diff options
| author | Neal Norwitz <nnorwitz@gmail.com> | 2006-08-12 01:45:47 (GMT) |
|---|---|---|
| committer | Neal Norwitz <nnorwitz@gmail.com> | 2006-08-12 01:45:47 (GMT) |
| commit | 84167d09cd3e97bff3e750d0dcb0d2d440c6fc2e (patch) | |
| tree | b5cd5e937df16c7101403e616939786b8b424ca5 | |
| parent | 6f5ff3f3eb7abc2f4750c1319b560f67faf546ac (diff) | |
| download | cpython-84167d09cd3e97bff3e750d0dcb0d2d440c6fc2e.zip cpython-84167d09cd3e97bff3e750d0dcb0d2d440c6fc2e.tar.gz cpython-84167d09cd3e97bff3e750d0dcb0d2d440c6fc2e.tar.bz2 | |
Even though _Py_Mangle() isn't truly public anyone can call it and
there was no verification that privateobj was a PyString. If it wasn't
a string, this could have allowed a NULL pointer to creep in below and crash.
I wonder if this should be PyString_CheckExact? Must identifiers be strings
or can they be subclasses?
Klocwork #275
| -rw-r--r-- | Python/compile.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Python/compile.c b/Python/compile.c index 6a9e8c9..92eff00 100644 --- a/Python/compile.c +++ b/Python/compile.c @@ -204,8 +204,8 @@ _Py_Mangle(PyObject *privateobj, PyObject *ident) const char *p, *name = PyString_AsString(ident); char *buffer; size_t nlen, plen; - if (privateobj == NULL || name == NULL || name[0] != '_' || - name[1] != '_') { + if (privateobj == NULL || !PyString_Check(privateobj) || + name == NULL || name[0] != '_' || name[1] != '_') { Py_INCREF(ident); return ident; } |