[issue37166] inspect.findsource doesn't handle shortened files gracefully
Tim Hatch
report at bugs.python.org
Wed Jun 5 15:46:26 EDT 2019
New submission from Tim Hatch <tim at timhatch.com>:
inspect.findsource() can trigger IndexError when co_firstlineno is larger than len(linecache.getlines()).
If you have a situation where the file that linecache finds doesn't match the imported module, then you're not guaranteed that co_firstlineno on the code objects makes any sense. We hit this in a special kind of par file, but it could be triggered by shortening the file, like doing a git checkout of an older version while it's running.
a.py (3 lines):
# line 1
# line 2
def foo(): pass # co_firstlineno=3
a.py.v2 (1 line):
def foo(): pass
repro:
import a
# modification happens, cp a.py.v2 a.py
inspect.getsource(a.foo)
Although linecache.getline() does bounds checking, `inspect.findsource()` (which is used by various other functions, including `inspect.stack()`) grabs all the lines and loops through them. The bug is in this section of `inspect.py`:
if iscode(object):
if not hasattr(object, 'co_firstlineno'):
raise OSError('could not find function definition')
lnum = object.co_firstlineno - 1
pat = re.compile(r'^(\s*def\s)|(\s*async\s+def\s)|(.*(?<!\w)lambda(:|\s))|^(\s*@)')
while lnum > 0:
if pat.match(lines[lnum]): break
lnum = lnum - 1
return lines, lnum
raise OSError('could not find code object')
Found through future.utils.raise_from which actually doesn't need to be using `inspect.stack()`, it can switch to `sys._getframe(2)` or so. We should have a PR ready shortly, but wondering if this can be backported to at least 3.6?
----------
components: Library (Lib)
messages: 344761
nosy: lisroach, thatch, vstinner
priority: normal
severity: normal
status: open
title: inspect.findsource doesn't handle shortened files gracefully
versions: Python 3.6, Python 3.7, Python 3.8
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue37166>
_______________________________________
More information about the Python-bugs-list
mailing list