Message 387898 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	alex.henrie
Recipients	alex.henrie
Date	2021-03-02.02:49:55
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1614653395.68.0.861850864871.issue43362@roundup.psfhosted.org>
In-reply-to

Content
The py_sha3_new_impl function in sha3module.c has error handling code that looks like this: error: if (self) { Py_DECREF(self); } if (data && buf.obj) { PyBuffer_Release(&buf); } However, there is a `goto error` before the variable buf is initialized. If that error path is triggered, the function will attempt to free an invalid object, possibly leading to a program crash.

The py_sha3_new_impl function in sha3module.c has error handling code that looks like this:

    error:
      if (self) {
          Py_DECREF(self);
      }
      if (data && buf.obj) {
          PyBuffer_Release(&buf);
      }

However, there is a `goto error` before the variable buf is initialized. If that error path is triggered, the function will attempt to free an invalid object, possibly leading to a program crash.

History
Date	User	Action	Args
2021-03-02 02:49:55	alex.henrie	set	recipients: + alex.henrie
2021-03-02 02:49:55	alex.henrie	set	messageid: <1614653395.68.0.861850864871.issue43362@roundup.psfhosted.org>
2021-03-02 02:49:55	alex.henrie	link	issue43362 messages
2021-03-02 02:49:55	alex.henrie	create