| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Backport of r67266
|
| |
|
|
|
|
| |
segfault as a result. CVE-2008-4864.
backport r66689
|
| |
|
|
| |
zlib.decompressobj().flush(val) when val is not positive.
|
| |
|
|
| |
overflows in the imageop and rgbimgmodule modules.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
to the signed max value similar to 2.5 and trunk.
Issue #2620: Overflow checking when allocating or reallocating memory
was not always being done properly in some python types and extension
modules. PyMem_MALLOC, PyMem_REALLOC, PyMem_NEW and PyMem_RESIZE have
all been updated to perform better checks and places in the code that
would previously leak memory on the error path when such an allocation
failed have been fixed.
|
| |
|
|
|
|
| |
Added checks for integer overflows, contributed by Google. Some are
only available if asserts are left in the code, in cases where they
can't be triggered from Python code.
|
| |
|
|
|
|
|
| |
problems:
52448, 52468, 52472, 52475, 52646, 52797, 52802, 52863, 52999, 53001,
53101, 53371, 53373, 53383, 53384, 53736, 53812, 53921, 55578, 55580,
55581, 55772, 55775, 56557, 57093, 57094, 58630, 60114
|
| |
|
|
|
|
| |
Bug #1728403: Fix a bug that CJKCodecs StreamReader hangs when it
reads a file that ends with incomplete sequence and sizehint argument
for .read() is specified.
|
| |
|
|
|
|
| |
#1494314: Fix a regression with high-numbered sockets in 2.4.3. This
means that select() on sockets > FD_SETSIZE (typically 1024) work again.
The patch makes sockets use poll() internally where available.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- reset errno before calling confstr - use confstr() doc to simplify
checks afterwards
- Correct implementation and documentation of os.confstr. Add a simple
test case. I've yet to figure out how to provoke a None return I can test.
- Address issues brought up by MvL on python-checkins.
I tested this with valgrind on amd64.
The man pages I found for diff architectures are inconsistent on this.
I'm not entirely sure this change is correct for all architectures
either.
Perhaps we should just over-allocate and not worry about it?
The change to return None instead of "" in case of unconfigured
values has not been backported.
|
| |
|
|
|
|
|
|
|
|
| |
Fix problems found by Coverity.
_ssl.c: under fail: self is DECREF'd, but it would have been NULL.
_csv.c: I'm not sure if lineterminator could have been anything other than
a string. However, other string method calls are checked, so check this
one too.
|
| |
|
|
|
|
|
|
| |
the need for the out-of-tree universal binary support that was used to build
the 2.4.3 installer.
Missing here relative to that tree are some changes to IDLE, IMHO those patches
aren't appropriate for the 2.4 branch and users are better of using 2.5's IDLE.
|
| |
|
|
|
| |
Bug #1572832: fix a bug in ISO-2022 codecs which may cause segfault
when encoding non-BMP unicode characters. (Submitted by Ray Chason)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
but looks correct on a casual inspection and hasn't been modified
in the trunk. Does anyone want to review further?]
Ensure we don't write beyond errText. I think I got this right, but
it definitely could use some review to ensure I'm not off by one
and there's no possible overflow/wrap-around of bytes_left.
Reported by Klocwork #1.
Fix a problem if there is a failure allocating self->db.
Found with failmalloc.
|
| |
|
|
|
|
|
|
|
| |
and _elementtree.c weren't applicable]
Klocwork made another run and found a bunch more problems.
This is the first batch of fixes that should be easy to verify based on context.
This fixes problem numbers: 220 (ast), 323-324 (symtable),
321-322 (structseq), 215 (array), 210 (hotshot), 182 (codecs), 209 (etree).
|
| |
|
|
|
|
| |
applied to pyarena.c, compile.c, and symtable.c, which were different in 2.4.]
Fix more memory allocation issues found with failmalloc.
|
| |
|
|
|
|
| |
Cause a PyObject_Malloc() failure to trigger a MemoryError, and then
add 'if (PyErr_Occurred())' checks to various places so that NULL is
returned properly.
|
| |
|
|
|
|
|
|
| |
If _stat_float_times is false, we will try to INCREF ival which could be NULL.
Return early in that case. The caller checks for PyErr_Occurred so this
should be ok.
Klocwork #297
|
| |
|
|
|
| |
Move the assert which checks for a NULL pointer first.
Klocwork #274.
|
| |
|
|
|
| |
Really address the issue of where to place the assert for leftblock.
