From: Zackery Spytz <zspytz@gmail.com>
Date: Sun, 18 Nov 2018 16:45:57 +0000 (-0700)
Subject: bpo-35269: Fix a possible segfault involving a newly-created coroutine (GH-10585)
X-Git-Tag: v3.8.0a1~477
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=062a57bf4b768ef726975bcc1d34398387520147;p=thirdparty%2FPython%2Fcpython.git

bpo-35269: Fix a possible segfault involving a newly-created coroutine (GH-10585)



coro->cr_origin wasn't initialized if compute_cr_origin() failed in
PyCoro_New(), which would cause a crash during the coroutine's
deallocation.



https://bugs.python.org/issue35269
---

diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst b/Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst
new file mode 100644
index 000000000000..0076346f4b6c
--- /dev/null
+++ b/Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst	
@@ -0,0 +1,2 @@
+Fix a possible segfault involving a newly-created coroutine.  Patch by
+Zackery Spytz.
diff --git a/Objects/genobject.c b/Objects/genobject.c
index 98c939446e8f..716bd6d067bd 100644
--- a/Objects/genobject.c
+++ b/Objects/genobject.c
@@ -1164,11 +1164,11 @@ PyCoro_New(PyFrameObject *f, PyObject *name, PyObject *qualname)
         ((PyCoroObject *)coro)->cr_origin = NULL;
     } else {
         PyObject *cr_origin = compute_cr_origin(origin_depth);
+        ((PyCoroObject *)coro)->cr_origin = cr_origin;
         if (!cr_origin) {
             Py_DECREF(coro);
             return NULL;
         }
-        ((PyCoroObject *)coro)->cr_origin = cr_origin;
     }
 
     return coro;