subject:"\[issue34229\] Possible access to unintended variable in \"cpython\/Objects\/sliceobject.c\" line 116"

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

2018-07-26 Thread Serhiy Storchaka



Serhiy Storchaka  added the comment:

Thank you for your PR Karthikeyan!

--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

2018-07-26 Thread Serhiy Storchaka



Serhiy Storchaka  added the comment:


New changeset 2bea7716093012319b5e6a4260fe802b15031f21 by Serhiy Storchaka 
(Xtreak) in branch '2.7':
bpo-34229: Check start and stop of slice object to be long when they are not 
int in PySlice_GetIndices (GH-8480)
https://github.com/python/cpython/commit/2bea7716093012319b5e6a4260fe802b15031f21


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

2018-07-26 Thread Karthikeyan Singaravelan



Change by Karthikeyan Singaravelan :


--
keywords: +patch
pull_requests: +8003
stage: needs patch -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

2018-07-26 Thread Serhiy Storchaka



Serhiy Storchaka  added the comment:

You need to expose it in the _testcapi module as Python function.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

2018-07-26 Thread Karthikeyan Singaravelan


Karthikeyan Singaravelan  added the comment:

Is there a way to test this or trigger this code using Python syntax? 

`slice(start, stop, step).indices()` uses slice_indices in 
Objects/sliceobject.c . I checked the function docs 
https://docs.python.org/2.7/c-api/slice.html#c.PySlice_GetIndices and it states 
below

> You probably do not want to use this function. If you want to use slice 
> objects in versions of Python prior to 2.3, you would probably do well to 
> incorporate the source of PySlice_GetIndicesEx(), suitably renamed, in the 
> source of your extension.

I couldn't see it's usage too anywhere and with Python 3 we have all integers 
are implemented as “long” integer objects of arbitrary size and can see only 
PyLong_Check at 
https://github.com/python/cpython/blob/master/Objects/sliceobject.c#L178

Thanks

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

2018-07-25 Thread Karthikeyan Singaravelan



Change by Karthikeyan Singaravelan :


--
nosy: +xtreak

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

2018-07-25 Thread Serhiy Storchaka



Serhiy Storchaka  added the comment:

Good catch!

--
components: +Interpreter Core
keywords: +easy (C)
nosy: +serhiy.storchaka
stage:  -> needs patch
type:  -> behavior

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

2018-07-25 Thread Petru-Florin Mihancea



New submission from Petru-Florin Mihancea :

While experimenting with a CodeSonar plugin we develop, we noticed a potential 
bug in file "cpython/Objects/sliceobject.c" line 116 function 
PySlice_GetIndices.

if (r->start == Py_None) {
*start = *step < 0 ? length-1 : 0;
} else {
if (!PyInt_Check(r->start) && !PyLong_Check(r->step)) return -1;//HERE
*start = PyInt_AsSsize_t(r->start);
if (*start < 0) *start += length;
}

Shouldn't start field of r be used in the second check (instead of step)?

In a related potential issue, in line 123, shouldn't r->stop be checked in the 
second verification?

Thanks,
Petru Florin Mihancea

--
messages: 322394
nosy: pet...@gmail.com
priority: normal
severity: normal
status: open
title: Possible access to unintended variable in 
"cpython/Objects/sliceobject.c" line 116
versions: Python 2.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

[issue34229] Possible access to unintended variable in "cpython/Objects/sliceobject.c" line 116

8 matches

Site Navigation

Mail list logo

Footer information