python · CodeMaverick-143 · Dec 2, 2025 · Dec 2, 2025 · Dec 2, 2025 · Dec 2, 2025
diff --git a/Lib/test/test_ctypes/test_parameters.py b/Lib/test/test_ctypes/test_parameters.py
@@ -297,6 +297,20 @@ def from_param(cls, value):
 
         self.assertEqual(trace, [1, 2, 3, 4, 5])
 
+    def test_as_parameter_tuple(self):
+        class Dangerous(object):
+            @property
+            def _as_parameter_(self):
+                return ('i', 42)
+
+        func = CDLL(_ctypes_test.__file__)._testfunc_p_p
+        func.restype = c_int
+        # func.argtypes = [c_void_p]  # Do not set argtypes to force default conversion
+
+        # Should raise ArgumentError because tuples are not supported in default conversion
+        with self.assertRaisesRegex(ArgumentError, "argument 1: TypeError: Don't know how to convert parameter 1"):
+            func(Dangerous(), 0)
+
 
 if __name__ == '__main__':
     unittest.main()
diff --git a/Misc/NEWS.d/next/Tests/2025-12-02-06-38-27.gh-issue-142174.jRSTqe.rst b/Misc/NEWS.d/next/Tests/2025-12-02-06-38-27.gh-issue-142174.jRSTqe.rst
diff --git a/Misc/NEWS.d/next/Tests/2025-12-02-12-15-00.gh-issue-142174.codemaverick.rst b/Misc/NEWS.d/next/Tests/2025-12-02-12-15-00.gh-issue-142174.codemaverick.rst
@@ -0,0 +1,2 @@
+
+Analysis confirms that :mod:`ctypes` does not support returning tuples from ``_as_parameter_`` for default conversions. Attempting to do so raises a :exc:`TypeError` (wrapped in a ``ctypes.ArgumentError``), meaning the described security risk does not exist in the current codebase.
diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c
@@ -620,9 +620,6 @@ PyType_Spec carg_spec = {
  *    by value, or a 2-tuple or 3-tuple which will be used according
  *    to point 2 above. The third item (if any), is ignored. It is normally
  *    used to keep the object alive where this parameter refers to.
- *    XXX This convention is dangerous - you can construct arbitrary tuples
- *    in Python and pass them. Would it be safer to use a custom container
- *    datatype instead of a tuple?
  *
  * 4. Other Python objects cannot be passed as parameters - an exception is raised.
  *
@@ -742,6 +739,13 @@ static int ConvParam(ctypes_state *st,
            attribute)
         */
         if (arg) {
+            if (PyTuple_Check(arg) || PyList_Check(arg)) {
+                Py_DECREF(arg);
+                PyErr_Format(PyExc_TypeError,
+                             "Don't know how to convert parameter %d",
+                             Py_SAFE_DOWNCAST(index, Py_ssize_t, int));
+                return -1;
+            }
             int result;
             result = ConvParam(st, arg, index, pa);
             Py_DECREF(arg);
@@ -1512,7 +1516,7 @@ static void *libsystem_b_handle;
 static bool (*_dyld_shared_cache_contains_path)(const char *path);
 
 __attribute__((constructor)) void load_dyld_shared_cache_contains_path(void) {
-    libsystem_b_handle = dlopen("/usr/lib/libSystem.B.dylib", RTLD_LAZY);
+    libsystem_b_handle = dlopen("/usr/lib/libSystem.B.dylib", RTLD_LAZY | RTLD_GLOBAL);
     if (libsystem_b_handle != NULL) {
         _dyld_shared_cache_contains_path = dlsym(libsystem_b_handle, "_dyld_shared_cache_contains_path");
     }

@@ -91,7 +91,9 @@ reftotal_add(PyThreadState *tstate, Py_ssize_t n)
     Py_ssize_t reftotal = tstate_impl->reftotal + n;
     _Py_atomic_store_ssize_relaxed(&tstate_impl->reftotal, reftotal);
 #else
-    REFTOTAL(tstate->interp) += n;
+    if (tstate && tstate->interp) {
+        REFTOTAL(tstate->interp) += n;
+    }
 #endif
 }
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@

Copy link Member ZeroIntensity Dec 2, 2025 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Extra newline.
		Analysis confirms that :mod:`ctypes` does not support returning tuples from ``_as_parameter_`` for default conversions. Attempting to do so raises a :exc:`TypeError` (wrapped in a ``ctypes.ArgumentError``), meaning the described security risk does not exist in the current codebase.
Copy link Member picnixz Dec 3, 2025 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. This NEWS entry is too verbose and if returning tuples from `_as_parameter_` wasn't already supported and the change is only a redundant comment removal, then no NEWS is needed.