Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segfault in sha1 #47807

Closed
mgiuca mannequin opened this issue Aug 15, 2008 · 2 comments
Closed

Segfault in sha1 #47807

mgiuca mannequin opened this issue Aug 15, 2008 · 2 comments
Labels
interpreter-core (Objects, Python, Grammar, and Parser dirs) type-crash A hard crash of the interpreter, possibly with a core dump

Comments

@mgiuca
Copy link
Mannequin

mgiuca mannequin commented Aug 15, 2008

BPO 3557
Nosy @loewis
Files
  • sha1.patch
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = <Date 2008-08-15.06:29:15.631>
created_at = <Date 2008-08-15.02:39:34.131>
labels = ['interpreter-core', 'type-crash']
title = 'Segfault in sha1'
updated_at = <Date 2008-08-15.06:29:15.613>
user = 'https://bugs.python.org/mgiuca'

    bugs.python.org fields:

    activity = <Date 2008-08-15.06:29:15.613>
actor = 'loewis'
assignee = 'none'
closed = True
closed_date = <Date 2008-08-15.06:29:15.631>
closer = 'loewis'
components = ['Interpreter Core']
creation = <Date 2008-08-15.02:39:34.131>
creator = 'mgiuca'
dependencies = []
files = ['11118']
hgrepos = []
issue_num = 3557
keywords = ['patch']
message_count = 2.0
messages = ['71157', '71163']
nosy_count = 2.0
nosy_names = ['loewis', 'mgiuca']
pr_nums = []
priority = 'normal'
resolution = 'fixed'
stage = None
status = 'closed'
superseder = None
type = 'crash'
url = 'https://bugs.python.org/issue3557'
versions = ['Python 3.0']
    @mgiuca
    Copy link
    Mannequin Author

    mgiuca mannequin commented Aug 15, 2008

    Continuing the discussion from bpo-3552
    (http://bugs.python.org/issue3552).

    r65676 makes changes to Modules/md5module.c and Modules/sha1module.c, to
    allow them to read mutable buffers.

    There's a segfault in sha1module if given 0 arguments. eg:

    >>> import _sha1
>>> _sha1.sha1()
Segmentation fault

    Docs here suggest this should be OK:
    http://docs.python.org/dev/3.0/library/hashlib.html

    This crashes on the Lib/test/test_hmac.py test case, but apparently
    (according to Margin on bpo-3552) none of the build bots see it
    because they use libopenssl and completely bypass the _md5 and _sha1
    modules. Also there are no direct test cases for either of these modules.

    This is because new code in r65676 doesn't initialise a pointer to NULL.
    Fixed in patch (as well as replaced tab with spaces for consistency, in
    both modules).

    I strongly recommend that a) A "build bot" be made to use _md5 and _sha1
    instead of OpenSSL (or they aren't running that code at all), AND/OR b)
    Direct test cases be written for _md5 and _sha1.

    Commit log:

    Fixed crash on _sha1.sha1(), with no arguments, due to not initialising
    pointer.

    Normalised indentation in md5module.c and sha1module.c.

    @mgiuca mgiuca mannequin added interpreter-core (Objects, Python, Grammar, and Parser dirs) type-crash A hard crash of the interpreter, possibly with a core dump labels Aug 15, 2008
    @loewis
    Copy link
    Mannequin

    loewis mannequin commented Aug 15, 2008

    Thanks for the report. Fixed in r65690.

    @loewis loewis mannequin closed this as completed Aug 15, 2008
    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    interpreter-core (Objects, Python, Grammar, and Parser dirs) type-crash A hard crash of the interpreter, possibly with a core dump
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    0 participants