From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Date: Wed, 15 Aug 2018 07:08:29 +0000 (-0400)
Subject: closes bpo-34400: Fix undefined behavior in parsetok(). (GH-4439)
X-Git-Tag: v3.6.7rc1~106
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=981aa46dce926ce54ec1a2adbb73d1f405ef66ff;p=thirdparty%2FPython%2Fcpython.git

closes bpo-34400: Fix undefined behavior in parsetok(). (GH-4439)


Avoid undefined pointer arithmetic with NULL.
(cherry picked from commit 7c4ab2afb17b99eb3f61f9c73cbd548b5e0ad2c0)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
---

diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst b/Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst
new file mode 100644
index 000000000000..768f5a26c1a6
--- /dev/null
+++ b/Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst	
@@ -0,0 +1 @@
+Fix undefined behavior in parsetok.c.  Patch by Zackery Spytz.
diff --git a/Parser/parsetok.c b/Parser/parsetok.c
index 00d741d2217e..b9c9fe8fa8c2 100644
--- a/Parser/parsetok.c
+++ b/Parser/parsetok.c
@@ -225,7 +225,7 @@ parsetok(struct tok_state *tok, grammar *g, int start, perrdetail *err_ret,
         }
         else
             started = 1;
-        len = b - a; /* XXX this may compute NULL - NULL */
+        len = (a != NULL && b != NULL) ? b - a : 0;
         str = (char *) PyObject_MALLOC(len + 1);
         if (str == NULL) {
             err_ret->error = E_NOMEM;