From 063755c20184e80f587d522600536d1ba70a5f7e Mon Sep 17 00:00:00 2001 From: "Miss Islington (bot)" <31488909+miss-islington@users.noreply.github.com> Date: Tue, 2 Oct 2018 23:33:42 -0700 Subject: [PATCH] bpo-34879: Fix a possible null pointer dereference in bytesobject.c (GH-9683) formatfloat() was not checking if PyBytes_FromStringAndSize() failed, which could lead to a null pointer dereference in _PyBytes_FormatEx(). (cherry picked from commit 96c593279400693226d5a560c420ae0fcf1731b9) Co-authored-by: Zackery Spytz --- .../Core and Builtins/2018-10-02-22-55-11.bpo-34879.7VNH2a.rst | 2 ++ Objects/bytesobject.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 Misc/NEWS.d/next/Core and Builtins/2018-10-02-22-55-11.bpo-34879.7VNH2a.rst diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-10-02-22-55-11.bpo-34879.7VNH2a.rst b/Misc/NEWS.d/next/Core and Builtins/2018-10-02-22-55-11.bpo-34879.7VNH2a.rst new file mode 100644 index 000000000000..5775a219a273 --- /dev/null +++ b/Misc/NEWS.d/next/Core and Builtins/2018-10-02-22-55-11.bpo-34879.7VNH2a.rst @@ -0,0 +1,2 @@ +Fix a possible null pointer dereference in bytesobject.c. Patch by Zackery +Spytz. diff --git a/Objects/bytesobject.c b/Objects/bytesobject.c index 82a75457708b..32ff5afe3e02 100644 --- a/Objects/bytesobject.c +++ b/Objects/bytesobject.c @@ -448,7 +448,7 @@ formatfloat(PyObject *v, int flags, int prec, int type, result = PyBytes_FromStringAndSize(p, len); PyMem_Free(p); *p_result = result; - return str; + return result != NULL ? str : NULL; } static PyObject * -- 2.47.3