New submission from Alex CHEN:
In file selectmodule.c
our static code scanner has reported the following case, function set2list is
liable to return NULL (if PyTuple_New failed), would any chance the NULL
pointer be dereferenced (Py_DECREF(fdlist) after set2list) or it would just
raise python exception to handle PyTuple_New error ?
static PyObject *
select_select(PyObject *self, PyObject *args)
{
......
if (n < 0) {
PyErr_SetFromErrno(SelectError);
}
#endif
else {
/* any of these three calls can raise an exception. it's more
convenient to test for this after all three calls... but
is that acceptable?
*/
ifdlist = set2list(&ifdset, rfd2obj); // || <=====
ofdlist = set2list(&ofdset, wfd2obj); // ||
efdlist = set2list(&efdset, efd2obj); // ||
if (PyErr_Occurred())
ret = NULL;
else
ret = PyTuple_Pack(3, ifdlist, ofdlist, efdlist);
Py_DECREF(ifdlist);
Py_DECREF(ofdlist);
Py_DECREF(efdlist);
----------
messages: 289967
nosy: alexc
priority: normal
severity: normal
status: open
title: Need a look for return value checking [selectmodule.c]
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue29874>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
