Issue #3657: Fix uninitialized memory read when pickling longs.

The conversion to the unicode API was incorrect, it should use bytes. repr is a bad variable name. The use is overloaded, but I'll leave that to fix later. R=Brett TESTED=./python -E -tt ./Lib/test/regrtest.py -uall valgrind -q --leak-check=yes --suppressions=Misc/valgrind-python.supp \ ./python -E -tt ./Lib/test/regrtest.py test_pickletools
2008-08-24 23:50:08 +00:00 · 2008-08-24 23:50:08 +00:00 · 6ae2eb268d
parent 6e0e0e6749
commit 6ae2eb268d
2 changed files with 5 additions and 2 deletions
--- a/Misc/NEWS
+++ b/Misc/NEWS
@ -12,6 +12,9 @@ What's New in Python 3.0 release candidate 1
 Core and Builtins
 -----------------

+- Issue #3657: Fix uninitialized memory read when pickling longs.
+  Found by valgrind.
+
 - Apply security patches from Apple.

 - Fix crashes on memory allocation failure found with failmalloc.
--- a/Modules/_pickle.c
+++ b/Modules/_pickle.c
@ -924,10 +924,10 @@ save_long(PicklerObject *self, PyObject *obj)
                            "long too large to pickle");
            goto error;
        }
-        repr = PyUnicode_FromStringAndSize(NULL, (int)nbytes);
+        repr = PyBytes_FromStringAndSize(NULL, (Py_ssize_t)nbytes);
        if (repr == NULL)
            goto error;
-        pdata = (unsigned char *)_PyUnicode_AsString(repr);
+        pdata = (unsigned char *)PyBytes_AS_STRING(repr);
        i = _PyLong_AsByteArray((PyLongObject *)obj,
                                pdata, nbytes,
                                1 /* little endian */ , 1 /* signed */ );