[Python-checkins] bpo-41056: Fix reference to deallocated stack in pathconfig (Coverity) (GH-21013)
Miss Islington (bot)
webhook-mailer at python.org
Mon Jun 22 03:43:46 EDT 2020
https://github.com/python/cpython/commit/d5ee9b9940ba24120838b07061058afe931cfff1
commit: d5ee9b9940ba24120838b07061058afe931cfff1
branch: 3.8
author: Miss Islington (bot) <31488909+miss-islington at users.noreply.github.com>
committer: GitHub <noreply at github.com>
date: 2020-06-22T00:43:41-07:00
summary:
bpo-41056: Fix reference to deallocated stack in pathconfig (Coverity) (GH-21013)
Reported by Coverity. (CID 1457554 RETURN_LOCAL)
path0 is assigned as a pointer to this right before it goes out of scope.
(cherry picked from commit 81328f30703bd7225e7e73aedb0994a7293ce190)
Co-authored-by: Gregory P. Smith <greg at krypto.org>
files:
A Misc/NEWS.d/next/Core and Builtins/2020-06-21-19-53-33.bpo-41056.IDu_EK.rst
M Python/pathconfig.c
diff --git a/Misc/NEWS.d/next/Core and Builtins/2020-06-21-19-53-33.bpo-41056.IDu_EK.rst b/Misc/NEWS.d/next/Core and Builtins/2020-06-21-19-53-33.bpo-41056.IDu_EK.rst
new file mode 100644
index 0000000000000..25f93c9da3105
--- /dev/null
+++ b/Misc/NEWS.d/next/Core and Builtins/2020-06-21-19-53-33.bpo-41056.IDu_EK.rst
@@ -0,0 +1 @@
+Fixes a reference to deallocated stack space during startup when constructing sys.path involving a relative symlink when code was supplied via -c. (discovered via Coverity)
\ No newline at end of file
diff --git a/Python/pathconfig.c b/Python/pathconfig.c
index 258ff613a066c..bf180976b55ab 100644
--- a/Python/pathconfig.c
+++ b/Python/pathconfig.c
@@ -679,6 +679,7 @@ _PyPathConfig_ComputeSysPath0(const PyWideStringList *argv, PyObject **path0_p)
#ifdef HAVE_READLINK
wchar_t link[MAXPATHLEN + 1];
int nr = 0;
+ wchar_t path0copy[2 * MAXPATHLEN + 1];
if (have_script_arg) {
nr = _Py_wreadlink(path0, link, Py_ARRAY_LENGTH(link));
@@ -701,7 +702,6 @@ _PyPathConfig_ComputeSysPath0(const PyWideStringList *argv, PyObject **path0_p)
}
else {
/* Must make a copy, path0copy has room for 2 * MAXPATHLEN */
- wchar_t path0copy[2 * MAXPATHLEN + 1];
wcsncpy(path0copy, path0, MAXPATHLEN);
q = wcsrchr(path0copy, SEP);
wcsncpy(q+1, link, MAXPATHLEN);
More information about the Python-checkins
mailing list