This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: getargs.c skipitem() doesn't skip 'w*'
Type: crash Stage: resolved
Components: Interpreter Core Versions: Python 3.8, Python 3.7, Python 3.6, Python 2.7
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: larry Nosy List: larry, miss-islington, serhiy.storchaka
Priority: low Keywords: patch

Created on 2015-04-13 02:44 by larry, last changed 2022-04-11 14:58 by admin. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 8192 merged serhiy.storchaka, 2018-07-09 08:44
PR 8251 merged miss-islington, 2018-07-11 14:42
PR 8252 merged miss-islington, 2018-07-11 14:44
PR 8255 merged serhiy.storchaka, 2018-07-11 16:35
PR 8204 llllllllll, 2018-07-23 19:38
Messages (5)
msg240588 - (view) Author: Larry Hastings (larry) * (Python committer) Date: 2015-04-13 02:44
tl;dr: skipitem() in Python/getsargs.c doesn't know about the 'w*' format unit, which could lead to a crash.  It should know about it.


* you have an extension that parses its arguments with
  PyArg_ParseTupleAndKeywords (or its cousins),
* you have optional positional parameters, and
* you run out of positional arguments

CPython will call skipitem() to skip over the remaining positional parameters so it can process keyword arguments.  It does this by knowing all the format units, and iterating over them and throwing away the various varargs pointers until it hits the keyword arguments part of the format string.

Since nobody ever explained about the "w*" format unit to it, that means when it sees 'w*' it will misinterpret it.

In both 2.7 and 3.x, it'll interpret it as 'w', throw away one "char *" item from varargs, then the next thing that tries to parse a format unit (skipitem or convertsimple) will see the '*' and throw an 'impossible<bad format char>' exception.

(It's another bug that skipitem() supports 'w' and 'w#' in Python 3, but I filed that separately as #23926 .)
msg321465 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2018-07-11 14:41
New changeset 504373c59b48f1ea12132d515459022730db6047 by Serhiy Storchaka in branch 'master':
bpo-23927: Make getargs.c skipitem() skipping 'w*'. (GH-8192)
msg321485 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2018-07-11 16:49
New changeset ef19fd200d0768919f1658466f8b6080b191fba0 by Serhiy Storchaka in branch '2.7':
[2.7] bpo-23927: Make getargs.c skipitem() skipping 'w*'. (GH-8192). (GH-8255)
msg321486 - (view) Author: miss-islington (miss-islington) Date: 2018-07-11 16:56
New changeset 48d2aeb009f8e58b1efae00ee0e225951b58737e by Miss Islington (bot) in branch '3.7':
bpo-23927: Make getargs.c skipitem() skipping 'w*'. (GH-8192)
msg321489 - (view) Author: miss-islington (miss-islington) Date: 2018-07-11 17:10
New changeset ec7562068fd123969ab4d27e11f4070271c72e16 by Miss Islington (bot) in branch '3.6':
bpo-23927: Make getargs.c skipitem() skipping 'w*'. (GH-8192)
Date User Action Args
2022-04-11 14:58:15adminsetgithub: 68115
2018-07-23 19:38:55serhiy.storchakasetstatus: open -> closed
resolution: fixed
stage: patch review -> resolved
2018-07-23 19:38:12llllllllllsetpull_requests: + pull_request7946
2018-07-11 17:10:45miss-islingtonsetmessages: + msg321489
2018-07-11 16:56:08miss-islingtonsetnosy: + miss-islington
messages: + msg321486
2018-07-11 16:49:20serhiy.storchakasetmessages: + msg321485
2018-07-11 16:35:56serhiy.storchakasetpull_requests: + pull_request7788
2018-07-11 14:44:56miss-islingtonsetpull_requests: + pull_request7784
2018-07-11 14:42:59miss-islingtonsetpull_requests: + pull_request7783
2018-07-11 14:42:14serhiy.storchakasetversions: + Python 3.6, Python 3.7, Python 3.8, - Python 3.4, Python 3.5
2018-07-11 14:41:46serhiy.storchakasetnosy: + serhiy.storchaka
messages: + msg321465
2018-07-09 08:44:39serhiy.storchakasetkeywords: + patch
stage: test needed -> patch review
pull_requests: + pull_request7744
2016-02-24 16:49:06serhiy.storchakalinkissue26427 superseder
2015-04-13 02:44:28larrycreate