This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

classification
Title: NULL dereference when issubclass() is called on a class with bogus __subclasses__
Type: crash Stage: resolved
Components: Extension Modules Versions: Python 3.8, Python 3.7
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: berker.peksag, izbyshev, levkivskyi, methane, miss-islington, serhiy.storchaka
Priority: normal Keywords: patch

Created on 2018-08-20 13:41 by izbyshev, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 8835 merged izbyshev, 2018-08-20 14:05
PR 8840 merged miss-islington, 2018-08-20 20:04
Messages (3)
msg323789 - (view) Author: Alexey Izbyshev (izbyshev) * (Python triager) Date: 2018-08-20 13:41 
>>> from abc import ABCMeta
>>> class S(metaclass=ABCMeta):
...   __subclasses__ = None
... 
>>> issubclass(int, S)
Segmentation fault (core dumped)

This is the result of missing NULL check for 'subclasses' in _abc__abc_subclasscheck_impl (Modules/_abc.c):

    /* 6. Check if it's a subclass of a subclass (recursive). */
    subclasses = PyObject_CallMethod(self, "__subclasses__", NULL);
    if (!PyList_Check(subclasses)) {
        PyErr_SetString(PyExc_TypeError, "__subclasses__() must return a list");
        goto end;
    }

Reported by Svace static analyzer.
msg323810 - (view) Author: Berker Peksag (berker.peksag) * (Python committer) Date: 2018-08-20 20:04 
New changeset cdbf50cba1664f72ae6621a89c324a32fea70377 by Berker Peksag (Alexey Izbyshev) in branch 'master':
bpo-34441: Fix ABC.__subclasscheck__ crash on classes with invalid __subclasses__ (GH-8835)
https://github.com/python/cpython/commit/cdbf50cba1664f72ae6621a89c324a32fea70377
msg323811 - (view) Author: miss-islington (miss-islington) Date: 2018-08-20 20:42 
New changeset d1f0ccc7e65ef7abeab779f5d0aca2f18eb9b2a4 by Miss Islington (bot) in branch '3.7':
bpo-34441: Fix ABC.__subclasscheck__ crash on classes with invalid __subclasses__ (GH-8835)
https://github.com/python/cpython/commit/d1f0ccc7e65ef7abeab779f5d0aca2f18eb9b2a4
History
Date User Action Args
2022-04-11 14:59:04adminsetgithub: 78622
2018-08-20 20:47:06izbyshevsetstatus: open -> closed
resolution: fixed
stage: patch review -> resolved
2018-08-20 20:42:23miss-islingtonsetnosy: + miss-islington
messages: + msg323811
2018-08-20 20:04:40miss-islingtonsetpull_requests: + pull_request8314
2018-08-20 20:04:23berker.peksagsetnosy: + berker.peksag
messages: + msg323810
2018-08-20 14:05:21izbyshevsetkeywords: + patch
stage: patch review
pull_requests: + pull_request8310
2018-08-20 13:41:11izbyshevcreate