[New-bugs-announce] [issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116
Petru-Florin Mihancea
report at bugs.python.org
Thu Jul 26 00:55:28 EDT 2018
New submission from Petru-Florin Mihancea <petrum at gmail.com>:
While experimenting with a CodeSonar plugin we develop, we noticed a potential bug in file "cpython/Objects/sliceobject.c" line 116 function PySlice_GetIndices.
if (r->start == Py_None) {
*start = *step < 0 ? length-1 : 0;
} else {
if (!PyInt_Check(r->start) && !PyLong_Check(r->step)) return -1;//HERE
*start = PyInt_AsSsize_t(r->start);
if (*start < 0) *start += length;
}
Shouldn't start field of r be used in the second check (instead of step)?
In a related potential issue, in line 123, shouldn't r->stop be checked in the second verification?
Thanks,
Petru Florin Mihancea
----------
messages: 322394
nosy: petrum at gmail.com
priority: normal
severity: normal
status: open
title: Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116
versions: Python 2.7
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue34229>
_______________________________________
More information about the New-bugs-announce
mailing list