This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

classification
Title: Fatal error in dbm.gdbm
Type: crash Stage: patch review
Components: Extension Modules Versions: Python 3.4, Python 3.5, Python 2.7
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: serhiy.storchaka, vstinner
Priority: normal Keywords: needs review, patch

Created on 2014-07-22 10:20 by serhiy.storchaka, last changed 2022-04-11 14:58 by admin.

Files
File name Uploaded Description Edit
dbm_gdbm_fatal_error.patch serhiy.storchaka, 2014-07-22 10:20 review
Messages (7)
msg223658 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2014-07-22 10:20
It is possible to crash Python by breaking opened gdbm database.

>>> import _gdbm as dbm
>>> db = dbm.open('x.db', 'n')
>>> open('x.db', 'wb').close()
>>> db[b'a'] = b'b'
gdbm fatal: read error

Proposed patch tries to convert fatal gdbm into regular exception or in Python fatal error (which at least produces traceback).

>>> import _gdbm as dbm
>>> db = dbm.open('x.db', 'n')
>>> open('x.db', 'wb').close()
>>> db[b'a'] = b'b'
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
_gdbm.error: gdbm fatal: read error
msg236005 - (view) Author: Mark Lawrence (BreamoreBoy) * Date: 2015-02-14 22:55
Would somebody please review Serhiy's patch.
msg236006 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2015-02-14 23:03
Oh, Mark, please stop shaking up bug tracker.
msg239688 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2015-03-31 12:05
I would prefer to avoid setgmp/longjmp, it's kind of a hack. It's maybe more a design issue in the gdbm library to report errors.

I proposed a generic signal handler using setjmp/longjmp to convert SIGSEGV to regular Python exceptions, but it was rejected: issue #3999.
msg239689 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2015-03-31 12:06
> Oh, Mark, please stop shaking up bug tracker.

I agree: please stop posting useless messages, and review patches instead.
msg239773 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2015-04-01 08:39
The patch for issue3999 was rejected because Python internal state may be corrupted when the SIGSEGV signal is raised. This is not the case of this issue. gdbm fatal function is called when Python is in consistent state. So we free to use any Python C-API. But internal state of concrete GDBM_FILE may be corrupted, so we shouldn't use it after handling fatal error. This cause a leak, but I think that a leak with an exception is better than just a crash.

May be different type of exception should be raised. May be we need FatalError that inherits from BaseException.

Other external libraries used by the stdlib also can crash, and perhaps crashes can be converted to exceptions. This issue is only first in the series.
msg239778 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2015-04-01 09:47
2015-04-01 10:39 GMT+02:00 Serhiy Storchaka <report@bugs.python.org>:
> Other external libraries used by the stdlib also can crash, and perhaps crashes can be converted to exceptions. This issue is only first in the series.

I don't think that it's a good practice to try to workaround bugs. IMO
it's better to modify libraries directly to allow users of the library
to handle correctly errors.
History
Date User Action Args
2022-04-11 14:58:06adminsetgithub: 66234
2019-03-15 22:15:58BreamoreBoysetnosy: - BreamoreBoy
2015-04-01 09:47:12vstinnersetmessages: + msg239778
2015-04-01 08:39:57serhiy.storchakasetmessages: + msg239773
2015-03-31 12:06:08vstinnersetmessages: + msg239689
2015-03-31 12:05:31vstinnersetmessages: + msg239688
2015-03-31 10:38:12serhiy.storchakasetnosy: + vstinner
2015-02-14 23:03:50serhiy.storchakasetmessages: + msg236006
2015-02-14 22:55:43BreamoreBoysetnosy: + BreamoreBoy
messages: + msg236005
2014-08-06 14:59:50serhiy.storchakasetkeywords: + needs review
2014-07-22 10:20:40serhiy.storchakacreate