[New-bugs-announce] [issue21073] Py_ReprEnter potentially misbehaves during malformed thread states

[Itai Bar-Natan]

New submission from Itai Bar-Natan:

While browsing the Python source code, I found this suspicious snippet in Py_ReprEnter:

    dict = PyThreadState_GetDict();
    if (dict == NULL)
        return 0;

It seems to me like the last line should be "return -1;". The way the program currently behaves, if PyThreadState_GetDict() fails and returns NULL, Py_ReprEnter will fail silently and always report that the input isn't in a recursive loop. The correct behavior is to report an error.

It would be difficult to explicitly exhibit this error since it relies on another component of Python failing first. One possible way would be to call PyObject_Repr on a recursive structure before fully initializing Python. I haven't tested this.

Alternately, it's possible that this behavior is intentional because we want PyObject_Repr to work for non-self-referential structures even before Python is fully initialized (perhaps it could be called during initialization), in exchange for a small risk of failure if it is called with a self-referential structure before initialization. In that case I suggest that this should be pointed out explicitly in the comments to this function.

----------
components: Interpreter Core
messages: 214920
nosy: itaibn
priority: normal
severity: normal
status: open
title: Py_ReprEnter potentially misbehaves during malformed thread states
type: behavior
versions: Python 2.7, Python 3.1, Python 3.2, Python 3.3, Python 3.4, Python 3.5

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue21073>
_______________________________________