Message93068
scanner_init() and encoder_init() don't manage errors correctly.
scanner_init() gets context.encoding argument without checking context
type, nor GetAttrString() error. It should check for NULL result...
which is done in the same function for other attributes (strict,
object_hook, object_pairs_hook, parse_float, parse_int, parse_constant).
Example to reproduce the crash:
import _json
_json.make_scanner(1)
encoder_init() copies a refence (for each argument) without incrementing
the reference counter. And then encoder_clear() decrements the
reference, counter, which may crash Python.
Example to reproduce the crash:
import _json
_json.make_encoder(
(False, True),
-826484143518891896,
-56.0,
"a",
)
# do anything creating/destroying new objects
" abc ".strip()
len(" xef ".strip())
Attached patches for the crashes. |
|
Date |
User |
Action |
Args |
2009-09-24 11:21:06 | vstinner | set | recipients:
+ vstinner |
2009-09-24 11:21:06 | vstinner | set | messageid: <1253791266.79.0.0913001727674.issue6986@psf.upfronthosting.co.za> |
2009-09-24 11:21:05 | vstinner | link | issue6986 messages |
2009-09-24 11:21:05 | vstinner | create | |
|