Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sqlite crashes with converters mutating cursor #80254

Closed
sir-sigurd mannequin opened this issue Feb 22, 2019 · 4 comments · Fixed by #29054
Closed

sqlite crashes with converters mutating cursor #80254

sir-sigurd mannequin opened this issue Feb 22, 2019 · 4 comments · Fixed by #29054
Labels
extension-modules C modules in the Modules dir type-crash A hard crash of the interpreter, possibly with a core dump

Comments

@sir-sigurd
Copy link
Mannequin

sir-sigurd mannequin commented Feb 22, 2019

BPO 36073
Nosy @berkerpeksag, @sir-sigurd, @erlend-aasland
PRs
  • bpo-36073: Raise ProgrammingError on recursive usage of cursors in sqlite converters #11984
  • gh-80254: Disallow recursive usage of cursors in sqlite3 converters #29054
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = None
created_at = <Date 2019-02-22.07:44:47.863>
labels = ['extension-modules', '3.7', '3.8', 'type-crash']
title = 'sqlite crashes with converters mutating cursor'
updated_at = <Date 2021-10-19.09:48:51.905>
user = 'https://github.com/sir-sigurd'

    bugs.python.org fields:

    activity = <Date 2021-10-19.09:48:51.905>
actor = 'erlendaasland'
assignee = 'none'
closed = False
closed_date = None
closer = None
components = ['Extension Modules']
creation = <Date 2019-02-22.07:44:47.863>
creator = 'sir-sigurd'
dependencies = []
files = []
hgrepos = []
issue_num = 36073
keywords = ['patch']
message_count = 3.0
messages = ['336283', '400335', '400336']
nosy_count = 4.0
nosy_names = ['ghaering', 'berker.peksag', 'sir-sigurd', 'erlendaasland']
pr_nums = ['11984', '29054']
priority = 'normal'
resolution = None
stage = 'patch review'
status = 'open'
superseder = None
type = 'crash'
url = 'https://bugs.python.org/issue36073'
versions = ['Python 3.7', 'Python 3.8']
    @sir-sigurd
    Copy link
    Mannequin Author

    sir-sigurd mannequin commented Feb 22, 2019

    It's somewhat similar to bpo-10811, but for converter function:

    In [197]: import sqlite3 as sqlite
    ...: con = sqlite.connect(':memory:', detect_types=sqlite.PARSE_COLNAMES)
    ...: cur = con.cursor()
    ...: sqlite.converters['CURSOR_INIT'] = lambda x: cur.__init__(con)
    ...:
    ...: cur.execute('create table test(x foo)')
    ...: cur.execute('insert into test(x) values (?)', ('foo',))
    ...: cur.execute('select x as "x [CURSOR_INIT]", x from test')
    ...:
    [1] 25718 segmentation fault python manage.py shell

    Similar to bpo-10811, proposed patch raises ProgrammingError instead of crashing.

    @sir-sigurd sir-sigurd mannequin added extension-modules C modules in the Modules dir type-crash A hard crash of the interpreter, possibly with a core dump labels Feb 22, 2019
    @SilentGhost SilentGhost mannequin added 3.7 (EOL) end of life 3.8 only security fixes labels Feb 22, 2019
    @erlend-aasland
    Copy link
    Contributor

    After #72071 (bpo-44976) there is no longer a segfault.

    I suggest to expand the test suite with the reproducer Sergey provided.

    @erlend-aasland
    Copy link
    Contributor

    Er, a little bit too fast there. There is still a crash, but it is of course postponed bco. bpo-44976. New reproducer:

    import sqlite3 as sqlite
con = sqlite.connect(':memory:', detect_types=sqlite.PARSE_COLNAMES)
cur = con.cursor()
sqlite.converters['CURSOR_INIT'] = lambda x: cur.__init__(con)

    cur.execute('create table test(x foo)')
    cur.execute('insert into test(x) values (?)', ('foo',))
    for row in cur.execute('select x as "x [CURSOR_INIT]", x from test'):
    print(row)

    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    @erlend-aasland erlend-aasland mentioned this issue Apr 10, 2022
    Merged
    JelleZijlstra added a commit that referenced this issue May 3, 2022
    @erlend-aasland @sir-sigurd @JelleZijlstra
    gh-80254: Disallow recursive usage of cursors in sqlite3 converters (
    f629dcf 
    …#29054)

