Message387893
The assemble function in compile.c currently looks like this:
static PyCodeObject *
assemble(struct compiler *c, int addNone)
{
basicblock *b, *entryblock;
struct assembler a;
int j, nblocks;
PyCodeObject *co = NULL;
PyObject *consts = NULL;
...
for (basicblock *b = c->u->u_blocks; b != NULL; b = b->b_list) {
if (normalize_basic_block(b)) {
goto error;
}
}
if (ensure_exits_have_lineno(c)) {
goto error;
}
...
error:
Py_XDECREF(consts);
assemble_free(&a);
return co;
}
If normalize_basic_block or ensure_exits_have_lineno fails, the function will attempt to free a.a_bytecode, which has not yet been initialized, possibly leading to a program crash.
The problematic code was added by commit 5977a7989d49c3e095c7659a58267d87a17b12b1 to fix bpo-42246.
Defect identified by scan-build <https://clang-analyzer.llvm.org/scan-build.html> |
|
Date |
User |
Action |
Args |
2021-03-02 01:38:32 | alex.henrie | set | recipients:
+ alex.henrie |
2021-03-02 01:38:32 | alex.henrie | set | messageid: <1614649112.29.0.736746283782.issue43358@roundup.psfhosted.org> |
2021-03-02 01:38:32 | alex.henrie | link | issue43358 messages |
2021-03-02 01:38:31 | alex.henrie | create | |
|