[Python-Dev] remaining issues from Klocwork static analysis
Gerhard Häring
gh at ghaering.de
Wed Jul 26 10:17:04 CEST 2006
Martin v. Löwis wrote:
> Neal Norwitz wrote:
>> # 61 Modules/_sqlite/cursor.c:599 Null pointer may be dereferenced
>>
>> Null pointer 'self->statement' that comes from line 674 may be
>> dereferenced by passing argument 1 to function
>> 'statement_mark_dirty' at line 599.
>
> Looks like a problem. Maybe a break is missing after line 674?
The code is a bit complicated here, and admittedly not the nicest one,
but I verified it and there is no problem here.
_query_execute() is designed to handle both executemany() and execute().
multiple is a local variable that is 1 if there is a set of tuples of
SQL parameters (executemany) instead of a single tuple of SQL parameters
(execute), in which case it's 0.
Before the while loop, the code makes sure that parameters_iter is an
iterator that returns SQL parameter tuples. So if there is only a single
parameter tuple, a temporary list is created an parameters_iter is an
iterator over it.
So, if !multiple (referenced code in line 674), the while-loop will only
be executed once, and in the second loop, the while-loop will exit
because then the following code will break:
parameters = PyIter_Next(parameters_iter);
if (!parameters) {
break;
}
Code in line 599 is thus not executed with self->statement = 0.
-- Gerhard
More information about the Python-Dev
mailing list