[Python-checkins] closes bpo-34501: PyType_FromSpecWithBases: Check spec->name before dereferencing it. (GH-8930)
Benjamin Peterson
webhook-mailer at python.org
Sat Aug 25 14:53:50 EDT 2018
https://github.com/python/cpython/commit/5f79b50763d687aeeed8edcb4efcc7ac9f8fa186
commit: 5f79b50763d687aeeed8edcb4efcc7ac9f8fa186
branch: master
author: Alexey Izbyshev <izbyshev at ispras.ru>
committer: Benjamin Peterson <benjamin at python.org>
date: 2018-08-25T11:53:47-07:00
summary:
closes bpo-34501: PyType_FromSpecWithBases: Check spec->name before dereferencing it. (GH-8930)
Reported by Svace static analyzer.
files:
M Objects/typeobject.c
diff --git a/Objects/typeobject.c b/Objects/typeobject.c
index af9685d17d5f..52fcfeb22871 100644
--- a/Objects/typeobject.c
+++ b/Objects/typeobject.c
@@ -2847,6 +2847,15 @@ PyType_FromSpecWithBases(PyType_Spec *spec, PyObject *bases)
char *res_start = (char*)res;
PyType_Slot *slot;
+ if (res == NULL)
+ return NULL;
+
+ if (spec->name == NULL) {
+ PyErr_SetString(PyExc_SystemError,
+ "Type spec does not define the name field.");
+ goto fail;
+ }
+
/* Set the type name and qualname */
s = strrchr(spec->name, '.');
if (s == NULL)
@@ -2854,8 +2863,6 @@ PyType_FromSpecWithBases(PyType_Spec *spec, PyObject *bases)
else
s++;
- if (res == NULL)
- return NULL;
type = &res->ht_type;
/* The flags must be initialized early, before the GC traverses us */
type->tp_flags = spec->flags | Py_TPFLAGS_HEAPTYPE;
@@ -2865,8 +2872,6 @@ PyType_FromSpecWithBases(PyType_Spec *spec, PyObject *bases)
res->ht_qualname = res->ht_name;
Py_INCREF(res->ht_qualname);
type->tp_name = spec->name;
- if (!type->tp_name)
- goto fail;
/* Adjust for empty tuple bases */
if (!bases) {
More information about the Python-checkins
mailing list