Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Possible null pointer dereference of variable args in _PyPegen_collect_call_seqs #126240

Closed
federicovalenso opened this issue Oct 31, 2024 · 2 comments
Assignees
Labels
3.12 bugs and security fixes 3.13 bugs and security fixes 3.14 new features, bugs and security fixes interpreter-core (Objects, Python, Grammar, and Parser dirs) topic-parser type-crash A hard crash of the interpreter, possibly with a core dump

Comments

@federicovalenso
Copy link

federicovalenso commented Oct 31, 2024

Crash report

What happened?

args can be NULL as a result of _Py_asdl_expr_seq_new, and then dereference happens.

Return value of _Py_asdl_expr_seq_new` is usually checked, for example here and in other places.

CPython versions tested on:

3.11

Operating systems tested on:

Linux

Output from running 'python -VV' on the command line:

No response

Linked PRs

@federicovalenso federicovalenso added the type-crash A hard crash of the interpreter, possibly with a core dump label Oct 31, 2024
@picnixz picnixz self-assigned this Oct 31, 2024
@picnixz
Copy link
Contributor

picnixz commented Oct 31, 2024

Thanks for this one! I'll hunt other missing NULL check in PyPegen at the same time.

@picnixz picnixz added interpreter-core (Objects, Python, Grammar, and Parser dirs) topic-parser labels Oct 31, 2024
@picnixz picnixz added 3.12 bugs and security fixes 3.13 bugs and security fixes 3.14 new features, bugs and security fixes labels Oct 31, 2024
sobolevn pushed a commit that referenced this issue Oct 31, 2024
check return value of `_Py_asdl_expr_seq_new`
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Oct 31, 2024
…ythonGH-126241)

check return value of `_Py_asdl_expr_seq_new`
(cherry picked from commit 94639f6)

Co-authored-by: Bénédikt Tran <[email protected]>
sobolevn pushed a commit that referenced this issue Oct 31, 2024
…H-126241) (#126243)

gh-126240: handle `NULL` returned by  `_Py_asdl_expr_seq_new` (GH-126241)

check return value of `_Py_asdl_expr_seq_new`
(cherry picked from commit 94639f6)

Co-authored-by: Bénédikt Tran <[email protected]>
sobolevn pushed a commit that referenced this issue Oct 31, 2024
…H-126241) (#126245)

gh-126240: handle `NULL` returned by  `_Py_asdl_expr_seq_new` (#126241)

check return value of `_Py_asdl_expr_seq_new`
@picnixz
Copy link
Contributor

picnixz commented Oct 31, 2024

Closing since completed and backported. Thanks for the report!

@picnixz picnixz closed this as completed Oct 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3.12 bugs and security fixes 3.13 bugs and security fixes 3.14 new features, bugs and security fixes interpreter-core (Objects, Python, Grammar, and Parser dirs) topic-parser type-crash A hard crash of the interpreter, possibly with a core dump
Projects
None yet
Development

No branches or pull requests

2 participants