From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Date: Sun, 18 Nov 2018 16:58:20 +0000 (-0800)
Subject: bpo-35269: Fix a possible segfault involving a newly-created coroutine (GH-10585)
X-Git-Tag: v3.7.2rc1~123
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ae02a929ddd748b67b3e6f6c6665267f031142e7;p=thirdparty%2FPython%2Fcpython.git

bpo-35269: Fix a possible segfault involving a newly-created coroutine (GH-10585)


coro->cr_origin wasn't initialized if compute_cr_origin() failed in
PyCoro_New(), which would cause a crash during the coroutine's
deallocation.

https://bugs.python.org/issue35269
(cherry picked from commit 062a57bf4b768ef726975bcc1d34398387520147)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
---

diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst b/Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst
new file mode 100644
index 000000000000..0076346f4b6c
--- /dev/null
+++ b/Misc/NEWS.d/next/Core and Builtins/2018-11-17-10-18-29.bpo-35269.gjm1LO.rst	
@@ -0,0 +1,2 @@
+Fix a possible segfault involving a newly-created coroutine.  Patch by
+Zackery Spytz.
diff --git a/Objects/genobject.c b/Objects/genobject.c
index e91d11114d3e..793a809b8428 100644
--- a/Objects/genobject.c
+++ b/Objects/genobject.c
@@ -1166,11 +1166,11 @@ PyCoro_New(PyFrameObject *f, PyObject *name, PyObject *qualname)
         ((PyCoroObject *)coro)->cr_origin = NULL;
     } else {
         PyObject *cr_origin = compute_cr_origin(origin_depth);
+        ((PyCoroObject *)coro)->cr_origin = cr_origin;
         if (!cr_origin) {
             Py_DECREF(coro);
             return NULL;
         }
-        ((PyCoroObject *)coro)->cr_origin = cr_origin;
     }
 
     return coro;