Release date: XX-XXX-XXXX
===========================
+- Fixed a bug in the cache of length-one Unicode strings that could
+ lead to a seg fault. The specific problem occurred when an earlier,
+ non-fatal error left an uninitialized Unicode object in the
+ freelist.
+
- The email package handles some RFC 2231 parameters with missing
CHARSET fields better. It also includes a patch to parameter
parsing when semicolons appear inside quotes.
instead ! */
if (unicode == unicode_empty ||
(unicode->length == 1 &&
- unicode->str[0] < 256 &&
+ /* MvL said unicode->str[] may be signed. Python generally assumes
+ * an int contains at least 32 bits, and we don't use more than
+ * 32 bits even in a UCS4 build, so casting to unsigned int should
+ * be correct.
+ */
+ (unsigned int)unicode->str[0] < 256U &&
unicode_latin1[unicode->str[0]] == unicode)) {
PyErr_SetString(PyExc_SystemError,
"can't resize shared unicode objects");
PyErr_NoMemory();
goto onError;
}
+ /* Initialize the first element to guard against cases where
+ * the caller fails before initializing str -- unicode_resize()
+ * reads str[0], and the Keep-Alive optimization can keep memory
+ * allocated for str alive across a call to unicode_dealloc(unicode).
+ * We don't want unicode_resize to read uninitialized memory in
+ * that case.
+ */
+ unicode->str[0] = 0;
unicode->str[length] = 0;
unicode->length = length;
unicode->hash = -1;
projects / thirdparty / Python / cpython.git / commitdiff
