| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Issue #4469: Prevent expandtabs() on string and unicode
objects from causing a segfault when a large width is passed
on 32-bit platforms.
|
| | |
|
| |
|
|
|
|
|
|
| |
parameter but was not verifying that it was greater than zero. Values
less than zero will now raise a SystemError and return NULL to indicate a
bug in the calling C code. CVE-2008-1887.
backport r62261, r62271
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
to the signed max value similar to 2.5 and trunk.
Issue #2620: Overflow checking when allocating or reallocating memory
was not always being done properly in some python types and extension
modules. PyMem_MALLOC, PyMem_REALLOC, PyMem_NEW and PyMem_RESIZE have
all been updated to perform better checks and places in the code that
would previously leak memory on the error path when such an allocation
failed have been fixed.
|
| |
|
|
|
|
| |
Added checks for integer overflows, contributed by Google. Some are
only available if asserts are left in the code, in cases where they
can't be triggered from Python code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
SF patch #1630975: Fix crash when replacing sys.stdout in sitecustomize
When running the interpreter in an environment that would cause it to set
stdout/stderr/stdin's encoding, having a sitecustomize that would replace
them with something other than PyFile objects would crash the interpreter.
Fix it by simply ignoring the encoding-setting for non-files.
This could do with a test, but I can think of no maintainable and portable
way to test this bug, short of adding a sitecustomize.py to the buildsystem
and have it always run with it (hmmm....)
|
| |
|
|
|
|
|
|
|
|
| |
about truly wrong code.
Checkin comment from 51262:
Can't return NULL from a void function. If there is a memory error,
about the best we can do is call PyErr_WriteUnraisable and go on.
We won't be able to do the call below either, so verify delstr is valid.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
fixing an unlikely crash bug in dict resizing, SF
bug 1456209.
The rest of rev 46589 changes whether Python suppresses
exceptions during some dict-related comparisons. While I
think that's a good idea, it does change visible behavior at
times, and there was already some complaining about that on
the trunk. Not a good idea for backporting. The part of
46589 checked in here can at worst stop segfaults, and I doubt
anyone will gripe about that ;-)
|
| |
|
|
|
|
|
|
|
|
| |
Fix problems found by Coverity.
longobject.c: also fix an ssize_t problem
<a> could have been NULL, so hoist the size calc to not use <a>.
[The ssize_t change isn't needed for 2.4. The other changes in this revision
are to modules not present in 2.4. --amk]
|
| |
|
|
|
|
|
|
|
| |
Fix three nits found by Coverity, adding null checks and comments.
[This commit only makes two changes. One change in the original patch
is just adding a comment, and another adds a 'base != NULL' check to
silence Coverity, but a comment adds that that base is never going to
be NULL. I didn't backport that change. --amk]
|
| |
|
|
|
|
| |
Remove dead code (reported by HP compiler).
Can probably be backported if anyone cares.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
backported.]
Use sizeof(buffer) instead of duplicating the constants to ensure they won't
be wrong.
The real change is to pass (bufsz - 1) to PyOS_ascii_formatd and 1
to strncat. strncat copies n+1 bytes from src (not dest).
Reported by Klocwork #58.
|
| |
|
|
|
|
|
| |
PyFunction_SetDefaults() is documented as taking None or a tuple.
A NULL would crash the PyTuple_Check(). Now make NULL return a SystemError.
Reported by Klocwork #73.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Handle a whole lot of failures from PyString_FromInternedString().
Should fix most of Klocwork 234-272.
[Backport r51400 | neal.norwitz]
Move initialization of interned strings to before allocating the
object so we don't leak op. (Fixes an earlier patch to this code)
Klockwork #350
|
| |
|
|
|
|
|
|
|
| |
and _elementtree.c weren't applicable]
Klocwork made another run and found a bunch more problems.
This is the first batch of fixes that should be easy to verify based on context.
