Skip to content

potential nullptr dereference + use of uninitialized memory in fileutils #102281

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
maxbachmann opened this issue Feb 26, 2023 · 3 comments
Closed

potential nullptr dereference + use of uninitialized memory in fileutils #102281

maxbachmann opened this issue Feb 26, 2023 · 3 comments
Labels
interpreter-core (Objects, Python, Grammar, and Parser dirs) type-bug An unexpected behavior, bug, or error

Comments

@maxbachmann
Copy link
Contributor

maxbachmann commented Feb 26, 2023
edited by bedevere-bot
Loading

Bug report

cpython/Python/fileutils.c

Lines 2161 to 2162 in 6daf42b

join_relfile(filename, bufsize, dirname, relfile);
return filename;
can lead to use of uninitialized memory when join_relfile fails.

cpython/Python/fileutils.c

Lines 2197 to 2199 in 6daf42b

_Py_normpath(wchar_t *path, Py_ssize_t size)
{
if (!path[0] || size == 0) {
in combination with

cpython/Modules/getpath.c

Line 450 in 6daf42b

path2 = _Py_normpath(_Py_join_relfile(path, resolved), -1);

leads to a nullptr dereference.

Linked PRs
@maxbachmann maxbachmann added the type-bug An unexpected behavior, bug, or error label Feb 26, 2023
@bedevere-bot bedevere-bot mentioned this issue Feb 26, 2023
Merged
@arhadthedev arhadthedev added the interpreter-core (Objects, Python, Grammar, and Parser dirs) label Mar 4, 2023
corona10 pushed a commit that referenced this issue Mar 15, 2023
@maxbachmann
gh-102281: Fix potential nullptr dereference + use of uninitialized m…
afa6092 
…emory (gh-102282)
@hauntsaninja
Copy link
Contributor

Thanks for the fix! Looks like this could still use backports

@maxbachmann
Copy link
Contributor Author

Thanks for the reminder

@bedevere-bot bedevere-bot mentioned this issue Mar 25, 2023
Merged
hauntsaninja pushed a commit that referenced this issue Mar 25, 2023
@maxbachmann
[3.11] gh-102281: Fix potential nullptr dereference + use of uninitia… (
b28f919 
#103040)

[3.11] gh-102281: Fix potential nullptr dereference + use of uninitialized memory (gh-102282)
(cherry picked from commit afa6092)
@hauntsaninja
Copy link
Contributor

Thanks again :-)

Fidget-Spinner pushed a commit to Fidget-Spinner/cpython that referenced this issue Mar 27, 2023
@maxbachmann @Fidget-Spinner
pythongh-102281: Fix potential nullptr dereference + use of uninitial…
06915ed 
…ized memory (pythongh-102282)
warsaw pushed a commit to warsaw/cpython that referenced this issue Apr 11, 2023
@maxbachmann @warsaw
pythongh-102281: Fix potential nullptr dereference + use of uninitial…
8d154eb 
…ized memory (pythongh-102282)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
interpreter-core (Objects, Python, Grammar, and Parser dirs) type-bug An unexpected behavior, bug, or error
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@arhadthedev @hauntsaninja @maxbachmann