Hi Elmir,
On Sun, Dec 13, 2015 at 10:19 PM, Elmir Jagudin <el...@unity3d.com> wrote:
> The error happens in the python-ldap C code that converts ["uid", "cn"]
> array to char **.
>
> In this file:
> http://python-ldap.cvs.sourceforge.net/viewvc/python-ldap/python-ldap/Modules/LDAPObject.c?revision=1.91&view=markup
>
> in function attrs_from_List() there is this code (lines 289-290):
>
> 289: attrs[i] = PyString_AsString(item);
> 290: Py_DECREF(item);
>
> On line 289 the assigned string is correct, however after executing line
> 290, the string will be corrupted.
>
> I have noticed that under cpython, the refcount for 'item' is larger then 1.
> However under pypy it is always 1, and I guess after decreasing it, the
> 'item' is freed, and attrs[i] pointer becomes invalid.
Ok. However the sentence "under CPython the refcount for 'item' is
larger than 1" is not true in all cases. It is true for simple lists
or tuples, but not for more complex types. That means that you can
probably get already-freed strings under CPython too. Try for
example:
class CustomSeq(object):
def __getitem__(self, i):
return str(i) # returns a refcount=1 result
def __len__(self):
return 2
res = l.search_s(BASE_DN,
ldap.SCOPE_SUBTREE,
FILTER,
CustomSeq())
So it means it's really a bug of python-ldap, which just happens to
crash more often on PyPy than on CPython. It should be fixed there.
A bientôt,
Armin.
_______________________________________________
pypy-dev mailing list
pypy-dev@python.org
https://mail.python.org/mailman/listinfo/pypy-dev
