From 062a57bf4b768ef726975bcc1d34398387520147 Mon Sep 17 00:00:00 2001 From: Zackery Spytz Date: Sun, 18 Nov 2018 09:45:57 -0700 Subject: bpo-35269: Fix a possible segfault involving a newly-created coroutine (GH-10585) coro->cr_origin wasn't initialized if compute_cr_origin() failed in PyCoro_New(), which would cause a crash during the coroutine's deallocation. https://bugs.python.org/issue35269 --- .../next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst | 2 ++ Objects/genobject.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst b/Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst new file mode 100644 index 0000000..0076346 --- /dev/null +++ b/Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst @@ -0,0 +1,2 @@ +Fix a possible segfault involving a newly-created coroutine. Patch by +Zackery Spytz. diff --git a/Objects/genobject.c b/Objects/genobject.c index 98c9394..716bd6d 100644 --- a/Objects/genobject.c +++ b/Objects/genobject.c @@ -1164,11 +1164,11 @@ PyCoro_New(PyFrameObject *f, PyObject *name, PyObject *qualname) ((PyCoroObject *)coro)->cr_origin = NULL; } else { PyObject *cr_origin = compute_cr_origin(origin_depth); + ((PyCoroObject *)coro)->cr_origin = cr_origin; if (!cr_origin) { Py_DECREF(coro); return NULL; } - ((PyCoroObject *)coro)->cr_origin = cr_origin; } return coro; -- cgit v0.12