➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2018-11-04 14:26 by izbyshev, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 10319 | merged | izbyshev, 2018-11-04 14:29 | |
| Messages (3) | |||
|---|---|---|---|
| msg329230 - (view) | Author: Alexey Izbyshev (izbyshev) *  |
Date: 2018-11-04 14:26 | |
==24122==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7fffb1c62550 at pc 0x0000006ec66c bp 0x7fffb1c62450 sp 0x7fffb1c62448
READ of size 8 at 0x7fffb1c62550 thread T0
#0 0x6ec66b in mkpwent /scratch2/izbyshev/cpython/Modules/pwdmodule.c:79
#1 0x6ecdc9 in pwd_getpwnam_impl /scratch2/izbyshev/cpython/Modules/pwdmodule.c:260
#2 0x6ecfee in pwd_getpwnam /scratch2/izbyshev/cpython/Modules/clinic/pwdmodule.c.h:39
#3 0x454146 in _PyMethodDef_RawFastCallKeywords /scratch2/izbyshev/cpython/Objects/call.c:644
[======= snip =======]
Address 0x7fffb1c62550 is located in stack of thread T0 at offset 160 in frame
#0 0x6eca60 in pwd_getpwnam_impl /scratch2/izbyshev/cpython/Modules/pwdmodule.c:203
This frame has 3 object(s):
[32, 40) 'name_chars'
[96, 104) 'p'
[160, 208) 'pwd' <== Memory access at offset 160 is inside this variable
Variables declared in the block scope created with Py_BEGIN_ALLOW_THREADS/Py_END_ALLOW_THREADS are referred to via a pointer outside of that scope (i.e., after their lifetime ends). The bug was introduced in https://github.com/python/cpython/commit/23e65b25557f957af840cf8fe68e80659ce28629 .
|
|||
| msg329233 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) *  |
Date: 2018-11-04 14:59 | |
Good catch! |
|||
| msg329234 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2018-11-04 15:44 | |
New changeset e359bc24b1f3a6ce311b9ef3043d1fdf5f1bf1cd by Serhiy Storchaka (Alexey Izbyshev) in branch 'master': bpo-35161: Fix stack-use-after-scope in grp.getgr{nam,gid} and pwd.getpw{nam,uid}. (GH-10319) https://github.com/python/cpython/commit/e359bc24b1f3a6ce311b9ef3043d1fdf5f1bf1cd |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:07 | admin | set | github: 79342 |
| 2018-11-04 15:44:54 | serhiy.storchaka | set | status: open -> closed resolution: fixed stage: patch review -> resolved |
| 2018-11-04 15:44:25 | serhiy.storchaka | set | messages: + msg329234 |
| 2018-11-04 14:59:49 | serhiy.storchaka | set | messages: + msg329233 |
| 2018-11-04 14:29:00 | izbyshev | set | keywords:
+ patch stage: patch review pull_requests: + pull_request9620 |
| 2018-11-04 14:26:54 | izbyshev | create | |