[Python-bugs-list] [ python-Bugs-534347 ] Potential AV in vgetargskeywords
noreply@sourceforge.net
noreply@sourceforge.net
Wed, 27 Mar 2002 08:55:24 -0800
Bugs item #534347, was opened at 2002-03-24 07:30
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=534347&group_id=5470
Category: Python Interpreter Core
Group: Python 2.2
Status: Open
Resolution: None
Priority: 5
Submitted By: Greg Chapman (glchapman)
Assigned to: Nobody/Anonymous (nobody)
Summary: Potential AV in vgetargskeywords
Initial Comment:
If you are dumb enough to do what I just did, pass a
dictionary with non-string keys to
PyEval_CallObjectWithKeyWords, you may cause an access
violation in Python (if the call ends up going through
PyArg_ParseTupleAndKeywords). The problem is in the
section of vgetargskeywords which checks for
extraneous keyword arguments: it does not check to
make sure PyString_AsString(key) succeeded. Attached
is a simple patch.
----------------------------------------------------------------------
>Comment By: Greg Chapman (glchapman)
Date: 2002-03-27 07:55
Message:
Logged In: YES
user_id=86307
I don't think calling PyErr_Clear is necessary given the
current implementation; both PyErr_Clear and
PyErr_SetString ultimately call PyErr_Restore, which clears
the old error.
As for passing the error through, that might be a better
choice. I put in the PyErr_SetString to try to follow the
behavior of PyEval_EvalCodeEx when it gets non-string keys
in a keyword dict.
----------------------------------------------------------------------
Comment By: Martin v. Löwis (loewis)
Date: 2002-03-27 03:40
Message:
Logged In: YES
user_id=21627
I think you need to clear the previous exception which is
indicated by the NULL return value (or just let it trough as
is).
----------------------------------------------------------------------
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=534347&group_id=5470