From c6ea8974e2d939223bfd6d64ee13ec89c090d2e0 Mon Sep 17 00:00:00 2001 From: Zackery Spytz Date: Mon, 31 Jul 2017 08:24:37 -0600 Subject: [PATCH] bpo-30640: Fix undefined behavior in _PyFunction_FastCallDict() and PyEval_EvalCodeEx() (#2919) k + 1 was calculated with k = NULL. --- Objects/call.c | 2 +- Python/ceval.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Objects/call.c b/Objects/call.c index c3cc31dba9b..3b08cb25926 100644 --- a/Objects/call.c +++ b/Objects/call.c @@ -374,7 +374,7 @@ _PyFunction_FastCallDict(PyObject *func, PyObject **args, Py_ssize_t nargs, result = _PyEval_EvalCodeWithName((PyObject*)co, globals, (PyObject *)NULL, args, nargs, - k, k + 1, nk, 2, + k, k != NULL ? k + 1 : NULL, nk, 2, d, nd, kwdefs, closure, name, qualname); Py_XDECREF(kwtuple); diff --git a/Python/ceval.c b/Python/ceval.c index 59fc070f9e7..dd90e18a855 100644 --- a/Python/ceval.c +++ b/Python/ceval.c @@ -4220,7 +4220,8 @@ PyEval_EvalCodeEx(PyObject *_co, PyObject *globals, PyObject *locals, { return _PyEval_EvalCodeWithName(_co, globals, locals, args, argcount, - kws, kws + 1, kwcount, 2, + kws, kws != NULL ? kws + 1 : NULL, + kwcount, 2, defs, defcount, kwdefs, closure, NULL, NULL);