Commit Graph

6306 Commits

Author SHA1 Message Date
Victor Stinner 9e23f0a27c
[3.7] bpo-36389: _PyObject_IsFreed() now also detects uninitialized memory (GH-12770) (GH-12788)
* bpo-36389: _PyObject_IsFreed() now also detects uninitialized memory (GH-12770)

Replace _PyMem_IsFreed() function with _PyMem_IsPtrFreed() inline
function. The function is now way more efficient, it became a simple
comparison on integers, rather than a short loop. It detects also
uninitialized bytes and "forbidden bytes" filled by debug hooks
on memory allocators.

Add unit tests on _PyObject_IsFreed().

(cherry picked from commit 2b00db6855)

* bpo-36389: Change PyMem_SetupDebugHooks() constants (GH-12782)

Modify CLEANBYTE, DEADDYTE and FORBIDDENBYTE constants: use 0xCD,
0xDD and 0xFD, rather than 0xCB, 0xBB and 0xFB, to use the same byte
patterns than Windows CRT debug malloc() and free().

(cherry picked from commit 4c409beb4c)
2019-04-11 22:30:31 +02:00
Miss Islington (bot) bd48280cb6 bpo-24214: Fixed the UTF-8 incremental decoder. (GH-12603) (GH-12627)
The bug occurred when the encoded surrogate character is passed
to the incremental decoder in two chunks.
(cherry picked from commit 7a465cb5ee)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2019-03-30 15:52:41 +02:00
Miss Islington (bot) 03440850e7
bpo-36433: fix confusing error messages in classmethoddescr_call (GH-12556)
https://bugs.python.org/issue36433
(cherry picked from commit 871309c775)

Co-authored-by: Inada Naoki <songofacandy@gmail.com>
2019-03-26 02:47:08 -07:00
Miss Islington (bot) 9dbb09fc27 bpo-36218: Fix handling of heterogeneous values in list.sort (GH-12209) GH-12532)
(cherry picked from commit dd5417afcf)

Co-authored-by: Rémi Lapeyre <remi.lapeyre@henki.fr>
2019-03-25 00:47:55 -07:00
Miss Islington (bot) 74829b7323
bpo-36312: Fix decoders for some code pages. (GH-12369)
(cherry picked from commit c1e2c288f4)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2019-03-20 21:31:57 -07:00
Victor Stinner ea3592d7ef
bpo-36365: Fix compiler warning in structseq.c (GH-12451) 2019-03-20 00:32:11 +01:00
Serhiy Storchaka 783bed4c8d
[3.7] bpo-36254: Fix invalid uses of %d in format strings in C. (GH-12264). (GH-12322)
(cherry picked from commit d53fe5f407)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2019-03-14 10:47:27 +02:00
Miss Islington (bot) e4be2057d4
bpo-36251: Fix format strings used in match_repr() and stdprinter_repr(). (GH-12252)
(cherry picked from commit 8b91edadc0)

Co-authored-by: sth <sth.dev@tejp.de>
2019-03-10 03:52:44 -07:00
Miss Islington (bot) 0e73ea26a5
bpo-33989: Ensure that ms.key_compare is always initialized in list_sort_impl(). (GH-8710)
(cherry picked from commit ebc793d6ac)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
2019-02-21 00:05:22 -08:00
Miss Islington (bot) 64ca728223
bpo-31506: Clarify error messages for object.__new__ and object.__init__ (GH-11641)
`object.__new__` and `object.__init__` do take one argument each,
they just don't take extra user supplied arguments.

Patch by Sanyam Khurana.
(cherry picked from commit 5105483acb)

Co-authored-by: Sanyam Khurana <8039608+CuriousLearner@users.noreply.github.com>
2019-02-19 05:47:13 -08:00
Miss Islington (bot) a7f929db60
bpo-35992: Use PySequence_GetItem only if sq_item is not NULL (GH-11857)
Not using `__class_getitem__()` fallback if there is a non-subcriptable metaclass was caused by a certain asymmetry between how `PySequenceMethods` and `PyMappingMethods` are used in `PyObject_GetItem`. This PR removes this asymmetry. No tests failed, so I assume it was not intentional.
(cherry picked from commit ac28147e78)

Co-authored-by: Ivan Levkivskyi <levkivskyi@gmail.com>
2019-02-17 15:33:04 -08:00
Miss Islington (bot) a78251e2d6
bpo-35961: Fix a crash in slice_richcompare() (GH-11830)
Fix a crash in slice_richcompare(): use strong references rather than
stolen references for the two temporary internal tuples.

