From 7c4ab2afb17b99eb3f61f9c73cbd548b5e0ad2c0 Mon Sep 17 00:00:00 2001 From: Zackery Spytz Date: Wed, 15 Aug 2018 00:27:26 -0600 Subject: closes bpo-34400: Fix undefined behavior in parsetok(). (GH-4439) Avoid undefined pointer arithmetic with NULL. --- .../next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst | 1 + Parser/parsetok.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst b/Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst new file mode 100644 index 0000000..768f5a2 --- /dev/null +++ b/Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst @@ -0,0 +1 @@ +Fix undefined behavior in parsetok.c. Patch by Zackery Spytz. diff --git a/Parser/parsetok.c b/Parser/parsetok.c index 00d741d..b9c9fe8 100644 --- a/Parser/parsetok.c +++ b/Parser/parsetok.c @@ -225,7 +225,7 @@ parsetok(struct tok_state *tok, grammar *g, int start, perrdetail *err_ret, } else started = 1; - len = b - a; /* XXX this may compute NULL - NULL */ + len = (a != NULL && b != NULL) ? b - a : 0; str = (char *) PyObject_MALLOC(len + 1); if (str == NULL) { err_ret->error = E_NOMEM; -- cgit v0.12