[issue31626] Writing in freed memory in _PyMem_DebugRawRealloc() after shrinking a memory block
STINNER Victor
report at bugs.python.org
Wed Oct 25 11:00:21 EDT 2017
STINNER Victor <victor.stinner at gmail.com> added the comment:
> PR 3844 restores the behavior of 2.7 and 3.3. I propose to merge it first, and develop other enhancements later.
Please don't. This PR reintroduced a bug that I fixed in bpo-18408:
commit c4266360fc70745d49b09f2c29cda91c1a007525
Author: Victor Stinner <victor.stinner at gmail.com>
Date: Tue Jul 9 00:44:43 2013 +0200
Issue #18408: Fix _PyMem_DebugRealloc()
Don't mark old extra memory dead before calling realloc(). realloc() can fail
and realloc() must not touch the original buffer on failure.
So mark old extra memory dead only on success if the new buffer did not move
(has the same address).
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue31626>
_______________________________________
More information about the Python-bugs-list
mailing list