[Python-checkins] bpo-44707: Fix an undefined behavior of the null pointer arithmetic (GH-27292)

markshannon webhook-mailer at python.org
Thu Jul 29 07:36:32 EDT 2021


https://github.com/python/cpython/commit/e5c8ddb1714fb51ab1defa24352c98e0f01205dc
commit: e5c8ddb1714fb51ab1defa24352c98e0f01205dc
branch: main
author: Serhiy Storchaka <storchaka at gmail.com>
committer: markshannon <mark at hotpy.org>
date: 2021-07-29T12:36:24+01:00
summary:

bpo-44707: Fix an undefined behavior of the null pointer arithmetic (GH-27292)

files:
M Objects/listobject.c

diff --git a/Objects/listobject.c b/Objects/listobject.c
index 6eb7dce759cf8..898cbc20c5f81 100644
--- a/Objects/listobject.c
+++ b/Objects/listobject.c
@@ -180,9 +180,10 @@ PyList_New(Py_ssize_t size)
 static PyObject *
 list_new_prealloc(Py_ssize_t size)
 {
+    assert(size > 0);
     PyListObject *op = (PyListObject *) PyList_New(0);
-    if (size == 0 || op == NULL) {
-        return (PyObject *) op;
+    if (op == NULL) {
+        return NULL;
     }
     assert(op->ob_item == NULL);
     op->ob_item = PyMem_New(PyObject *, size);
@@ -459,6 +460,9 @@ list_slice(PyListObject *a, Py_ssize_t ilow, Py_ssize_t ihigh)
     PyObject **src, **dest;
     Py_ssize_t i, len;
     len = ihigh - ilow;
+    if (len <= 0) {
+        return PyList_New(0);
+    }
     np = (PyListObject *) list_new_prealloc(len);
     if (np == NULL)
         return NULL;
@@ -512,6 +516,9 @@ list_concat(PyListObject *a, PyObject *bb)
 #define b ((PyListObject *)bb)
     assert((size_t)Py_SIZE(a) + (size_t)Py_SIZE(b) < PY_SSIZE_T_MAX);
     size = Py_SIZE(a) + Py_SIZE(b);
+    if (size == 0) {
+        return PyList_New(0);
+    }
     np = (PyListObject *) list_new_prealloc(size);
     if (np == NULL) {
         return NULL;



More information about the Python-checkins mailing list