[issue18427] str.replace causes segfault for long strings
Christian Heimes
report at bugs.python.org
Thu Jul 11 12:20:30 CEST 2013
Christian Heimes added the comment:
#0 memchr () at ../sysdeps/x86_64/memchr.S:155
#1 0x0000000000467ca4 in countchar (maxcount=<optimized out>, c=10 '\n', target_len=-1152922353, target=0x7fff3b196034 'A' <repeats 200 times>...)
at Objects/stringobject.c:2341
#2 replace_delete_single_character (maxcount=<optimized out>, from_c=10 '\n', self=0x7fff3b196010) at Objects/stringobject.c:2427
#3 replace (maxcount=<optimized out>, to_len=<optimized out>, to_s=<optimized out>, from_len=1, from_s=<optimized out>, self=0x7fff3b196010)
at Objects/stringobject.c:2780
#4 string_replace (self=0x7fff3b196010, args=<optimized out>) at Objects/stringobject.c:2854
target_len=-1152922353 looks fishy. I think countchar()'s target_len argument has a wrong argument type. It should be Py_ssize_t instead of int.
-countchar(const char *target, int target_len, char c, Py_ssize_t maxcount)
+countchar(const char *target, Py_ssize_t target_len, char c, Py_ssize_t maxcount)
----------
nosy: +christian.heimes
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue18427>
_______________________________________
More information about the Python-bugs-list
mailing list