From 6ae2eb268d55854eafe36fa707ffed980a277d06 Mon Sep 17 00:00:00 2001
From: Neal Norwitz <nnorwitz@gmail.com>
Date: Sun, 24 Aug 2008 23:50:08 +0000
Subject: Issue #3657: Fix uninitialized memory read when pickling longs.

The conversion to the unicode API was incorrect, it should use bytes.
repr is a bad variable name.  The use is overloaded, but I'll leave
that to fix later.

R=Brett
TESTED=./python -E -tt ./Lib/test/regrtest.py -uall
	valgrind -q --leak-check=yes --suppressions=Misc/valgrind-python.supp \
		./python -E -tt ./Lib/test/regrtest.py test_pickletools
---
 Misc/NEWS         | 3 +++
 Modules/_pickle.c | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/Misc/NEWS b/Misc/NEWS
index b846d8f..8594c99 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -12,6 +12,9 @@ What's New in Python 3.0 release candidate 1
 Core and Builtins
 -----------------
 
+- Issue #3657: Fix uninitialized memory read when pickling longs.
+  Found by valgrind.
+
 - Apply security patches from Apple.
 
 - Fix crashes on memory allocation failure found with failmalloc.
diff --git a/Modules/_pickle.c b/Modules/_pickle.c
index 52fa156..ea5bbe2 100644
--- a/Modules/_pickle.c
+++ b/Modules/_pickle.c
@@ -924,10 +924,10 @@ save_long(PicklerObject *self, PyObject *obj)
                             "long too large to pickle");
             goto error;
         }
-        repr = PyUnicode_FromStringAndSize(NULL, (int)nbytes);
+        repr = PyBytes_FromStringAndSize(NULL, (Py_ssize_t)nbytes);
         if (repr == NULL)
             goto error;
-        pdata = (unsigned char *)_PyUnicode_AsString(repr);
+        pdata = (unsigned char *)PyBytes_AS_STRING(repr);
         i = _PyLong_AsByteArray((PyLongObject *)obj,
                                 pdata, nbytes,
                                 1 /* little endian */ , 1 /* signed */ );
-- 
cgit v0.12