The crash (or assertion error) occurred if a garbage collection
occurred during slice_richcompare(), especially while calling
PyObject_RichCompare(t1, t2, op).
(cherry picked from commit dcb68f47f7)

Co-authored-by: Victor Stinner <vstinner@redhat.com>
2019-02-13 03:49:34 -08:00
Miss Islington (bot) cbc7c2c791
bpo-35552: Fix reading past the end in PyUnicode_FromFormat() and PyBytes_FromFormat(). (GH-11276)
Format characters "%s" and "%V" in PyUnicode_FromFormat() and "%s" in PyBytes_FromFormat()
no longer read memory past the limit if precision is specified.
(cherry picked from commit d586ccb04f)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2019-01-12 00:52:55 -08:00
Miss Islington (bot) d39c192559
bpo-33817: Fix _PyBytes_Resize() for empty bytes object. (GH-11516)
Add also tests for PyUnicode_FromFormat() and PyBytes_FromFormat()
with empty result.
(cherry picked from commit 44cc4822bb)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2019-01-11 23:40:09 -08:00
Miss Islington (bot) 9a413faa87
bpo-35560: Remove assertion from format(float, "n") (GH-11288)
Fix an assertion error in format() in debug build for floating point
formatting with "n" format, zero padding and small width. Release build is
not impacted. Patch by Karthikeyan Singaravelan.
(cherry picked from commit 3f7983a25a)

Co-authored-by: Xtreak <tir.karthi@gmail.com>
2019-01-07 07:26:20 -08:00
Miss Islington (bot) a5955b0895
closes bpo-35623: Fix integer overflow when sorting large lists (GH-11380)
There is already a `Py_ssize_t i` defined at function scope that is used
for similar loops. By removing the local `int i` declaration that `i` is
used, which has the appropriate type.
(cherry picked from commit f8b534477a)

Co-authored-by: sth <sth.dev@tejp.de>
2019-01-01 18:25:23 -08:00
Miss Islington (bot) cb272843f2
bpo-35504: Fix segfaults and SystemErrors when deleting certain attrs. (GH-11175)
(cherry picked from commit 842acaab13)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
2018-12-17 07:10:20 -08:00
Serhiy Storchaka 3cae16d2e9
bpo-35444: Fix error handling when fail to look up builtin "getattr". (GH-11047) (GH-11107)
(cherry picked from commit bb86bf4c4e)
2018-12-11 10:51:27 +02:00
Miss Islington (bot) 62674f3a36
bpo-35454: Fix miscellaneous minor issues in error handling. (GH-11077)
* bpo-35454: Fix miscellaneous minor issues in error handling.

* Fix a null pointer dereference.
(cherry picked from commit 8905fcc85a)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2018-12-10 23:05:13 -08:00
Zackery Spytz 602d307ac5 bpo-35436: Add missing PyErr_NoMemory() calls and other minor bug fixes. (GH-11015) (GH-11020)
(cherry picked from commit 4c49da0cb7)
2018-12-07 14:17:43 +02:00
Miss Islington (bot) bdeb56cd21
bpo-35372: Fix the code page decoder for input > 2 GiB. (GH-10848)
(cherry picked from commit 4013c17911)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2018-12-03 01:09:11 -08:00
Miss Islington (bot) 1659c08d5d
bpo-33012: Fix more invalid function cast warnings with gcc 8. (GH-10751)
Fix warnings with gcc 8 for wrapperfunc <-> wrapperfunc_kwds casts.
(cherry picked from commit 1c607155c9)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2018-11-29 06:27:49 -08:00
Victor Stinner 85ab974f78
bpo-34523, bpo-35322: Fix unicode_encode_locale() (GH-10759) (GH-10761)
Fix memory leak in PyUnicode_EncodeLocale() and
PyUnicode_EncodeFSDefault() on error handling.

Fix unicode_encode_locale() error handling.

(cherry picked from commit bde9d6bbb4)
2018-11-28 12:42:40 +01:00
Serhiy Storchaka ad8ac54aa3
bpo-33012: Fix signatures of METH_NOARGS functions. (GH-10736) (GH-10748)
(cherry picked from commit 81524022d0)
2018-11-27 20:27:47 +02:00
Miss Islington (bot) 5ceb7018dc
bpo-33029: Fix signatures of getter and setter functions. (GH-10746)
Fix also return type for few other functions (clear, releasebuffer).
(cherry picked from commit d4f9cf5545)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2018-11-27 09:58:07 -08:00
Victor Stinner 7f9fb0f345
bpo-33954: Rewrite FILL() macro of unicodeobject.c (GH-10738)
Copy code from master: add assertions on start and value, replace 'i'
iterator with 'end' pointer for the loop stop condition.

