[Python-checkins] [3.11] gh-105375: Harden pyexpat initialisation (#105606) (#105668)

erlend-aasland webhook-mailer at python.org
Sun Jun 11 17:28:19 EDT 2023 

https://github.com/python/cpython/commit/e5fe017143bd259ec3a825029e3a6e30f612089c
commit: e5fe017143bd259ec3a825029e3a6e30f612089c
branch: 3.11
author: Erlend E. Aasland <erlend.aasland at protonmail.com>
committer: erlend-aasland <erlend.aasland at protonmail.com>
date: 2023-06-11T21:28:12Z
summary:

[3.11] gh-105375: Harden pyexpat initialisation (#105606) (#105668)

(cherry picked from commit 20a56d8becba1a5a958b167fdb43b1a1b9228095)

Add proper error handling to add_errors_module() to prevent exceptions
from possibly being overwritten.

files:
A Misc/NEWS.d/next/Library/2023-06-09-23-00-13.gh-issue-105605.YuwqxY.rst
M Modules/pyexpat.c

diff --git a/Misc/NEWS.d/next/Library/2023-06-09-23-00-13.gh-issue-105605.YuwqxY.rst b/Misc/NEWS.d/next/Library/2023-06-09-23-00-13.gh-issue-105605.YuwqxY.rst
new file mode 100644
index 000000000000..5fba6d293a78
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2023-06-09-23-00-13.gh-issue-105605.YuwqxY.rst
@@ -0,0 +1,3 @@
+Harden :mod:`pyexpat` error handling during module initialisation to prevent
+exceptions from possibly being overwritten, and objects from being
+dereferenced twice.
diff --git a/Modules/pyexpat.c b/Modules/pyexpat.c
index a74d8046c487..226887cfacc0 100644
--- a/Modules/pyexpat.c
+++ b/Modules/pyexpat.c
@@ -1768,14 +1768,18 @@ add_error(PyObject *errors_module, PyObject *codes_dict,
 static int
 add_errors_module(PyObject *mod)
 {
+    // add_submodule() returns a borrowed ref.
     PyObject *errors_module = add_submodule(mod, MODULE_NAME ".errors");
     if (errors_module == NULL) {
         return -1;
     }
 
     PyObject *codes_dict = PyDict_New();
+    if (codes_dict == NULL) {
+        return -1;
+    }
     PyObject *rev_codes_dict = PyDict_New();
-    if (codes_dict == NULL || rev_codes_dict == NULL) {
+    if (rev_codes_dict == NULL) {
         goto error;
     }
 
@@ -1796,19 +1800,17 @@ add_errors_module(PyObject *mod)
         goto error;
     }
 
-    Py_INCREF(codes_dict);
-    if (PyModule_AddObject(errors_module, "codes", codes_dict) < 0) {
-        Py_DECREF(codes_dict);
+    int rc = PyModule_AddObjectRef(errors_module, "codes", codes_dict);
+    Py_CLEAR(codes_dict);
+    if (rc < 0) {
         goto error;
     }
-    Py_CLEAR(codes_dict);
 
-    Py_INCREF(rev_codes_dict);
-    if (PyModule_AddObject(errors_module, "messages", rev_codes_dict) < 0) {
-        Py_DECREF(rev_codes_dict);
+    rc = PyModule_AddObjectRef(errors_module, "messages", rev_codes_dict);
+    Py_CLEAR(rev_codes_dict);
+    if (rc < 0) {
         goto error;
     }
-    Py_CLEAR(rev_codes_dict);
 
     return 0;

More information about the Python-checkins mailing list