Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix a soundness bug with PyClassInitializer #4454

Merged
merged 1 commit into from
Aug 21, 2024
Merged

Fix a soundness bug with PyClassInitializer #4454

merged 1 commit into from
Aug 21, 2024

Conversation

ChayimFriedman2
Copy link
Contributor

From now you cannot initialize a PyClassInitializer<SubClass> with PyClassInitializer::from(Py<BaseClass>).add_subclass(SubClass).

This was out of bounds write. Now it panics. See details at #4452.

This is a short-term fix for #4452.

Long-term, we probably want to forbid that at compile time, but that will be a breaking change.

alex
alex reviewed Aug 19, 2024
View reviewed changes
Copy link
Contributor

@alex alex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This LGTM. We still have unsoundness because you can do PyClassInitializer::new(SubClass{}, PyClassInitializer::from(Py::new(py, Baseclass{}))) though :-(

Do you see a good way to deal with that? Maybe PyClassInitializer::new just shouldn't be public, is there a reason to use it?

davidhewitt
davidhewitt reviewed Aug 19, 2024
View reviewed changes
Copy link
Member

@davidhewitt davidhewitt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The ::new in particular is a bit strange given it's asking for inheritance, I would be ok with removing it (maybe by making it panic immediately for the Existing case and deprecating the symbol, to be at least a little graceful to users).

tests/add_subclass_to_py.rs Outdated Show resolved Hide resolved
@ChayimFriedman2 ChayimFriedman2 force-pushed the fix-unsound-pyclassinitializer branch from 1749f4c to fcecffb Compare August 19, 2024 14:13
@ChayimFriedman2
Copy link
Contributor Author

@alex Fixed the issue with new().

@ChayimFriedman2 ChayimFriedman2 force-pushed the fix-unsound-pyclassinitializer branch 3 times, most recently from 16abef4 to 2159f0f Compare August 19, 2024 22:25
@ChayimFriedman2
Fix a soundness bug with PyClassInitializer
01edfde 
From now you cannot initialize a `PyClassInitializer<SubClass>` with `PyClassInitializer::from(Py<BaseClass>).add_subclass(SubClass)`.

This was out of bounds write. Now it panics. See details at PyO3#4452.
@ChayimFriedman2 ChayimFriedman2 force-pushed the fix-unsound-pyclassinitializer branch from 2159f0f to 01edfde Compare August 19, 2024 23:24
davidhewitt
davidhewitt approved these changes Aug 21, 2024
View reviewed changes
Copy link
Member

@davidhewitt davidhewitt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@davidhewitt davidhewitt added this pull request to the merge queue Aug 21, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Aug 21, 2024
@davidhewitt davidhewitt added this pull request to the merge queue Aug 21, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to no response for status checks Aug 21, 2024
@ChayimFriedman2
Copy link
Contributor Author

I cannot reproduce valgrind's failure locally. @davidhewitt can you help with that?

@davidhewitt
Copy link
Member

See #4463, I pinned main back, this should merge ok now.

@davidhewitt davidhewitt added this pull request to the merge queue Aug 21, 2024
Merged via the queue into PyO3:main with commit 8413890 Aug 21, 2024
43 checks passed
davidhewitt pushed a commit that referenced this pull request Sep 3, 2024
@ChayimFriedman2 @davidhewitt
Fix a soundness bug with PyClassInitializer (#4454)
eb59c54 
From now you cannot initialize a `PyClassInitializer<SubClass>` with `PyClassInitializer::from(Py<BaseClass>).add_subclass(SubClass)`.

This was out of bounds write. Now it panics. See details at #4452.
davidhewitt pushed a commit that referenced this pull request Sep 3, 2024
@ChayimFriedman2 @davidhewitt
Fix a soundness bug with PyClassInitializer (#4454)
2fc6e62 
From now you cannot initialize a `PyClassInitializer<SubClass>` with `PyClassInitializer::from(Py<BaseClass>).add_subclass(SubClass)`.

This was out of bounds write. Now it panics. See details at #4452.
davidhewitt pushed a commit that referenced this pull request Sep 15, 2024
@ChayimFriedman2 @davidhewitt
Fix a soundness bug with PyClassInitializer (#4454)
acbe5d5 
From now you cannot initialize a `PyClassInitializer<SubClass>` with `PyClassInitializer::from(Py<BaseClass>).add_subclass(SubClass)`.

This was out of bounds write. Now it panics. See details at #4452.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alex alex alex left review comments

@davidhewitt davidhewitt davidhewitt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ChayimFriedman2 @davidhewitt @alex