_PyUnicode_FastFill(): fix type of 'data', it must not be constant,
since data is modified by FILL().
2018-11-27 12:42:04 +01:00
Victor Stinner 6f5fa1b4be
bpo-33954: Fix _PyUnicode_InsertThousandsGrouping() (GH-10623) (GH-10718)
Fix str.format(), float.__format__() and complex.__format__() methods
for non-ASCII decimal point when using the "n" formatter.

Rewrite _PyUnicode_InsertThousandsGrouping(): it now requires
a _PyUnicodeWriter object for the buffer and a Python str object
for digits.

(cherry picked from commit 59423e3ddd)
2018-11-26 14:17:01 +01:00
Victor Stinner 95036ea25d
[3.7] bpo-9263: _PyObject_Dump() detects freed memory (GH-10061) (GH-10662)
* bpo-9263: _PyObject_Dump() detects freed memory (GH-10061)

_PyObject_Dump() now uses an heuristic to check if the object memory
has been freed: log "<freed object>" in that case.

The heuristic rely on the debug hooks on Python memory allocators
which fills the memory with DEADBYTE (0xDB) when memory is
deallocated. Use PYTHONMALLOC=debug to always enable these debug
hooks.

(cherry picked from commit 82af0b63b0)

* bpo-9263: Fix _PyObject_Dump() for freed object (#10661)

If _PyObject_Dump() detects that the object is freed, don't try to
dump it (exit immediately).

Enhance also _PyObject_IsFreed(): it now detects if the pointer
itself looks like freed memory.

(cherry picked from commit 2cf5d32fd9)
2018-11-22 17:15:37 +01:00
Miss Islington (bot) ae02a929dd
bpo-35269: Fix a possible segfault involving a newly-created coroutine (GH-10585)
coro->cr_origin wasn't initialized if compute_cr_origin() failed in
PyCoro_New(), which would cause a crash during the coroutine's
deallocation.

https://bugs.python.org/issue35269
(cherry picked from commit 062a57bf4b)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
2018-11-18 08:58:20 -08:00
Miss Islington (bot) 9fbcb1402e
[3.7] bpo-35214: Fix OOB memory access in unicode escape parser (GH-10506) (GH-10522)
Discovered using clang's MemorySanitizer when it ran python3's
test_fstring test_misformed_unicode_character_name.

An msan build will fail by simply executing: ./python -c 'u"\N"'
(cherry picked from commit 746b2d35ea)


Co-authored-by: Gregory P. Smith <greg@krypto.org>


https://bugs.python.org/issue35214
2018-11-13 16:39:36 -08:00
Miss Islington (bot) f6602f9266
bpo-35214: Add _Py_ prefix to MEMORY_SANITIZER def. (GH-10503)
Rename our new MEMORY_SANITIZER define to _Py_MEMORY_SANITIZER.
Project based C Preprocessor namespacing at its finest. :P
(cherry picked from commit 3015fb8ce4)

Co-authored-by: Gregory P. Smith <greg@krypto.org>
2018-11-12 22:20:21 -08:00
Miss Islington (bot) f0b21e18d8
Disable getc_unlocked() with MemorySanitizer. (GH-10499)
clang's MemorySanitizer understand getc() but does not understand
getc_unlocked().  Workaround: Don't use it on msan builds.
(cherry picked from commit e6c77d8301)

Co-authored-by: Gregory P. Smith <greg@krypto.org>
2018-11-12 19:59:29 -08:00
Miss Islington (bot) 1ec5781a09
closes bpo-35204: Disable thread and memory sanitizers for address_in_range(). (GH-10442)
This function may access memory which is mapped but is considered
free by libc allocator. It behaves so by design, therefore we
need to suppress sanitizer reports.

GCC doesn't support MSan, so disable only TSan for it.
(cherry picked from commit fd3a91cbf9)

Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
2018-11-11 15:44:34 -08:00
Miss Islington (bot) da15389fdd
Fix a possible crash in range.__reversed__(). (GH-10252)
(cherry picked from commit c9a6168924)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
2018-10-31 02:31:29 -07:00
Miss Islington (bot) 7f34d55023
bpo-34973: Fix crash in bytes constructor. (GH-9841)
Constructing bytes from mutating list could cause a crash.
(cherry picked from commit 914f9a078f)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2018-10-21 05:55:52 -07:00
Serhiy Storchaka 861d34eee3
bpo-33712: OrderedDict only creates od_fast_nodes cache if needed (GH-7349). (GH-10000)
(cherry picked from commit 6f17e51345)
2018-10-20 11:24:05 +03:00
Miss Islington (bot) dcd56f615e
bpo-34574: Prevent OrderedDict iterators from exhaustion during pickling. (GH-9051)
(cherry picked from commit a5259fb05d)

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
2018-10-19 22:54:09 -07:00
Miss Islington (bot) 6665802549 bpo-1621: Avoid signed integer overflow in set_table_resize() (GH-9059) (GH-9198)
Address a C undefined behavior signed integer overflow issue in set object table resizing.  Our -fwrapv compiler flag and practical reasons why sets are unlikely to get this large should mean this was never an issue but it was incorrect code that generates code analysis warnings.

Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
2018-10-20 00:50:34 +02:00
Miss Islington (bot) 1370832af2
bpo-34974: Do not replace unexpected errors in bytes() and bytearray(). (GH-9852)
bytes and bytearray constructors converted unexpected exceptions
(e.g. MemoryError and KeyboardInterrupt) to TypeError.
(cherry picked from commit e890421e33)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2018-10-14 14:26:28 -07:00
Miss Islington (bot) 49fb49d6f5
bpo-34910: Ensure that PyObject_Print() always returns -1 on error. (GH-9733)
(cherry picked from commit ae62f01524)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
2018-10-06 00:07:12 -07:00
Miss Islington (bot) 1596fea0a3
bpo-34899: Fix a possible assertion failure due to int_from_bytes_impl() (GH-9705)
The _PyLong_FromByteArray() call in int_from_bytes_impl() was
unchecked.
(cherry picked from commit 7bb9cd0a67)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
2018-10-05 14:28:56 -07:00
Miss Islington (bot) 063755c201
bpo-34879: Fix a possible null pointer dereference in bytesobject.c (GH-9683)
formatfloat() was not checking if PyBytes_FromStringAndSize()
failed, which could lead to a null pointer dereference in
_PyBytes_FormatEx().
(cherry picked from commit 96c5932794)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
2018-10-02 23:33:42 -07:00
Miss Islington (bot) 12e3e80241
bpo-34320: Fix dict(o) didn't copy order of dict subclass (GH-8624)
When dict subclass overrides order (`__iter__()`, `keys()`, and `items()`), `dict(o)`
should use it instead of dict ordering.

https://bugs.python.org/issue34320
(cherry picked from commit 2aaf98c16a)

Co-authored-by: INADA Naoki <methane@users.noreply.github.com>
2018-09-25 21:17:52 -07:00
Benjamin Peterson 4d5d219a7a
[3.7] Fix misleading mentions of tp_size in comments. (GH-9136)
Many type object initializations labeled a field "tp_size" in the
comment, but the name of that field is tp_basicsize..
(cherry picked from commit 0e0bc4e221)

Co-authored-by: Peter Eisentraut <peter@eisentraut.org>
2018-09-10 10:22:55 -07:00
Miss Islington (bot) f862f3abae
bpo-25750: fix refcounts in type_getattro() (GH-6118)
When calling tp_descr_get(self, obj, type), make sure that
we own a strong reference to "self".
(cherry picked from commit 8f735485ac)

Co-authored-by: jdemeyer <jdemeyer@cage.ugent.be>
2018-09-07 00:50:35 -07:00
Miss Islington (bot) d6725fcdd5
closes bpo-34504: Remove the useless NULL check in PySequence_Check(). (GH-8935)
Reported by Svace static analyzer.
(cherry picked from commit b57b4ac042)

Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
2018-08-25 20:03:48 -04:00
Miss Islington (bot) 15dadacabf
closes bpo-34501: PyType_FromSpecWithBases: Check spec->name before dereferencing it. (GH-8930)
Reported by Svace static analyzer.
(cherry picked from commit 5f79b50763)

Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
2018-08-25 15:11:29 -04:00
Miss Islington (bot) 46af206ea4
closes bpo-34493: Objects/genobject.c: Add missing NULL check to compute_cr_origin() (GH-8911)
(cherry picked from commit 8fdd331bbf)

Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
2018-08-25 03:36:34 -04:00
Miss Islington (bot) d9e1abf8d3
closes bpo-34468: Objects/rangeobject.c: Fix an always-false condition in range_repr() (GH-8880)
Also, propagate the error from PyNumber_AsSsize_t() because we don't care
only about OverflowError which is not reported if the second argument is NULL.

Reported by Svace static analyzer.
(cherry picked from commit 7ecae3ca0b)

Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
2018-08-24 01:34:06 -04:00
Miss Islington (bot) 609062a23f
closes bpo-34477: Objects/typeobject.c: Add missing NULL check to type_init() (GH-8876)
Reported by Svace static analyzer.
(cherry picked from commit f6247aac08)

Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
2018-08-24 00:38:16 -04:00