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
    @erlend-aasland erlend-aasland removed 3.8 only security fixes 3.7 (EOL) end of life labels May 3, 2022
    erlend-aasland added a commit to erlend-aasland/cpython that referenced this issue May 3, 2022
    @erlend-aasland @sir-sigurd @JelleZijlstra
    [3.10] pythongh-80254: Disallow recursive usage of cursors in `sqlite…
    c908dc5 
    …3` converters (python#29054)

(cherry picked from commit f629dcf)

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
    erlend-aasland added a commit to erlend-aasland/cpython that referenced this issue May 3, 2022
    @erlend-aasland @sir-sigurd @JelleZijlstra
    [3.9] pythongh-80254: Disallow recursive usage of cursors in `sqlite3…
    a5b9786 
    …` converters

(cherry picked from commit c908dc5)

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
    @erlend-aasland erlend-aasland mentioned this issue May 3, 2022
    Merged
    @erlend-aasland
    Copy link
    Contributor

    List of backport PRs:

    JelleZijlstra pushed a commit that referenced this issue May 5, 2022
    @erlend-aasland
    [3.10] gh-80254: Disallow recursive usage of cursors in sqlite3 con…
    2a2421e 
    …verters (#92274)

* [3.10] gh-80254: Disallow recursive usage of cursors in `sqlite3` converters (#29054)

(cherry picked from commit f629dcf)

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>

* Fix ref leak in pysqlite_cursor_iternext
    JelleZijlstra pushed a commit that referenced this issue May 5, 2022
    @erlend-aasland
    [3.9] gh-80254: Disallow recursive usage of cursors in sqlite3 conv…
    7d17a7b 
    …erters (#92278)

* [3.9] gh-80254: Disallow recursive usage of cursors in `sqlite3` converters

(cherry picked from commit c908dc5)

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>

* Fix ref leak in pysqlite_cursor_iternext

* Explicitly free resources at test tearDown()
    ambv pushed a commit that referenced this issue May 16, 2022
    @erlend-aasland @sir-sigurd @JelleZijlstra
    [3.8] gh-80254: Disallow recursive usage of cursors in sqlite3 conver…
    69cf020 
    …ters (#92333)

(cherry picked from commit c908dc5)

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
    heitbaum added a commit to heitbaum/LibreELEC.tv that referenced this issue May 17, 2022
    @heitbaum
    Python3: update to 3.9.13
    5c655c7 
    release:
- https://www.python.org/downloads/release/python-3913/
changelog:
- https://docs.python.org/release/3.9.13/whatsnew/changelog.html

upstream fix for dropped patch
- python/cpython#80254
- python/cpython#11984
- python/cpython#90228
- python/cpython#92036
- python/cpython#92037
- python/cpython#92297
- bpo-36073
- was
  - python/cpython#30579
  - python/cpython#30580
    @heitbaum heitbaum mentioned this issue May 17, 2022
    Merged
    ned-deily pushed a commit that referenced this issue May 23, 2022
    @erlend-aasland @sir-sigurd @JelleZijlstra
    [3.7] gh-80254: Disallow recursive usage of cursors in sqlite3 conver…
    2a353b2 
    …ters (GH-92334)

(cherry picked from commit c908dc5)

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
    hello-adam pushed a commit to hello-adam/cpython that referenced this issue Jun 2, 2022
    @erlend-aasland @hello-adam
    [3.9] pythongh-80254: Disallow recursive usage of cursors in `sqlite3…
    968e51d 
    …` converters (python#92278)

* [3.9] pythongh-80254: Disallow recursive usage of cursors in `sqlite3` converters

(cherry picked from commit c908dc5)

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>

* Fix ref leak in pysqlite_cursor_iternext

* Explicitly free resources at test tearDown()
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    extension-modules C modules in the Modules dir type-crash A hard crash of the interpreter, possibly with a core dump
    Projects
    None yet
    Milestone
    No milestone
    Development

    Successfully merging a pull request may close this issue.

    gh-80254: Disallow recursive usage of cursors in sqlite3 converters erlend-aasland/cpython
    1 participant
    @erlend-aasland