From ebe428824d9c749577256cbcfb35945d8b19c479 Mon Sep 17 00:00:00 2001 From: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com> Date: Wed, 28 Dec 2022 10:11:27 +0530 Subject: [PATCH] [3.11] GH-100342: check for allocation failure in AC `*args` parsing (GH-100343). (#100568) (cherry picked from commit 7cf164ad5e3c8c6af5ae8813ad6a784448605418) Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com> --- Lib/test/clinic.test | 5 ++++- .../2022-12-19-10-08-53.gh-issue-100342.qDFlQG.rst | 1 + Modules/clinic/_testclinic.c.h | 8 +++++++- Tools/clinic/clinic.py | 4 ++++ 4 files changed, 16 insertions(+), 2 deletions(-) create mode 100644 Misc/NEWS.d/next/Tools-Demos/2022-12-19-10-08-53.gh-issue-100342.qDFlQG.rst diff --git a/Lib/test/clinic.test b/Lib/test/clinic.test index 217aa4c7e97..0abadbe7f34 100644 --- a/Lib/test/clinic.test +++ b/Lib/test/clinic.test @@ -3327,6 +3327,9 @@ test_vararg_and_posonly(PyObject *module, PyObject *const *args, Py_ssize_t narg } a = args[0]; __clinic_args = PyTuple_New(nargs - 1); + if (!__clinic_args) { + goto exit; + } for (Py_ssize_t i = 0; i < nargs - 1; ++i) { PyTuple_SET_ITEM(__clinic_args, i, Py_NewRef(args[1 + i])); } @@ -3339,7 +3342,7 @@ exit: static PyObject * test_vararg_and_posonly_impl(PyObject *module, PyObject *a, PyObject *args) -/*[clinic end generated code: output=081a953b8cbe7617 input=08dc2bf7afbf1613]*/ +/*[clinic end generated code: output=79b75dc07decc8d6 input=08dc2bf7afbf1613]*/ /*[clinic input] test_vararg diff --git a/Misc/NEWS.d/next/Tools-Demos/2022-12-19-10-08-53.gh-issue-100342.qDFlQG.rst b/Misc/NEWS.d/next/Tools-Demos/2022-12-19-10-08-53.gh-issue-100342.qDFlQG.rst new file mode 100644 index 00000000000..28f73633752 --- /dev/null +++ b/Misc/NEWS.d/next/Tools-Demos/2022-12-19-10-08-53.gh-issue-100342.qDFlQG.rst @@ -0,0 +1 @@ +Add missing ``NULL`` check for possible allocation failure in ``*args`` parsing in Argument Clinic. diff --git a/Modules/clinic/_testclinic.c.h b/Modules/clinic/_testclinic.c.h index 41555d80105..c97ac1c6629 100644 --- a/Modules/clinic/_testclinic.c.h +++ b/Modules/clinic/_testclinic.c.h @@ -2012,6 +2012,9 @@ vararg_and_posonly(PyObject *module, PyObject *const *args, Py_ssize_t nargs) } a = args[0]; __clinic_args = PyTuple_New(nargs - 1); + if (!__clinic_args) { + goto exit; + } for (Py_ssize_t i = 0; i < nargs - 1; ++i) { PyTuple_SET_ITEM(__clinic_args, i, Py_NewRef(args[1 + i])); } @@ -2257,6 +2260,9 @@ gh_99233_refcount(PyObject *module, PyObject *const *args, Py_ssize_t nargs) goto exit; } __clinic_args = PyTuple_New(nargs - 0); + if (!__clinic_args) { + goto exit; + } for (Py_ssize_t i = 0; i < nargs - 0; ++i) { PyTuple_SET_ITEM(__clinic_args, i, Py_NewRef(args[0 + i])); } @@ -2299,4 +2305,4 @@ gh_99240_double_free(PyObject *module, PyObject *const *args, Py_ssize_t nargs) exit: return return_value; } -/*[clinic end generated code: output=fe398ac790310bc4 input=a9049054013a1b77]*/ +/*[clinic end generated code: output=6b719efc1b8bd2c8 input=a9049054013a1b77]*/ diff --git a/Tools/clinic/clinic.py b/Tools/clinic/clinic.py index a6d8b86a83c..82e4919242c 100755 --- a/Tools/clinic/clinic.py +++ b/Tools/clinic/clinic.py @@ -903,12 +903,16 @@ class CLanguage(Language): if not new_or_init: parser_code.append(normalize_snippet(""" %s = PyTuple_New(%s); + if (!%s) {{ + goto exit; + }} for (Py_ssize_t i = 0; i < %s; ++i) {{ PyTuple_SET_ITEM(%s, i, Py_NewRef(args[%d + i])); }} """ % ( p.converter.parser_name, left_args, + p.converter.parser_name, left_args, p.converter.parser_name, max_pos