(Followup of Klocwork 274)
|
| |
|
|
|
|
|
|
|
|
|
| |
Try to handle a malloc failure. I'm not entirely sure this is correct.
There might be something else we need to do to handle the exception.
Klocwork # 212-213
[I think this needs more work; a malloc() failure will cause a match to fail,
but nothing raises MemoryError. I'll work on this on the trunk and backport.
--amk]
|
| |
|
|
|
|
|
| |
Verify verdat which is returned from malloc is not NULL.
Ensure we don't pass NULL to free.
Klocwork #306 (at least the first part, checking malloc)
|
| |
|
|
|
|
| |
Handle malloc and fopen failures more gracefully.
Klocwork 180-181
|
| |
|
|
|
|
|
|
| |
I'm not sure why this code allocates this string for the error message.
I think it would be better to always use snprintf and have the format
limit the size of the name appropriately (like %.200s).
Klocwork #340
|
| |
|
|
| |
(unsigned long vs. unsigned int).
|
| |
|
|
|
|
|
|
| |
It's very unlikely, though possible that source is not a string. Verify
that PyString_AsString() returns a valid pointer. (The problem can
arise when zlib.decompress doesn't return a string.)
Klocwork 346
|
| |
|
|
|
|
| |
Handle failures from lookup.
Klocwork 341-342
|
| |
|
|
|
|
| |
Prevent memory leak on error.
Reported by Klocwork #36
|
| |
|
|
|
|
| |
No functional change. Add comment and assert to describe why there
cannot be overflow which was reported by Klocwork. Discussed on
python-dev.
|
| |
|
|
|
|
|
| |
nextlink can be NULL if teedataobject_new fails, so use XINCREF.
Ensure that dataobj is never NULL.
Reported by Klocwork #102
|
| |
|
|
|
|
| |
Don't deref v if it's NULL.
Klocwork #214
|
| |
|
|
| |
Fix memory leaks spotted by Klocwork #37.
|
| |
|
|
|
|
| |
Fix memory leaks in some conditions.
Reported by Klocwork #152.
|
| |
|
|
| |
Fix memory leak reported by valgrind while running test_subprocess
|
| |
|
|
|
| |
datetime's strftime function.
(backport from rev. 52072)
|
| |
|
|
|
|
|
|
|
|
| |
SF Bug # 941346, AIX shared library fix
Since I can't test this, I'm just adding a comment. If we get access
to AIX boxes, we can test this and really resolve. Anyone from IBM
want to offer help?
Backport candidate I suppose.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix bug
[ 1232517 ] OverflowError in time.utime() causes strange traceback
A needed error check was missing.
(Actually, this error check may only have become necessary in fairly
recent Python, not sure).
Backport candidate.
[A few lines below the code in 2.4 touched by the patch, there's already
a similar check of (intval == -1 && PyErr_Occurred()), so I think
this function can already report such errors, and therefore the fix
still applies. Perhaps Michael can clarify what he was referring to. --amk]
|
| |
|
|
| |
Add missing INCREF.
|
| |
|
|
| |
Add a missing incref.
|
| |
|
|
|
|
| |
Check return result from Py_InitModule*(). This API can fail.
Probably should be backported.
|
| |
|
|
|
| |
Bug #1548092: fix curses.tparm seg fault on invalid input. Needs
backport to 2.5.1 and earlier.
|
| |
|
|
|
|
|
| |
Handle failure from PyModule_GetDict() (Klocwork 208).
Fix a bunch of refleaks in the init of the module. This would only be found
when running python -v.
|
| |
|
|
| |
arguments. (reported by Louis Zechtzer)
|
| |
|
|
|
|
|
|
|
| |
Fixed a few bugs on cjkcodecs:
- gbk and gb18030 codec now handle U+30FB KATAKANA MIDDLE DOT correctly.
- iso2022_jp_2 codec now encodes into G0 for KS X 1001, GB2312
codepoints to conform the standard.
- iso2022_jp_3 and iso2022_jp_2004 codec can encode JIS X 0213:2
codepoints now.
|
| |
|
|
|
| |
of os.urandom().
(backport from rev. 51762)
|
| |
|
|
|
|
| |
Fix SF bug #1545837: array.array borks on deepcopy.
array.__deepcopy__() needs to take an argument, even if it doesn't actually
use it. Will backport to 2.5 and 2.4 (if applicable.)
|
| | |
|
| |
|
|
|
| |
raises the correct exceptions.
(backport from rev. 51285)
|
| |
|
|
| |
NetBSD's bluetooth API.
|
