New submission from Alexey Izbyshev <[email protected]>:
In the following snippet from PyType_FromSpecWithBases() in
Objects/typeobject.c, spec->name is dereferenced by strrchr() but then is
checked for NULL:
/* Set the type name and qualname */
s = strrchr(spec->name, '.');
if (s == NULL)
s = (char*)spec->name;
else
s++;
[snip]
type->tp_name = spec->name;
if (!type->tp_name)
goto fail;
This was reported by Svace static analyzer.
If I were to check spec->name first, what error should I report to the caller?
Is something like the following OK?
if (spec->name == NULL) {
PyErr_SetString(PyExc_SystemError,
"Type spec does not define the name field.");
goto fail;
}
----------
components: Interpreter Core
messages: 324073
nosy: berker.peksag, izbyshev, serhiy.storchaka
priority: normal
severity: normal
status: open
title: PyType_FromSpecWithBases: spec->name is dereferenced before checking for
NULL
type: behavior
versions: Python 3.6, Python 3.7, Python 3.8
_______________________________________
Python tracker <[email protected]>
<https://bugs.python.org/issue34501>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
