Welcome!
This is the community forum for my apps Pythonista and Editorial.
For individual support questions, you can also send an email. If you have a very short question or just want to say hello — I'm @olemoritz on Twitter.
Objc_util and inline assembly
-
This might be a stupid question, but if objc_util allows you to use and create objective c objects then couldn't you create an inline assmebler method? If this doesnt work with objc_util what about pure ctypes? I know and understand little of the ctypes or objc_util modules and less about objective-C but I began wondering if this was possible. I can't remember what triggered the thought, but its been bugging me and I thought I should bring it up since it might be a security risk if true.
-
The "special features" of
ctypes
are loading and working with dynamic libraries, i. e. calling their functions and reading their global variables. All other features ofctypes
andobjc_util
are based on this core functionality and of course the Objective-C and iOS libraries/frameworks, but there are no other "magic" features.In normal C, the
asm
keyword can be used to insert inline assembly code into a program. Because it's inline, it is inserted directly into the rest of the function bytecode when the code is compiled. This means that by looking at the compiled code, you can't really tell what part of it was C and what was assembly code. Most importantly there is noasm
function anywhere in the C libraries that you could call withctypes
.If you wanted to execute arbitrary native code, the way to do that would be to get a function pointer and modify the memory that it points to. Though I'd expect that any modern operating system has security measures to prevent this kind of code injection.
If you're worried about security risks - iOS is more sandboxed than any normal operating system. The worst you can do with Pythonista is destroy your own scripts or crash the app. (Crashing Pythonista is not very hard, you don't even need
ctypes
for that.os.abort()
andos._exit(0)
quit the app instantly, and you can crash Python by executing a code object with invalid bytecode.) -
@dgelessus
Thanks for the explanation, I was half expecting an answer along those lines.