From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Date: Wed, 3 Oct 2018 06:33:42 +0000 (-0700)
Subject: bpo-34879: Fix a possible null pointer dereference in bytesobject.c (GH-9683)
X-Git-Tag: v3.7.1rc2~35
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=063755c20184e80f587d522600536d1ba70a5f7e;p=thirdparty%2FPython%2Fcpython.git

bpo-34879: Fix a possible null pointer dereference in bytesobject.c (GH-9683)


formatfloat() was not checking if PyBytes_FromStringAndSize()
failed, which could lead to a null pointer dereference in
_PyBytes_FormatEx().
(cherry picked from commit 96c593279400693226d5a560c420ae0fcf1731b9)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
---

diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-10-02-22-55-11.bpo-34879.7VNH2a.rst b/Misc/NEWS.d/next/Core and Builtins/2018-10-02-22-55-11.bpo-34879.7VNH2a.rst
new file mode 100644
index 000000000000..5775a219a273
--- /dev/null
+++ b/Misc/NEWS.d/next/Core and Builtins/2018-10-02-22-55-11.bpo-34879.7VNH2a.rst	
@@ -0,0 +1,2 @@
+Fix a possible null pointer dereference in bytesobject.c.  Patch by Zackery
+Spytz.
diff --git a/Objects/bytesobject.c b/Objects/bytesobject.c
index 82a75457708b..32ff5afe3e02 100644
--- a/Objects/bytesobject.c
+++ b/Objects/bytesobject.c
@@ -448,7 +448,7 @@ formatfloat(PyObject *v, int flags, int prec, int type,
     result = PyBytes_FromStringAndSize(p, len);
     PyMem_Free(p);
     *p_result = result;
-    return str;
+    return result != NULL ? str : NULL;
 }
 
 static PyObject *