Issue 534347: Potential AV in vgetargskeywords

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/36322

classification

Type:	Stage:
Title:	Potential AV in vgetargskeywords
Components:	Interpreter Core	Versions:	Python 2.2

process

Dependencies:	Superseder:
Status:	closed	Resolution:	fixed
Assigned To:	gvanrossum	Nosy List:	glchapman, gvanrossum, loewis
Priority:	normal	Keywords:

Created on 2002年03月24日 16:30 by glchapman, last changed 2022年04月10日 16:05 by admin. This issue is now closed.

Files
File name	Uploaded	Description	Edit
getargs.c.diff	glchapman, 2002年03月24日 16:30
getargs.c.2.diff	glchapman, 2002年03月27日 17:20

Messages (5)
msg9941 - (view)	Author: Greg Chapman (glchapman)	Date: 2002年03月24日 16:30
If you are dumb enough to do what I just did, pass a dictionary with non-string keys to PyEval_CallObjectWithKeyWords, you may cause an access violation in Python (if the call ends up going through PyArg_ParseTupleAndKeywords). The problem is in the section of vgetargskeywords which checks for extraneous keyword arguments: it does not check to make sure PyString_AsString(key) succeeded. Attached is a simple patch.
msg9942 - (view)	Author: Martin v. Löwis (loewis) * (Python committer)	Date: 2002年03月27日 12:40
Logged In: YES user_id=21627 I think you need to clear the previous exception which is indicated by the NULL return value (or just let it trough as is).
msg9943 - (view)	Author: Greg Chapman (glchapman)	Date: 2002年03月27日 16:55
Logged In: YES user_id=86307 I don't think calling PyErr_Clear is necessary given the current implementation; both PyErr_Clear and PyErr_SetString ultimately call PyErr_Restore, which clears the old error. As for passing the error through, that might be a better choice. I put in the PyErr_SetString to try to follow the behavior of PyEval_EvalCodeEx when it gets non-string keys in a keyword dict.
msg9944 - (view)	Author: Greg Chapman (glchapman)	Date: 2002年03月27日 17:20
Logged In: YES user_id=86307 On second thought, perhaps I didn't follow PyEval_EvalCodeEx closely enough. PyString_AsString can succeed for some non-string types (unicode, etc.), but these keys would not work if passed to PyEval_EvalCodeEx. So attached is a second version of the patch which calls PyString_Check before calling PyString_AsString.
msg9945 - (view)	Author: Guido van Rossum (gvanrossum) * (Python committer)	Date: 2002年04月04日 16:27
Logged In: YES user_id=6380 Fixed in CVS. Thanks!

History
Date	User	Action	Args
2022年04月10日 16:05:08	admin	set	github: 36322
2002年03月24日 16:30:10	glchapman	create

homepage