[issue31734] crash or SystemError in sqlite3.Cache in case it is uninitialized or partially initialized
Oren Milman
report at bugs.python.org
Mon Oct 9 09:54:05 EDT 2017
New submission from Oren Milman <orenmn at gmail.com>:
The following code causes a crash:
import sqlite3
cache = sqlite3.Cache.__new__(sqlite3.Cache)
cache.get(None)
This is because pysqlite_cache_get() (in Modules/_sqlite/cache.c) assumes that
the Cache object is initialized, and so it passes self->mapping to
PyDict_GetItem(), which assumes it is not NULL, and crashes.
Also, the following code causes a SystemError ('null argument to internal
routine'), as well as refleaks in the deallocation of the Cache object:
import sqlite3
cache = sqlite3.Cache(str)
try:
cache.__init__()
except TypeError:
pass
cache.get(None)
This is because pysqlite_cache_init() first sets self->factory to NULL, and
only then parses its arguments, so in case it fails to parse the arguments
(e.g. due to a wrong number of arguments) we are left with a partially
initialized Cache object.
While we are here, we should also fix refleaks that occur when
sqlite3.Cache.__init__() is called more than once.
----------
components: Extension Modules
messages: 303958
nosy: Oren Milman
priority: normal
severity: normal
status: open
title: crash or SystemError in sqlite3.Cache in case it is uninitialized or partially initialized
type: crash
versions: Python 3.7
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue31734>
_______________________________________
More information about the Python-bugs-list
mailing list