On 3/14/06, Jeff Epler wrote:

After the recent discussion about Coverity, I took a look at one of the checkins made, apparently based on output from their tool.

http://svn.python.org/view/python/branches/release24-maint/Objects/object.c?&r1=43015&r2=43014&rev=43015&view=diff&diff_format=l

This change, a backport of a similar change made to HEAD, doesn't seem to fix the flaw: the PyUnicode_CheckExact() call is now guarded against a NULL return, but the subsequent PyUnicode_Check() and PyString_Check() calls don't seem to be.

Agreed. That change doesn't fix the real problem. I bet it'll still segfault for PyObject_Unicode(NULL). In fact, I and Neal talked about the problem and have a correct patch. But the patch looks bit messy so we hated it. :-) http://python.org/sf/1444030

I'm not 100% sure what's going on here, but it still looks a bit fishy. The API reference says that PyObject_AsUnicode may return NULL, so why doesn't the function just call PyErr_BadInternalCall() and return NULL?

For the consistency with PyObject_String(NULL) which returns a string "<NULL>". Hye-Shik