classification
Title: [2.7] Coverity Scan: Modules/_json.c: leaked_storage: Variable "numstr" going out of scope leaks the storage it points to.
Type: Stage: resolved
Components: Extension Modules Versions: Python 2.7
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: cstratak, matrixise, vstinner
Priority: normal Keywords: patch

Created on 2019-03-14 14:50 by cstratak, last changed 2019-03-15 21:10 by matrixise. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 12330 merged cstratak, 2019-03-14 15:00
Messages (4)
msg337927 - (view) Author: Charalampos Stratakis (cstratak) * Date: 2019-03-14 14:50
Coverity reports a leak within the json module:

Error: RESOURCE_LEAK (CWE-772): [#def26]
Python-2.7.15/Modules/_json.c:1367: alloc_fn: Storage is returned from allocation function "PyString_FromStringAndSize".
Python-2.7.15/Objects/stringobject.c:88:5: alloc_fn: Storage is returned from allocation function "PyObject_Malloc".
Python-2.7.15/Objects/obmalloc.c:982:5: alloc_fn: Storage is returned from allocation function "malloc".
Python-2.7.15/Objects/obmalloc.c:982:5: return_alloc_fn: Directly returning storage allocated by "malloc".
Python-2.7.15/Objects/stringobject.c:88:5: var_assign: Assigning: "op" = "PyObject_Malloc(37UL + size)".
Python-2.7.15/Objects/stringobject.c:111:5: return_alloc: Returning allocated memory "op".
Python-2.7.15/Modules/_json.c:1367: var_assign: Assigning: "numstr" = storage returned from "PyString_FromStringAndSize(&str[start], idx - start)".
Python-2.7.15/Modules/_json.c:1379: leaked_storage: Variable "numstr" going out of scope leaks the storage it points to.
 1377|                                                NULL, NULL);
 1378|               if (d == -1.0 && PyErr_Occurred())
 1379|->                 return NULL;
 1380|               rval = PyFloat_FromDouble(d);
 1381|           }
msg337934 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2019-03-14 15:17
Note for myself: Python 3 isn't affected by this issue. The issue in Python 2 is in the _match_number_str() function which doesn't exist in Python 3. In Python 3, _parse_object_unicode() uses a very different code: it calls PyFloat_FromString() or PyLong_FromString() for numstr.
msg337935 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2019-03-14 15:23
New changeset fb3336acfde3204fd01ce519ef24cc18a94dfa3f by Victor Stinner (stratakis) in branch '2.7':
[2.7] bpo-36291: Fix a possible reference leak in the json module (GH-12330)
https://github.com/python/cpython/commit/fb3336acfde3204fd01ce519ef24cc18a94dfa3f
msg337936 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2019-03-14 15:23
Thanks Charalampos, I merged your PR.
History
Date User Action Args
2019-03-15 21:10:27matrixisesetassignee: matrixise ->
2019-03-14 15:23:42vstinnersetstatus: open -> closed
resolution: fixed
messages: + msg337936

stage: patch review -> resolved
2019-03-14 15:23:07vstinnersetmessages: + msg337935
2019-03-14 15:17:50vstinnersetnosy: + vstinner
messages: + msg337934
2019-03-14 15:00:17cstrataksetkeywords: + patch
stage: patch review
pull_requests: + pull_request12301
2019-03-14 14:58:51mdksetassignee: matrixise

nosy: + matrixise
2019-03-14 14:50:44cstratakcreate