core.git: external/python3

Wed, 18 Jun 2025 03:45:06 -0700 

 external/python3/ubsan.patch.0 |   14 ++++++++++++++
 1 file changed, 14 insertions(+)

New commits:
commit fcaef01faf166db1f1609ac7227b9a795408296a
Author:     Stephan Bergmann <stephan.bergm...@collabora.com>
AuthorDate: Wed Jun 18 10:18:47 2025 +0200
Commit:     Stephan Bergmann <stephan.bergm...@allotropia.de>
CommitDate: Wed Jun 18 12:44:34 2025 +0200

    external/python3: Silence pointer-overflow
    
    ...as seen after 528cdd6573748d01c9d99ca3710a808866281921 "python3: upgrade 
to
    3.12.11 (master only)" at <https://ci.libreoffice.org/job/lo_ubsan/3595/>,
    
    > Parser/tokenizer.c:376:37: runtime error: pointer index expression with 
base 0x62500084d120 overflowed to 0xfffffffffffee800
    >     #0 0xa65ab9 in restore_fstring_buffers 
/workdir/UnpackedTarball/python3/Parser/tokenizer.c:376:37
    >     #1 0xa64eda in tok_reserve_buf 
/workdir/UnpackedTarball/python3/Parser/tokenizer.c:552:5
    >     #2 0xa68b1e in tok_readline_raw 
/workdir/UnpackedTarball/python3/Parser/tokenizer.c:1014:10
    >     #3 0xa60cbc in tok_underflow_file 
/workdir/UnpackedTarball/python3/Parser/tokenizer.c:1227:10
    >     #4 0xa548d6 in tok_nextc 
/workdir/UnpackedTarball/python3/Parser/tokenizer.c:1367:12
    >     #5 0xa4b4dd in tok_get_normal_mode 
/workdir/UnpackedTarball/python3/Parser/tokenizer.c:2423:11
    >     #6 0xa390b7 in tok_get 
/workdir/UnpackedTarball/python3/Parser/tokenizer.c:2856:12
    >     #7 0xa38e5c in _PyTokenizer_Get 
/workdir/UnpackedTarball/python3/Parser/tokenizer.c:2863:16
    >     #8 0x504d53 in _PyPegen_fill_token 
/workdir/UnpackedTarball/python3/Parser/pegen.c:298:16
    >     #9 0x50af1c in _PyPegen_expect_token 
/workdir/UnpackedTarball/python3/Parser/pegen.c:455:13
    >     #10 0x55a2d5 in _tmp_7_rule 
/workdir/UnpackedTarball/python3/Parser/parser.c:25394:25
    >     #11 0x50acba in _PyPegen_lookahead 
/workdir/UnpackedTarball/python3/Parser/pegen.c:446:24
    >     #12 0x5510cc in compound_stmt_rule 
/workdir/UnpackedTarball/python3/Parser/parser.c:2075:13
    >     #13 0x54ed4a in statement_rule 
/workdir/UnpackedTarball/python3/Parser/parser.c:1403:18
    >     #14 0x54d056 in _loop1_3_rule 
/workdir/UnpackedTarball/python3/Parser/parser.c:25157:30
    >     #15 0x54b9b2 in statements_rule 
/workdir/UnpackedTarball/python3/Parser/parser.c:1360:18
    >     #16 0x54645a in file_rule 
/workdir/UnpackedTarball/python3/Parser/parser.c:1162:18
    >     #17 0x5458e3 in _PyPegen_parse 
/workdir/UnpackedTarball/python3/Parser/parser.c:41920:18
    >     #18 0x512537 in _PyPegen_run_parser 
/workdir/UnpackedTarball/python3/Parser/pegen.c:926:17
    >     #19 0x513e5d in _PyPegen_run_parser_from_file_pointer 
/workdir/UnpackedTarball/python3/Parser/pegen.c:998:14
    >     #20 0xa309e6 in _PyParser_ASTFromFile 
/workdir/UnpackedTarball/python3/Parser/peg_api.c:26:12
    >     #21 0x16260ff in pyrun_file 
/workdir/UnpackedTarball/python3/Python/pythonrun.c:1665:11
    >     #22 0x16236e6 in _PyRun_SimpleFileObject 
/workdir/UnpackedTarball/python3/Python/pythonrun.c:459:13
    >     #23 0x1622618 in _PyRun_AnyFileObject 
/workdir/UnpackedTarball/python3/Python/pythonrun.c:78:15
    >     #24 0x175112e in pymain_run_file_obj 
/workdir/UnpackedTarball/python3/Modules/main.c:361:15
    >     #25 0x174f8ec in pymain_run_file 
/workdir/UnpackedTarball/python3/Modules/main.c:380:15
    >     #26 0x174d6ed in pymain_run_python 
/workdir/UnpackedTarball/python3/Modules/main.c:634:21
    >     #27 0x174c140 in Py_RunMain 
/workdir/UnpackedTarball/python3/Modules/main.c:714:5
    >     #28 0x1a75e9b in main 
/workdir/UnpackedTarball/python3/Programs/_bootstrap_python.c:113:12
    >     #29 0x7f018ebcf7e4 in __libc_start_main (/lib64/libc.so.6+0x3a7e4)
    >     #30 0x42509d in _start 
(/workdir/UnpackedTarball/python3/_bootstrap_python+0x42509d)
    >
    > SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior 
Parser/tokenizer.c:376:37 in
    > make[2]: *** [Makefile:1319: Python/frozen_modules/abc.h] Error 1
    > make[2]: Leaving directory 
'/home/tdf/lode/jenkins/workspace/lo_ubsan/workdir/UnpackedTarball/python3'
    > make[1]: *** 
[/home/tdf/lode/jenkins/workspace/lo_ubsan/external/python3/ExternalProject_python3.mk:85:
 
/home/tdf/lode/jenkins/workspace/lo_ubsan/workdir/ExternalProject/python3/build]
 Error 1
    
    Looks like the pair of remember_fstring_buffers and restore_fstring_buffers 
in
    workdir/UnpackedTarball/python3/Parser/tokenizer.c temporarily sets 
pointers to
    deliberately odd values
    
    Change-Id: I700fe42cf95f608b42efa3f70c836782eb41e719
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/186649
    Reviewed-by: Stephan Bergmann <stephan.bergm...@allotropia.de>
    Tested-by: Jenkins

diff --git a/external/python3/ubsan.patch.0 b/external/python3/ubsan.patch.0
index fcaabad569bd..d5320adacef7 100644
--- a/external/python3/ubsan.patch.0
+++ b/external/python3/ubsan.patch.0
@@ -32,3 +32,17 @@
      for (i = 0; i < Py_SIZE(b); i++) {
          PyObject *v = src[i];
          dest[i] = Py_NewRef(v);
+--- Parser/tokenizer.c
++++ Parser/tokenizer.c
+@@ -373,9 +373,9 @@
+ 
+   for (index = tok->tok_mode_stack_index; index >= 0; --index) {
+     mode = &(tok->tok_mode_stack[index]);
+-    mode->f_string_start = tok->buf + mode->f_string_start_offset;
++    mode->f_string_start = (char *) (((intptr_t) tok->buf) + 
mode->f_string_start_offset);
+     mode->f_string_multi_line_start =
+-        tok->buf + mode->f_string_multi_line_start_offset;
++        (char *) (((intptr_t) tok->buf) + 
mode->f_string_multi_line_start_offset);
+   }
+ }
+

Reply via email to