[New-bugs-announce] [issue18579] Dereference after NULL check in listobject.c merge_hi()
Christian Heimes
report at bugs.python.org
Sun Jul 28 15:20:05 CEST 2013
New submission from Christian Heimes:
Coverity Scan may have found an issue in listobject's merge code. I'm not familiar with the code so I don't know if ssb.value can be NULL here.
3. Condition "ssb.values != NULL", taking false branch
4. var_compare_op: Comparing "ssb.values" to null implies that "ssb.values" might be null.
1642 if (ssb.values != NULL)
1643 ssb.values = ms->a.values + nb - 1;
[...]
CID 715348 (#1 of 2): Dereference after null check (FORWARD_NULL)
18. var_deref_model: Passing "&ssb" to function "sortslice_copy_decr(sortslice *, sortslice *)", which dereferences null "ssb.values".
1711 sortslice_copy_decr(&dest, &ssb);
http://hg.python.org/cpython/file/tip/Objects/listobject.c#l1711
----------
components: Interpreter Core
messages: 193825
nosy: christian.heimes, haypo, tim_one
priority: normal
severity: normal
status: open
title: Dereference after NULL check in listobject.c merge_hi()
type: behavior
versions: Python 3.3, Python 3.4
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue18579>
_______________________________________
More information about the New-bugs-announce
mailing list