reassignment for ctypes arrays #143907

VanshAgarwal24036 wants to merge 7 commits into from
+113 −0

Conversation

@VanshAgarwal24036
Copy link
Contributor

@VanshAgarwal24036 VanshAgarwal24036 commented Jan 16, 2026
edited by bedevere-app bot
Loading

This PR fixes a heap buffer overflow in ctypes arrays caused by assigning
class to an incompatible array type.

The change rejects class reassignment when the new array type differs
in length, size, or element type, preventing out-of-bounds memory access.
A regression test is included.

@bedevere-app bedevere-app bot mentioned this pull request Jan 16, 2026
Open
@VanshAgarwal24036 VanshAgarwal24036 force-pushed the gh-143005-ctypes-class-safety branch from 59929a5 to d17521c Compare January 16, 2026 14:02
@VanshAgarwal24036
Copy link
Contributor Author

VanshAgarwal24036 commented Jan 20, 2026

@serhiy-storchaka
I’ve opened a PR fixing the ctypes array class reassignment issue discussed here.
CI is green now; no rush, just sharing in case you have time to take a look.

serhiy-storchaka
serhiy-storchaka reviewed Jan 20, 2026
View reviewed changes
Copy link
Member

@serhiy-storchaka serhiy-storchaka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your PR, @VanshAgarwal24036. I did not know what to do with this issue. It seems that adding check in tp_setattro is the way to go. But I suspect we need more tests -- each condition should be covered by alternate tests,

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@serhiy-storchaka serhiy-storchaka Awaiting requested review from serhiy-storchaka

Assignees

No one assigned

Labels

awaiting review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@VanshAgarwal24036 @serhiy-storchaka