Issue 36421: A possible double decref in _ctypes.c's PyCArrayType_new() (original) (raw)
Created on 2019-03-25 03:31 by ZackerySpytz, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 12530 | merged | ZackerySpytz,2019-03-25 03:35 | |
| PR 12533 | merged | miss-islington,2019-03-25 08:08 | |
| PR 12534 | merged | ZackerySpytz,2019-03-25 10:50 |
| Messages (6) | ||
|---|---|---|
| msg338779 - (view) | Author: Zackery Spytz (ZackerySpytz) *  |
Date: 2019-03-25 03:31 |
| In PyCArrayType_new(), type_attr is assigned to stgdict->proto. If the PyDict_Update() call fails in that function, type_attr will be decrefed an extra time when stgdict is deallocated. I'll create a PR for this issue. | ||
| msg338782 - (view) | Author: Stéphane Wirtel (matrixise) *  |
Date: 2019-03-25 05:26 |
| Hi Zackery, just one question, how did you detect this bug? in reading the code, with a tool (valgrind or sanitizer) or with a test? Have a nice day and thank you for the clarification. | ||
| msg338787 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2019-03-25 08:07 |
| New changeset 5e333784f007950f22de44c1ffab5b0c03d6691f by Serhiy Storchaka (Zackery Spytz) in branch 'master': bpo-36421: Fix a possible double decref in _ctypes.c's PyCArrayType_new(). (GH-12530) https://github.com/python/cpython/commit/5e333784f007950f22de44c1ffab5b0c03d6691f | ||
| msg338791 - (view) | Author: miss-islington (miss-islington) | Date: 2019-03-25 08:34 |
| New changeset fa27870992a7228c8bf378d53649ee22333b69db by Miss Islington (bot) in branch '3.7': bpo-36421: Fix a possible double decref in _ctypes.c's PyCArrayType_new(). (GH-12530) https://github.com/python/cpython/commit/fa27870992a7228c8bf378d53649ee22333b69db | ||
| msg338798 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2019-03-25 14:15 |
| New changeset 0516f81828887a8ec34a3d5ed342dd396f367dcd by Serhiy Storchaka (Zackery Spytz) in branch '2.7': [2.7] bpo-36421: Fix ref counting bugs in _ctypes.c's PyCArrayType_new(). (GH-12534) https://github.com/python/cpython/commit/0516f81828887a8ec34a3d5ed342dd396f367dcd | ||
| msg344598 - (view) | Author: STINNER Victor (vstinner) * |
Date: 2019-06-04 16:18 |
| > just one question, how did you detect this bug? I bet that Zackery Spytz used Svace static analyzer: http://www.ispras.ru/en/technologies/svace/ See also: https://python-security.readthedocs.io/security.html#static-analysers-of-cpython-code-base |
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:12 | admin | set | github: 80602 |
| 2019-06-04 16🔞11 | vstinner | set | nosy: + vstinnermessages: + |
| 2019-03-25 14:16:30 | serhiy.storchaka | set | status: open -> closedstage: patch review -> resolvedresolution: fixedversions: + Python 2.7 |
| 2019-03-25 14:15:56 | serhiy.storchaka | set | messages: + |
| 2019-03-25 10:50:21 | ZackerySpytz | set | pull_requests: + <pull%5Frequest12484> |
| 2019-03-25 08:34:30 | miss-islington | set | nosy: + miss-islingtonmessages: + |
| 2019-03-25 08:08:20 | miss-islington | set | pull_requests: + <pull%5Frequest12483> |
| 2019-03-25 08:07:54 | serhiy.storchaka | set | nosy: + serhiy.storchakamessages: + |
| 2019-03-25 05:26:16 | matrixise | set | nosy: + matrixisemessages: + |
| 2019-03-25 03:35:07 | ZackerySpytz | set | keywords: + patchstage: patch reviewpull_requests: + <pull%5Frequest12481> |
| 2019-03-25 03:31:24 | ZackerySpytz | create |