Skip to content

Missing error checks in _PyEval_MatchClass #110237

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
JelleZijlstra opened this issue Oct 2, 2023 · 0 comments · Fixed by #110238
Closed

Missing error checks in _PyEval_MatchClass #110237

JelleZijlstra opened this issue Oct 2, 2023 · 0 comments · Fixed by #110238
Labels
3.11 only security fixes 3.12 only security fixes 3.13 bugs and security fixes easy interpreter-core (Objects, Python, Grammar, and Parser dirs)

Comments

@JelleZijlstra
Copy link
Member

JelleZijlstra commented Oct 2, 2023
edited by bedevere-app bot
Loading

Several places in _PyEval_MatchClass call PyList_Append without checking the return value (e.g., https://github.com/python/cpython/blob/fc2cb86d210555d509debaeefd370d5331cd9d93/Python/ceval.c#L509C13-L509C26). However, PyList_Append can fail. It will only fail if we're out of memory or if we passed a non-list, so it's unlikely to come up in practice, but we should still check for errors.

cc @brandtbucher for pattern matching

Linked PRs
@JelleZijlstra JelleZijlstra added interpreter-core (Objects, Python, Grammar, and Parser dirs) easy 3.13 bugs and security fixes 3.12 only security fixes 3.11 only security fixes labels Oct 2, 2023
@denballakh denballakh mentioned this issue Oct 2, 2023
Merged
JelleZijlstra pushed a commit that referenced this issue Oct 8, 2023
@denballakh
gh-110237: Check PyList_Append for errors in _PyEval_MatchClass (#…
dd9d781 
…110238)
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Oct 8, 2023
@denballakh @miss-islington
pythongh-110237: Check PyList_Append for errors in `_PyEval_MatchCl…
2b46fee 
…ass` (pythonGH-110238)

(cherry picked from commit dd9d781)

Co-authored-by: denballakh <[email protected]>
This was referenced Oct 8, 2023
Merged
Merged
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Oct 8, 2023
@denballakh @miss-islington
pythongh-110237: Check PyList_Append for errors in `_PyEval_MatchCl…
ed0d9bb 
…ass` (pythonGH-110238)

(cherry picked from commit dd9d781)

Co-authored-by: denballakh <[email protected]>
JelleZijlstra pushed a commit that referenced this issue Oct 8, 2023
@miss-islington @denballakh
[3.11] gh-110237: Check PyList_Append for errors in `_PyEval_MatchC…
f21c09c 
…lass` (GH-110238) (#110512)

gh-110237: Check `PyList_Append` for errors in `_PyEval_MatchClass` (GH-110238)
(cherry picked from commit dd9d781)

Co-authored-by: denballakh <[email protected]>
JelleZijlstra pushed a commit that referenced this issue Oct 8, 2023
@miss-islington @denballakh
[3.12] gh-110237: Check PyList_Append for errors in `_PyEval_MatchC…
ef4bd1b 
…lass` (GH-110238) (#110511)

gh-110237: Check `PyList_Append` for errors in `_PyEval_MatchClass` (GH-110238)
(cherry picked from commit dd9d781)

Co-authored-by: denballakh <[email protected]>
Glyphack pushed a commit to Glyphack/cpython that referenced this issue Sep 2, 2024
@denballakh @Glyphack
pythongh-110237: Check PyList_Append for errors in `_PyEval_MatchCl…
68a8c7f 
…ass` (python#110238)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
3.11 only security fixes 3.12 only security fixes 3.13 bugs and security fixes easy interpreter-core (Objects, Python, Grammar, and Parser dirs)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

gh-110237: Check PyList_Append for errors in _PyEval_MatchClass denballakh/cpython
1 participant
@JelleZijlstra