Message19384
Logged In: YES
user_id=357491
If you look at Object/abstract.c (line 2119 or so) for 2.4 CVS you
will notice that PyObject_IsSubclass goes into a 'for' loop for each
item in the tuple passed in and calls PyObject_IsSubclass .
Unfortunately it makes no check for whether the argument it is
passing is a class itself or not. This allows it to keep making calls
as long as the second argument is either a class or a tuple. This
is what is leads to the stack being blown and the subsequent
segfault.
Obvious solution is to put in a check that the argument about to be
passed is a class itself so as to not have such a deep call chain.
But since ``help(issubclass)`` actually makes the above use legit
(it says using a tuple as a second argument is equivalent as
passing each item to issubclass which is what it is doing, albeit in
a rather uncommon and pointless way), is it worth putting the
check in? Since this is such an obvious mis-use, I say no. But if
someone else on python-dev steps in and says otherwise I will
patch it. |
|
Date |
User |
Action |
Args |
2007-08-23 14:18:54 | admin | link | issue858016 messages |
2007-08-23 14:18:54 | admin | create | |
|