Static analysis issues reported by GCC 10 #85347

stratakis · 2020-06-30T18:06:49Z

BPO	41175
Nosy	@vstinner, @stratakis, @miss-islington
PRs	bpo-41175: Guard against a possible NULL pointer dereference within bytearrayobject #21240 [3.9] bpo-41175: Guard against a NULL pointer dereference within bytearrayobject (GH-21240) #21431 [3.8] bpo-41175: Guard against a NULL pointer dereference within bytearrayobject (GH-21240) #21432
Files	debugstaticanalysis.txt

^{Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.}

Show more details

GitHub fields:

assignee = None
closed_at = None
created_at = <Date 2020-06-30.18:06:49.342>
labels = ['3.8', '3.9', '3.10']
title = 'Static analysis issues reported by GCC 10'
updated_at = <Date 2020-07-10.10:18:54.042>
user = 'https://github.com/stratakis'

bugs.python.org fields:

activity = <Date 2020-07-10.10:18:54.042>
actor = 'miss-islington'
assignee = 'none'
closed = False
closed_date = None
closer = None
components = []
creation = <Date 2020-06-30.18:06:49.342>
creator = 'cstratak'
dependencies = []
files = ['49281']
hgrepos = []
issue_num = 41175
keywords = ['patch']
message_count = 5.0
messages = ['372711', '372713', '373344', '373458', '373459']
nosy_count = 3.0
nosy_names = ['vstinner', 'cstratak', 'miss-islington']
pr_nums = ['21240', '21431', '21432']
priority = 'normal'
resolution = None
stage = 'patch review'
status = 'open'
superseder = None
type = None
url = 'https://bugs.python.org/issue41175'
versions = ['Python 3.8', 'Python 3.9', 'Python 3.10']

stratakis · 2020-06-30T18:06:46Z

GCC added a static analysis tool recently [0].

Running it under for CPython code base produces some interesting results.

Reproducer: ./configure --with-pydebug && CFLAGS='-fanalyzer' make

Attaching the log.

[0] https://developers.redhat.com/blog/2020/03/26/static-analysis-in-gcc-10/

stratakis · 2020-06-30T18:09:46Z

First issue in Objects/bytearrayobject.c [0].

warning: use of NULL ‘<unknown>’ where non-null expected [CWE-690] [-Wanalyzer-null-argument]
277 | memcpy(result->ob_bytes, va.buf, va.len);

[0] https://github.com/python/cpython/blob/master/Objects/bytearrayobject.c#L277

vstinner · 2020-07-08T20:39:48Z

New changeset 61fc23c by stratakis in branch 'master':
bpo-41175: Guard against a NULL pointer dereference within bytearrayobject (GH-21240)
61fc23c

miss-islington · 2020-07-10T10:16:18Z

New changeset 33672c0 by Miss Islington (bot) in branch '3.8':
bpo-41175: Guard against a NULL pointer dereference within bytearrayobject (GH-21240)
33672c0

miss-islington · 2020-07-10T10:18:54Z

New changeset 51b36ed by Miss Islington (bot) in branch '3.9':
bpo-41175: Guard against a NULL pointer dereference within bytearrayobject (GH-21240)
51b36ed

furkanonder · 2023-05-12T18:41:42Z

@vstinner The issue seems to be solved. Can we close it?

stratakis mannequin added 3.8 only security fixes 3.9 only security fixes 3.10 only security fixes labels Jun 30, 2020

ezio-melotti transferred this issue from another repository Apr 10, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Static analysis issues reported by GCC 10 #85347

Static analysis issues reported by GCC 10 #85347

stratakis mannequin commented Jun 30, 2020

stratakis mannequin commented Jun 30, 2020

stratakis mannequin commented Jun 30, 2020

vstinner commented Jul 8, 2020

miss-islington commented Jul 10, 2020

miss-islington commented Jul 10, 2020

furkanonder commented May 12, 2023

Static analysis issues reported by GCC 10 #85347

Static analysis issues reported by GCC 10 #85347

Comments

stratakis mannequin commented Jun 30, 2020

stratakis mannequin commented Jun 30, 2020

stratakis mannequin commented Jun 30, 2020

vstinner commented Jul 8, 2020

miss-islington commented Jul 10, 2020

miss-islington commented Jul 10, 2020

furkanonder commented May 12, 2023