diff options
| author | Erlend E. Aasland <erlend.aasland@protonmail.com> | 2023-06-11 20:18:46 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-06-11 20:18:46 (GMT) |
| commit | 20a56d8becba1a5a958b167fdb43b1a1b9228095 (patch) | |
| tree | cada470393126a842ec5beb0eb183bf45bf6017a /Modules | |
| parent | 41cddc2e93a285b81fa30ac542b088bd9d0112e9 (diff) | |
| download | cpython-20a56d8becba1a5a958b167fdb43b1a1b9228095.zip cpython-20a56d8becba1a5a958b167fdb43b1a1b9228095.tar.gz cpython-20a56d8becba1a5a958b167fdb43b1a1b9228095.tar.bz2 | |
gh-105375: Harden pyexpat initialisation (#105606)
Add proper error handling to add_errors_module() to prevent exceptions
from possibly being overwritten.
Diffstat (limited to 'Modules')
| -rw-r--r-- | Modules/pyexpat.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/Modules/pyexpat.c b/Modules/pyexpat.c index 27f2d0a..e3333ff 100644 --- a/Modules/pyexpat.c +++ b/Modules/pyexpat.c @@ -1775,14 +1775,18 @@ add_error(PyObject *errors_module, PyObject *codes_dict, static int add_errors_module(PyObject *mod) { + // add_submodule() returns a borrowed ref. PyObject *errors_module = add_submodule(mod, MODULE_NAME ".errors"); if (errors_module == NULL) { return -1; } PyObject *codes_dict = PyDict_New(); + if (codes_dict == NULL) { + return -1; + } PyObject *rev_codes_dict = PyDict_New(); - if (codes_dict == NULL || rev_codes_dict == NULL) { + if (rev_codes_dict == NULL) { goto error; } @@ -1803,17 +1807,17 @@ add_errors_module(PyObject *mod) goto error; } - if (PyModule_AddObject(errors_module, "codes", Py_NewRef(codes_dict)) < 0) { - Py_DECREF(codes_dict); + int rc = PyModule_AddObjectRef(errors_module, "codes", codes_dict); + Py_CLEAR(codes_dict); + if (rc < 0) { goto error; } - Py_CLEAR(codes_dict); - if (PyModule_AddObject(errors_module, "messages", Py_NewRef(rev_codes_dict)) < 0) { - Py_DECREF(rev_codes_dict); + rc = PyModule_AddObjectRef(errors_module, "messages", rev_codes_dict); + Py_CLEAR(rev_codes_dict); + if (rc < 0) { goto error; } - Py_CLEAR(rev_codes_dict); return 0; |