From f572cbf1faab33d9afbbe3e95738ed6fbe6e48e6 Mon Sep 17 00:00:00 2001
From: Serhiy Storchaka <storchaka@gmail.com>
Date: Wed, 14 Jul 2021 08:19:18 +0300
Subject: bpo-44608: Fix memory leak in _tkinter._flatten() (GH-27107)

if it is called with a sequence or set, but not list or tuple.
---
 Lib/test/test_tcl.py                                              | 8 +++++++-
 Misc/NEWS.d/next/Library/2021-07-13-09-01-33.bpo-44608.R3IcM1.rst | 2 ++
 Modules/_tkinter.c                                                | 4 +++-
 3 files changed, 12 insertions(+), 2 deletions(-)
 create mode 100644 Misc/NEWS.d/next/Library/2021-07-13-09-01-33.bpo-44608.R3IcM1.rst

diff --git a/Lib/test/test_tcl.py b/Lib/test/test_tcl.py
index e7a60db..6e5ef09 100644
--- a/Lib/test/test_tcl.py
+++ b/Lib/test/test_tcl.py
@@ -43,8 +43,14 @@ def get_tk_patchlevel():
 class TkinterTest(unittest.TestCase):
 
     def testFlattenLen(self):
-        # flatten(<object with no length>)
+        # Object without length.
         self.assertRaises(TypeError, _tkinter._flatten, True)
+        # Object with length, but not sequence.
+        self.assertRaises(TypeError, _tkinter._flatten, {})
+        # Sequence or set, but not tuple or list.
+        # (issue44608: there were leaks in the following cases)
+        self.assertRaises(TypeError, _tkinter._flatten, 'string')
+        self.assertRaises(TypeError, _tkinter._flatten, {'set'})
 
 
 class TclTest(unittest.TestCase):
diff --git a/Misc/NEWS.d/next/Library/2021-07-13-09-01-33.bpo-44608.R3IcM1.rst b/Misc/NEWS.d/next/Library/2021-07-13-09-01-33.bpo-44608.R3IcM1.rst
new file mode 100644
index 0000000..e0cf948
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2021-07-13-09-01-33.bpo-44608.R3IcM1.rst
@@ -0,0 +1,2 @@
+Fix memory leak in :func:`_tkinter._flatten` if it is called with a sequence
+or set, but not list or tuple.
diff --git a/Modules/_tkinter.c b/Modules/_tkinter.c
index 14101d9..329b291 100644
--- a/Modules/_tkinter.c
+++ b/Modules/_tkinter.c
@@ -3197,8 +3197,10 @@ _tkinter__flatten(PyObject *module, PyObject *item)
 
     context.size = 0;
 
-    if (!_flatten1(&context, item,0))
+    if (!_flatten1(&context, item, 0)) {
+        Py_XDECREF(context.tuple);
         return NULL;
+    }
 
     if (_PyTuple_Resize(&context.tuple, context.size))
         return NULL;
-- 
cgit v0.12