[Python-checkins] python/dist/src/Objects unicodeobject.c,
2.124.6.21, 2.124.6.22
jhylton at users.sourceforge.net
jhylton at users.sourceforge.net
Tue Sep 16 23:32:44 EDT 2003
Update of /cvsroot/python/python/dist/src/Objects
In directory sc8-pr-cvs1:/tmp/cvs-serv11644/Objects
Modified Files:
Tag: release22-maint
unicodeobject.c
Log Message:
Backport: Double-fix of crash in Unicode freelist handling.
Index: unicodeobject.c
===================================================================
RCS file: /cvsroot/python/python/dist/src/Objects/unicodeobject.c,v
retrieving revision 2.124.6.21
retrieving revision 2.124.6.22
diff -C2 -d -r2.124.6.21 -r2.124.6.22
*** unicodeobject.c 11 Apr 2003 18:21:22 -0000 2.124.6.21
--- unicodeobject.c 17 Sep 2003 03:32:41 -0000 2.124.6.22
***************
*** 133,137 ****
if (unicode == unicode_empty ||
(unicode->length == 1 &&
! unicode->str[0] < 256 &&
unicode_latin1[unicode->str[0]] == unicode)) {
PyErr_SetString(PyExc_SystemError,
--- 133,142 ----
if (unicode == unicode_empty ||
(unicode->length == 1 &&
! /* MvL said unicode->str[] may be signed. Python generally assumes
! * an int contains at least 32 bits, and we don't use more than
! * 32 bits even in a UCS4 build, so casting to unsigned int should
! * be correct.
! */
! (unsigned int)unicode->str[0] < 256U &&
unicode_latin1[unicode->str[0]] == unicode)) {
PyErr_SetString(PyExc_SystemError,
***************
*** 212,215 ****
--- 217,228 ----
goto onError;
}
+ /* Initialize the first element to guard against cases where
+ * the caller fails before initializing str -- unicode_resize()
+ * reads str[0], and the Keep-Alive optimization can keep memory
+ * allocated for str alive across a call to unicode_dealloc(unicode).
+ * We don't want unicode_resize to read uninitialized memory in
+ * that case.
+ */
+ unicode->str[0] = 0;
unicode->str[length] = 0;
unicode->length = length;
More information about the Python-checkins
mailing list