Title: Segfault in sha1
Type: crash Stage:
Components: Interpreter Core Versions: Python 3.0
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: loewis, mgiuca
Priority: normal Keywords: patch

Created on 2008-08-15 02:39 by mgiuca, last changed 2008-08-15 06:29 by loewis. This issue is now closed.

File name Uploaded Description Edit
sha1.patch mgiuca, 2008-08-15 02:39
Messages (2)
msg71157 - (view) Author: Matt Giuca (mgiuca) Date: 2008-08-15 02:39
Continuing the discussion from Issue 3552

r65676 makes changes to Modules/md5module.c and Modules/sha1module.c, to
allow them to read mutable buffers.

There's a segfault in sha1module if given 0 arguments. eg:

>>> import _sha1
>>> _sha1.sha1()
Segmentation fault

Docs here suggest this should be OK:

This crashes on the Lib/test/ test case, but apparently
(according to Margin on issue 3552) none of the build bots see it
because they use libopenssl and completely bypass the _md5 and _sha1
modules. Also there are no direct test cases for either of these modules.

This is because new code in r65676 doesn't initialise a pointer to NULL.
Fixed in patch (as well as replaced tab with spaces for consistency, in
both modules).

I strongly recommend that a) A "build bot" be made to use _md5 and _sha1
instead of OpenSSL (or they aren't running that code at all), AND/OR b)
Direct test cases be written for _md5 and _sha1.

Commit log:

Fixed crash on _sha1.sha1(), with no arguments, due to not initialising

Normalised indentation in md5module.c and sha1module.c.
msg71163 - (view) Author: Martin v. Löwis (loewis) * (Python committer) Date: 2008-08-15 06:29
Thanks for the report. Fixed in r65690.
Date User Action Args
2008-08-15 06:29:15loewissetstatus: open -> closed
resolution: fixed
messages: + msg71163
nosy: + loewis
2008-08-15 02:39:34mgiucacreate