gh-99240: Reset pointer to NULL when the pointed memory is freed in argument parsing...

author colorfulappl <colorfulappl@qq.com>

Sat, 17 Dec 2022 06:37:44 +0000 (14:37 +0800)

committer GitHub <noreply@github.com>

Sat, 17 Dec 2022 06:37:44 +0000 (12:07 +0530)
author colorfulappl <colorfulappl@qq.com>
Sat, 17 Dec 2022 06:37:44 +0000 (14:37 +0800)
committer GitHub <noreply@github.com>
Sat, 17 Dec 2022 06:37:44 +0000 (12:07 +0530)
diff --git a/Lib/test/test_capi/test_getargs.py b/Lib/test/test_capi/test_getargs.py

index 1d5c7fbaa1510ae6bac54a70b17bc9b7a05c53f7..3792d1a6515b44ac78670a2bf7cfcdf68d8cf126 100644 (file)
--- a/Lib/test/test_capi/test_getargs.py
+++ b/Lib/test/test_capi/test_getargs.py
@@ -1085,6 +1085,10 @@ class String_TestCase(unittest.TestCase):
          with self.assertWarns(DeprecationWarning):
              self.assertIsNone(getargs_Z_hash(None))
  
+    def test_gh_99240_clear_args(self):
+        from _testcapi import gh_99240_clear_args
+        self.assertRaises(TypeError, gh_99240_clear_args, 'a', '\0b')
+
  
  class Object_TestCase(unittest.TestCase):
      def test_S(self):
diff --git a/Misc/NEWS.d/next/C API/2022-11-30-16-39-22.gh-issue-99240.67nAX-.rst b/Misc/NEWS.d/next/C API/2022-11-30-16-39-22.gh-issue-99240.67nAX-.rst

new file mode 100644 (file)

index 0000000..9a1bb3c
--- /dev/null
+++ b/Misc/NEWS.d/next/C API/2022-11-30-16-39-22.gh-issue-99240.67nAX-.rst
@@ -0,0 +1,2 @@
+In argument parsing, after deallocating newly allocated memory, reset its
+pointer to NULL.
diff --git a/Modules/_testcapi/getargs.c b/Modules/_testcapi/getargs.c

index 25a8e5fe8b605b72926a2e4f433dc978a85275f4..aa201319950de72088547866c48093117acc21e2 100644 (file)
--- a/Modules/_testcapi/getargs.c
+++ b/Modules/_testcapi/getargs.c
@@ -854,6 +854,24 @@ getargs_s_hash_int2(PyObject *self, PyObject *args, PyObject *kwargs)
      Py_RETURN_NONE;
  }
  
+static PyObject *
+gh_99240_clear_args(PyObject *self, PyObject *args)
+{
+    char *a = NULL;
+    char *b = NULL;
+
+    if (!PyArg_ParseTuple(args, "eses", "idna", &a, "idna", &b)) {
+        if (a || b) {
+            PyErr_Clear();
+            PyErr_SetString(PyExc_AssertionError, "Arguments are not cleared.");
+        }
+        return NULL;
+    }
+    PyMem_Free(a);
+    PyMem_Free(b);
+    Py_RETURN_NONE;
+}
+
  static PyMethodDef test_methods[] = {
      {"get_args",                get_args,                        METH_VARARGS},
      {"get_kwargs", _PyCFunction_CAST(get_kwargs), METH_VARARGS|METH_KEYWORDS},
@@ -906,6 +924,7 @@ static PyMethodDef test_methods[] = {
      {"test_empty_argparse",     test_empty_argparse,             METH_NOARGS},
      {"test_k_code",             test_k_code,                     METH_NOARGS},
      {"test_s_code",             test_s_code,                     METH_NOARGS},
+    {"gh_99240_clear_args",     gh_99240_clear_args,             METH_VARARGS},
      {NULL},
  };
  
diff --git a/Python/getargs.c b/Python/getargs.c

index 0167dd753d88f7f59cf78f56e525ae4c43ba8f30..66dd90877fe6ff1fc4cdcd270008c1e9515388c0 100644 (file)
--- a/Python/getargs.c
+++ b/Python/getargs.c
@@ -202,9 +202,9 @@ _PyArg_VaParse_SizeT(PyObject *args, const char *format, va_list va)
  static int
  cleanup_ptr(PyObject *self, void *ptr)
  {
-    if (ptr) {
-        PyMem_Free(ptr);
-    }
+    void **pptr = (void **)ptr;
+    PyMem_Free(*pptr);
+    *pptr = NULL;
      return 0;
  }
  
@@ -1116,7 +1116,7 @@ convertsimple(PyObject *arg, const char **p_format, va_list *p_va, int flags,
                      PyErr_NoMemory();
                      RETURN_ERR_OCCURRED;
                  }
-                if (addcleanup(*buffer, freelist, cleanup_ptr)) {
+                if (addcleanup(buffer, freelist, cleanup_ptr)) {
                      Py_DECREF(s);
                      return converterr(
                          "(cleanup problem)",
@@ -1162,7 +1162,7 @@ convertsimple(PyObject *arg, const char **p_format, va_list *p_va, int flags,
                  PyErr_NoMemory();
                  RETURN_ERR_OCCURRED;
              }
-            if (addcleanup(*buffer, freelist, cleanup_ptr)) {
+            if (addcleanup(buffer, freelist, cleanup_ptr)) {
                  Py_DECREF(s);
                  return converterr("(cleanup problem)",
                                  arg, msgbuf, bufsize);
author	colorfulappl <colorfulappl@qq.com>
	Sat, 17 Dec 2022 06:37:44 +0000 (14:37 +0800)
committer	GitHub <noreply@github.com>
	Sat, 17 Dec 2022 06:37:44 +0000 (12:07 +0530)
Lib/test/test_capi/test_getargs.py		patch \| blob \| blame \| history
Misc/NEWS.d/next/C API/2022-11-30-16-39-22.gh-issue-99240.67nAX-.rst	[new file with mode: 0644]	patch \| blob
Modules/_testcapi/getargs.c		patch \| blob \| blame \| history
Python/getargs.c		patch \| blob \| blame \| history