[Python-Dev] 2.5 status
Georg Brandl
g.brandl at gmx.net
Wed Aug 9 09:10:30 CEST 2006
Tim Peters wrote:
> [Georg Brandl, on
> http://python.org/sf/1523610 - PyArg_ParseTupleAndKeywords
> potential core dump
> ]
>> This one's almost fixed if we can decide what to do with "levels".
>> I wrote some time ago:
>>
>> """
>> With respect to this bug (which is about stack issues in Python/getargs.c
>> involving misuse of the "levels" array), I think that we can drop the
>> "levels" thing completely. It's only there to tell the user which exact item
>> passed as part of a tuple argument cannot be accepted (and only if that
>> function is implemented in C code). As tuple arguments
>> are very rare "argument x" should be enough to tell the user that
>> something's wrong with that tuple.
>> """
>
> More, the problem that remains is purely "a head bug": nobody ever
> bumped into it, and the only way to provoke it is to write C (calling,
> e.g., PyArg_ParseTupleAndKeywords) nesting tuple codes in an argument
> descriptor string to an absurd depth. This is far from serious --
> heck, it's far from even interesting <0.5 wink>.
I have now found a different solution: as the format code is checked for '('
anyway and the nesting level is tracked, I introduced an upper bound for
it (rev. 51158). I believe that fixes the problem.
Georg
More information about the Python-Dev
mailing list