Memory-unsafe operations in pure CPython via LOAD_CONST OOB exploit, wrapped in safe context managers

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for freQuensy from gravatar.com freQuensy

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

unsafe-python

Memory-unsafe operations in pure CPython, gated behind safe context managers. No ctypes, no C extensions.

CPython 3.8 - 3.11 only.

Installation

pip install -U unsafelib

Usage

from unsafelib import Unsafe

# All unsafe ops require a context block
with Unsafe() as u:
    # Get heap address of any Python object
    obj = [1, 2, 3]
    print(hex(u.addrof(obj)))  # 0x7f2a1c3d4e80

    # Read/write raw process memory
    mem = u.getmem()
    print(bytes(mem[u.addrof(obj):u.addrof(obj) + 32]))

    # Forge a fake object from an address
    clone = u.fakeobj(u.addrof(obj))
    assert clone is obj

    # Jump to arbitrary address (segfaults)
    u.setrip(0xDEADBEEF)

# Outside the block - raises UnsafeContextError
u.getmem()  # UnsafeContextError: Cannot call 'getmem' outside of an unsafe context.

License

MIT

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for freQuensy from gravatar.com freQuensy

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

unsafelib-0.1.0.tar.gz (21.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

unsafelib-0.1.0-py3-none-any.whl (7.8 kB view details)

Uploaded Python 3

File details

Details for the file unsafelib-0.1.0.tar.gz.

File metadata

  • Download URL: unsafelib-0.1.0.tar.gz
  • Upload date:
  • Size: 21.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for unsafelib-0.1.0.tar.gz
Algorithm Hash digest
SHA256 db78534ca1a8c05efa816f2665c6785259ed4a53647c7d64a4d7adc0c6289d07
MD5 8866003c44463f77d1acb1bdc6a52e2c
BLAKE2b-256 875c2f24933767050f7aeba84c0fb9f15c352a08a643250202ff6307bed4a4d1

See more details on using hashes here.

Provenance

The following attestation bundles were made for unsafelib-0.1.0.tar.gz:

Publisher: publish.yml on freQuensy23-coder/unsafelib

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file unsafelib-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: unsafelib-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 7.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for unsafelib-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 eb5691c0c724f55dd4fa975c15384b14bab16bd7a27b1654773b077d23c27410
MD5 f080cccdf5568a0c823f0bf55e1f717f
BLAKE2b-256 28ff9da962bd5a7f37d7af884785013593d42d501fe263696281f4f20ecabcce

See more details on using hashes here.

Provenance

The following attestation bundles were made for unsafelib-0.1.0-py3-none-any.whl:

Publisher: publish.yml on freQuensy23-coder/unsafelib

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page