New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sys.excepthook (PyErr_Display) does crash with SyntaxError which has a bytes filename #81648
Comments
Using attached sf.py and sf.xml, I can crash Python. lxml builds a fake traceback to inject the XML filename the XML line number where the parsing error occurs. The problem is that the filename is a bytes object, whereas print_exception() expects the filename to be a Unicode string. Attached PR fix the crash. Fedora bug report: Example: $ python3 sf.py
<lxml.etree._ElementTree object at 0x7f7d0f8abd08>
Traceback (most recent call last):
File "sf.py", line 6, in <module>
xml2 = etree.parse("sf.xml")
File "src/lxml/etree.pyx", line 3426, in lxml.etree.parse
File "src/lxml/parser.pxi", line 1840, in lxml.etree._parseDocument
File "src/lxml/parser.pxi", line 1866, in lxml.etree._parseDocumentFromURL
File "src/lxml/parser.pxi", line 1770, in lxml.etree._parseDocFromFile
File "src/lxml/parser.pxi", line 1163, in lxml.etree._BaseParser._parseDocFromFile
File "src/lxml/parser.pxi", line 601, in lxml.etree._ParserContext._handleParseResultDoc
File "src/lxml/parser.pxi", line 711, in lxml.etree._handleParseResult
File "src/lxml/parser.pxi", line 651, in lxml.etree._raiseParseError
Segmentation fault (core dumped) (gdb) frame 6 Extract of print_exception(): PyObject *message, *filename, *text;
int lineno, offset;
if (!parse_syntax_error(value, &message, &filename,
&lineno, &offset, &text))
PyErr_Clear();
else {
PyObject *line;
Py_DECREF(value);
value = message;
line = PyUnicode_FromFormat(" File \"%S\", line %d\n", // <====== HERE
filename, lineno);
Py_DECREF(filename); More gdb traceback: Program received signal SIGSEGV, Segmentation fault. |
The bug can be reproduced on the master branch of Python. I tested with versions:
The filename comes from a lxml.etree.XMLSyntaxError exception which inherits from SyntaxError. The bug can be reproduced without lxml nor xmlsec, just with attached excepthook_syntaxerror.py: $ ./python excepthook_syntaxerror.py
Traceback (most recent call last):
File "/home/vstinner/prog/python/master/excepthook_syntaxerror.py", line 3, in <module>
raise SyntaxError("msg", (b"bytes_filename", 123, 0, "text"))
Objects/unicodeobject.c:492: _PyUnicode_CheckConsistency: Assertion "((((((PyObject*)(op))->ob_type))->tp_flags & ((1UL << 28))) != 0)" failed
Enable tracemalloc to get the memory block allocation traceback object : b'bytes_filename' Current thread 0x00007fe23cfbf740 (most recent call first): excepthook_syntaxerror.py uses: raise SyntaxError("msg", (b"bytes_filename", 123, 0, "text")) |
Python 2.7 is not affected: const char *filename, *text;
int lineno, offset;
if (!parse_syntax_error(value, &message, &filename,
&lineno, &offset, &text))
PyErr_Clear();
else {
char buf[10];
PyFile_WriteString(" File \"", f);
if (filename == NULL)
PyFile_WriteString("<string>", f);
else
PyFile_WriteString(filename, f);
PyFile_WriteString("\", line ", f);
PyOS_snprintf(buf, sizeof(buf), "%d", lineno);
PyFile_WriteString(buf, f);
PyFile_WriteString("\n", f); |
Ok, it's not fixed in all affected maintained branches, I close the issue. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: