[New-bugs-announce] [issue36907] Crash due to borrowed references in _PyStack_UnpackDict()
Jeroen Demeyer
report at bugs.python.org
Mon May 13 15:40:04 EDT 2019
New submission from Jeroen Demeyer <J.Demeyer at UGent.be>:
class IntWithDict:
def __init__(self, **kwargs):
self.kwargs = kwargs
def __index__(self):
self.kwargs.clear()
L = [2**i for i in range(10000)]
return 0
x = IntWithDict(dont_inherit=float())
compile("", "", "", x, **x.kwargs)
The above crashes CPython due to the usage of borrowed references in _PyStack_UnpackDict(): the dict x.kwargs contains the only reference to the float() object stored in x.kwargs
When parsing the arguments, x.__int__() is called, which clears the dict, removing the only reference to that float()
----------
components: Interpreter Core
messages: 342377
nosy: jdemeyer, vstinner
priority: normal
severity: normal
status: open
title: Crash due to borrowed references in _PyStack_UnpackDict()
versions: Python 3.7, Python 3.8
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue36907>
_______________________________________
More information about the New-bugs-announce
mailing list