[Python-bugs-list] [ python-Bugs-534347 ] Potential AV in vgetargskeywords

noreply@sourceforge.net noreply@sourceforge.net
Thu, 04 Apr 2002 08:27:24 -0800 

Bugs item #534347, was opened at 2002-03-24 11:30
You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=534347&group_id=5470

Category: Python Interpreter Core
Group: Python 2.2
>Status: Closed
>Resolution: Fixed
Priority: 5
Submitted By: Greg Chapman (glchapman)
>Assigned to: Guido van Rossum (gvanrossum)
Summary: Potential AV in vgetargskeywords

Initial Comment:
If you are dumb enough to do what I just did, pass a 
dictionary with non-string keys to 
PyEval_CallObjectWithKeyWords, you may cause an access 
violation in Python (if the call ends up going through 
PyArg_ParseTupleAndKeywords).  The problem is in the 
section of vgetargskeywords which checks for 
extraneous keyword arguments: it does not check to 
make sure PyString_AsString(key) succeeded.  Attached 
is a simple patch.


----------------------------------------------------------------------

>Comment By: Guido van Rossum (gvanrossum)
Date: 2002-04-04 11:27

Message:
Logged In: YES 
user_id=6380

Fixed in CVS.  Thanks!

----------------------------------------------------------------------

Comment By: Greg Chapman (glchapman)
Date: 2002-03-27 12:20

Message:
Logged In: YES 
user_id=86307

On second thought, perhaps I didn't follow 
PyEval_EvalCodeEx closely enough.  PyString_AsString can 
succeed for some non-string types (unicode, etc.), but 
these keys would not work if passed to PyEval_EvalCodeEx.  
So attached is a second version of the patch which calls 
PyString_Check before calling PyString_AsString. 

----------------------------------------------------------------------

Comment By: Greg Chapman (glchapman)
Date: 2002-03-27 11:55

Message:
Logged In: YES 
user_id=86307

I don't think calling PyErr_Clear is necessary given the 
current implementation; both PyErr_Clear and 
PyErr_SetString ultimately call PyErr_Restore, which clears 
the old error.

As for passing the error through, that might be a better 
choice.  I put in the PyErr_SetString to try to follow the 
behavior of PyEval_EvalCodeEx when it gets non-string keys 
in a keyword dict.


----------------------------------------------------------------------

Comment By: Martin v. Löwis (loewis)
Date: 2002-03-27 07:40

Message:
Logged In: YES 
user_id=21627

I think you need to clear the previous exception which is
indicated by the NULL return value (or just let it trough as
is).

----------------------------------------------------------------------

You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=534347&group_id=5470