Author Mark.Shannon
Recipients Mark.Shannon, pablogsal
Date 2021-11-11.15:04:09
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1636643049.78.0.0321804916993.issue45786@roundup.psfhosted.org>
In-reply-to
Content
We exiting a frame (returning from a Python function) we have to release the stack allocated frame. If a heap-allocated frame object exists, we need to copy the contents of the (stack) frame into the frame object.
However, this involves allocating memory for the copy. Allocating memory can invoke GC, causing arbitrary code to be run, or the allocation can fail. Either leaves us in a precarious state, which may be unsafe.

I haven't been able to produce a crash, but I'm not sure that there isn't a potential crash lurking there either.

The fix is fairly simple. Allocate space for the copy of the frame at the end of the frame object. Then we need to copy the data, space will have already been allocated, and nothing can fail.

Since, in theory, heap-allocated frames are relatively rare, the extra memory used won't be an issue.
History
Date User Action Args
2021-11-11 15:04:09Mark.Shannonsetrecipients: + Mark.Shannon, pablogsal
2021-11-11 15:04:09Mark.Shannonsetmessageid: <1636643049.78.0.0321804916993.issue45786@roundup.psfhosted.org>
2021-11-11 15:04:09Mark.Shannonlinkissue45786 messages
2021-11-11 15:04:09Mark.Shannoncreate