[issue36218] .sort() segfaults consistently on crafted input
Rémi Lapeyre
report at bugs.python.org
Thu Mar 7 04:43:34 EST 2019
Rémi Lapeyre <remi.lapeyre at henki.fr> added the comment:
> Rémi, are you saying there are failing tests currently in the master related to this bug?
No, you are right there is no tests for this code path and there is no tests on master related to this bug as far as I can tell.
I think the issue comes from https://github.com/python/cpython/blob/master/Objects/listobject.c#L2307-L2310, there is an early exit from the loop when keys don't have all the same type, but it is wrong to still think they are all tuples since:
- they don't all have the same type
- we did not check all elements in the list anyway
The code at https://github.com/python/cpython/blob/master/Objects/listobject.c#L2307-L2310 should be guarded by the `if (keys_are_all_same_type)`. I opened a PR to add the tests from Lyn Levenick and the proposed fix.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue36218>
_______________________________________
More information about the Python-bugs-list
mailing list