mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-29 13:15:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Repair widespread misuse of _PyString_Resize. Since it's clear people

Browse source 
don't understand how this function works, also beefed up the docs.  The
most common usage error is of this form (often spread out across gotos):

	if (_PyString_Resize(&s, n) < 0) {
		Py_DECREF(s);
		s = NULL;
		goto outtahere;
	}

The error is that if _PyString_Resize runs out of memory, it automatically
decrefs the input string object s (which also deallocates it, since its
refcount must be 1 upon entry), and sets s to NULL.  So if the "if"
branch ever triggers, it's an error to call Py_DECREF(s):  s is already
NULL!  A correct way to write the above is the simpler (and intended)

	if (_PyString_Resize(&s, n) < 0)
		goto outtahere;

Bugfix candidate.
This commit is contained in:
Tim Peters 2002-04-27 18:44:32 +00:00
parent 602f740bc2
commit 5de9842b34
14 changed files with 54 additions and 90 deletions
Download patch file Download diff file Expand all files Collapse all files

34
Objects/unicodeobject.c
View file

@ -927,10 +927,7 @@ PyObject *PyUnicode_EncodeUTF7(const Py_UNICODE *s,
*out++ = '-';
}
if (_PyString_Resize(&v, out - start)) {
Py_DECREF(v);
return NULL;
}
_PyString_Resize(&v, out - start);
return v;
}
@ -1764,7 +1761,7 @@ PyObject *unicodeescape_string(const Py_UNICODE *s,
/* Resize the string if necessary */
if (offset + 12 > PyString_GET_SIZE(repr)) {
if (_PyString_Resize(&repr, PyString_GET_SIZE(repr) + 100))
goto onError;
return NULL;
p = PyString_AS_STRING(repr) + offset;
}
@ -1847,14 +1844,8 @@ PyObject *unicodeescape_string(const Py_UNICODE *s,
*p++ = PyString_AS_STRING(repr)[1];
*p = '\0';
if (_PyString_Resize(&repr, p - PyString_AS_STRING(repr)))
goto onError;
_PyString_Resize(&repr, p - PyString_AS_STRING(repr));
return repr;
onError:
Py_DECREF(repr);
return NULL;
}
PyObject *PyUnicode_EncodeUnicodeEscape(const Py_UNICODE *s,
@ -1985,14 +1976,8 @@ PyObject *PyUnicode_EncodeRawUnicodeEscape(const Py_UNICODE *s,
*p++ = (char) ch;
}
*p = '\0';
if (_PyString_Resize(&repr, p - q))
goto onError;
_PyString_Resize(&repr, p - q);
return repr;
onError:
Py_DECREF(repr);
return NULL;
}
PyObject *PyUnicode_AsRawUnicodeEscapeString(PyObject *unicode)
@ -2092,8 +2077,7 @@ PyObject *PyUnicode_EncodeLatin1(const Py_UNICODE *p,
}
/* Resize if error handling skipped some characters */
if (s - start < PyString_GET_SIZE(repr))
if (_PyString_Resize(&repr, s - start))
goto onError;
_PyString_Resize(&repr, s - start);
return repr;
onError:
@ -2240,8 +2224,7 @@ PyObject *PyUnicode_EncodeASCII(const Py_UNICODE *p,
}
/* Resize if error handling skipped some characters */
if (s - start < PyString_GET_SIZE(repr))
if (_PyString_Resize(&repr, s - start))
goto onError;
_PyString_Resize(&repr, s - start);
return repr;
onError:
@ -2588,12 +2571,11 @@ PyObject *PyUnicode_EncodeCharmap(const Py_UNICODE *p,
Py_DECREF(x);
}
if (s - PyString_AS_STRING(v) < PyString_GET_SIZE(v))
if (_PyString_Resize(&v, (int)(s - PyString_AS_STRING(v))))
goto onError;
_PyString_Resize(&v, (int)(s - PyString_AS_STRING(v)));
return v;
onError:
Py_DECREF(v);
Py_XDECREF(v);
return NULL;
}