From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Date: Mon, 6 Apr 2026 12:22:33 +0000 (+0200) Subject: [3.14] gh-148157: Check for `_PyPegen_add_type_comment_to_arg` fail in `_PyPegen_name... X-Git-Tag: v3.14.4~6 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=40a0a94700b82b80e546336f1b80cf765a25bbca;p=thirdparty%2FPython%2Fcpython.git [3.14] gh-148157: Check for `_PyPegen_add_type_comment_to_arg` fail in `_PyPegen_name_default_pair` (GH-148158) (#148162) (cherry picked from commit 1795fccfbc7ccb89ead5c529b2f55f54622d1314) Co-authored-by: Stan Ulbrych --- diff --git a/Lib/test/test_type_comments.py b/Lib/test/test_type_comments.py index dd2e67841651..d827ac271085 100644 --- a/Lib/test/test_type_comments.py +++ b/Lib/test/test_type_comments.py @@ -398,6 +398,9 @@ class TypeCommentTests(unittest.TestCase): with self.assertRaises(UnicodeDecodeError): _testcapi.Py_CompileStringExFlags( b"a=1 # type: \x80", "", 256, flags) + with self.assertRaises(UnicodeDecodeError): + _testcapi.Py_CompileStringExFlags( + b"def a(f=8, #type: \x80\n\x80", "", 256, flags) def test_func_type_input(self): diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2026-04-06-11-15-46.gh-issue-148157.JFnZDn.rst b/Misc/NEWS.d/next/Core_and_Builtins/2026-04-06-11-15-46.gh-issue-148157.JFnZDn.rst new file mode 100644 index 000000000000..6565291eb998 --- /dev/null +++ b/Misc/NEWS.d/next/Core_and_Builtins/2026-04-06-11-15-46.gh-issue-148157.JFnZDn.rst @@ -0,0 +1,2 @@ +Fix an unlikely crash when parsing an invalid type comments for function +parameters. Found by OSS Fuzz in :oss-fuzz:`492782951`. diff --git a/Parser/action_helpers.c b/Parser/action_helpers.c index 57e46b4399c6..a24744d77eab 100644 --- a/Parser/action_helpers.c +++ b/Parser/action_helpers.c @@ -435,6 +435,9 @@ _PyPegen_name_default_pair(Parser *p, arg_ty arg, expr_ty value, Token *tc) return NULL; } a->arg = _PyPegen_add_type_comment_to_arg(p, arg, tc); + if (!a->arg) { + return NULL; + } a->value = value; return a; }