Issue 1664966: crash in exec statement if uncode filename cannot be decoded (original) (raw)

In case the exec statement gets an open file with a unicode object in f->f_fp the return value of PyString_AsString is not checked for an error and therefore a NULL pointer is given to PyRun_File which then leads to a crash.

in ceval.c: line 4171 ff

FILE *fp = PyFile_AsFile(prog); char *name = PyString_AsString(PyFile_Name(prog)); PyCompilerFlags cf; cf.cf_flags = 0; if (PyEval_MergeCompilerFlags(&cf)) v = PyRun_FileFlags(fp, name, Py_file_input, globals, locals, &cf); else v = PyRun_File(fp, name, Py_file_input, globals, locals);

Name is NULL after conversion.

Patch would be:

FILE *fp = PyFile_AsFile(prog); char *name = PyString_AsString(PyFile_Name(prog)); if(name == NULL) return -1; PyCompilerFlags cf;