This fixes problem numbers: 220 (ast), 323-324 (symtable),
321-322 (structseq), 215 (array), 210 (hotshot), 182 (codecs), 209 (etree).
|
| |
|
|
|
| |
Handle allocation failures gracefully. Found with failmalloc.
Many (all?) of these could be backported.
|
| |
|
|
|
|
|
| |
Fix segfault when doing string formatting on subclasses of long if
__oct__, __hex__ don't return a string.
Klocwork 308
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* unified the way intobject, longobject and mystrtoul handle
values around -sys.maxint-1.
* in general, trying to entierely avoid overflows in any computation
involving signed ints or longs is extremely involved. Fixed a few
simple cases where a compiler might be too clever (but that's all
guesswork).
* more overflow checks against bad data in marshal.c.
|
| |
|
|
| |
on undefined behaviour of the C compiler anymore.
|
| |
|
|
|
|
|
| |
Check return of PyMem_MALLOC (garbage) is non-NULL.
Check seq in both portions of if/else.
Klocwork #289-290.
|
| |
|
|
|
|
|
|
| |
Move the initialization of size_a down below the check for a being NULL.
Reported by Klocwork #106.
[Slight change required: in 2.5 Py_ssize_t is used, but 2.4 uses int.]
|
| |
|
|
|
|
|
| |
Stop INCREFing name, then checking if it's NULL. name (f_name) should never
be NULL so assert it. Fix one place where we could have passed NULL.
Reported by Klocwork #66.
|
| |
|
|
| |
Handle a NULL name properly.
|
| |
|
|
| |
Make staticmethod and classmethod complain about keyword args.
|
| |
|
|
|
|
| |
Make sure memory is properly cleaned up in file_init.
Backport candidate.
|
| |
|
|
| |
Another problem reported by Coverity. Backport candidate.
|
| |
|
|
|
|
| |
keyword arguments any more (previously they accepted them, but didn't
use them).
(backport from rev. 52058)
|
| |
|
|
|
| |
Don't leak the list object if there's an error allocating the item
storage. Backport candidate.
|
| |
|
|
|
|
| |
Bug fix for [ 1331062 ] utf 7 codec broken.
Backport candidate.
|
| |
|
|
|
|
| |
i_divmod(): As discussed on Python-Dev, changed the overflow
checking to live happily with recent gcc optimizations that
assume signed integer arithmetic never overflows.
|
| |
|
|
|
| |
- Patch #1541585: fix buffer overrun when performing repr() on
a unicode string in a build with wide unicode (UCS-4) support.
|
| |
|
|
| |
must not.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
would infinitely recourse and segfault the interpreter. Now a recursion check
occurs after a coercion.
Backport of fix for bug #992017.
|
| |
|
|
| |
block.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
in dicts and sets when computing the total number of references.
|
| |
|
|
| |
(backport from rev. 43506)
|
| |
|
|
|
|
|
|
|
| |
unicode_escape and raw_unicode_escape codec now encodes backslash correctly.
This caused another issue for unicode repr strings being double-escaped
(SF Bug #1459029). Correct fix will be in 2.5, but is too risky for 2.4.3.
Added a testcase for #1459029.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport 42973 (lots of whitespace changes intermixed):
- Reindent a confusingly indented piece of code (no intended code changes
there)
- Add missing DECREFs of inner-scope 'temp' variable
- Add various missing DECREFs by changing 'return NULL' into 'goto onError'
- Avoid double DECREF when last _PyUnicode_Resize() fails
Coverity found one of the missing DECREFs, but oddly enough not the others.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix and test (manually w/xx module) passing NULLs to PyObject_Str() and
PyObject_Unicode(). This problem was originally reported from Coverity
and addresses mail on python-dev "checkin r43015".
This inlines the conversion of the string to unicode and cleans
up/simplifies some code at the end of the PyObject_Unicode().
We really need a complete C API test module for all public APIs
and passing good and bad parameter values.
|
| |
|
|
| |
(backport from rev. 43014)
|
| |
|
|
| |
by Coverity.
|
