Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 60da316

Browse files
nnorwitznnorwitz
committed
Thanks to Coverity, these were all reported by their Prevent tool.
All of these (except _lsprof.c) should be backported. Particularly the hotshot change which validates sys.path. Can someone backport?
1 parent e22373d commit 60da316

6 files changed

Lines changed: 25 additions & 2 deletions

File tree

Lib/test/test_hotshot.py

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,19 @@ def test_start_stop(self):
107107
profiler.close()
108108
os.unlink(self.logfn)
109109

110+
def test_bad_sys_path(self):
111+
import sys
112+
orig_path = sys.path
113+
coverage = hotshot._hotshot.coverage
114+
try:
115+
# verify we require a list for sys.path
116+
sys.path = 'abc'
117+
self.assertRaises(RuntimeError, coverage, test_support.TESTFN)
118+
# verify sys.path exists
119+
del sys.path
120+
self.assertRaises(RuntimeError, coverage, test_support.TESTFN)
121+
finally:
122+
sys.path = orig_path
110123

111124
def test_main():
112125
test_support.run_unittest(HotShotTestCase)

Modules/_hotshot.c

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -473,6 +473,8 @@ logreader_tp_iternext(LogReaderObject *self)
473473
}
474474
else if (!err) {
475475
result = PyTuple_New(4);
476+
if (result == NULL)
477+
return NULL;
476478
PyTuple_SET_ITEM(result, 0, PyInt_FromLong(what));
477479
PyTuple_SET_ITEM(result, 2, PyInt_FromLong(fileno));
478480
if (s1 == NULL)
@@ -1455,6 +1457,10 @@ write_header(ProfilerObject *self)
14551457
getcwd(cwdbuffer, sizeof cwdbuffer));
14561458

14571459
temp = PySys_GetObject("path");
1460+
if (temp == NULL || !PyList_Check(temp)) {
1461+
PyErr_SetString(PyExc_RuntimeError, "sys.path must be a list");
1462+
return -1;
1463+
}
14581464
len = PyList_GET_SIZE(temp);
14591465
for (i = 0; i < len; ++i) {
14601466
PyObject *item = PyList_GET_ITEM(temp, i);

Modules/_lsprof.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -850,6 +850,8 @@ init_lsprof(void)
850850
{
851851
PyObject *module, *d;
852852
module = Py_InitModule3("_lsprof", moduleMethods, "Fast profiler");
853+
if (module == NULL)
854+
return;
853855
d = PyModule_GetDict(module);
854856
if (PyType_Ready(&PyProfiler_Type) < 0)
855857
return;

Modules/_sre.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2983,7 +2983,7 @@ match_groupdict(MatchObject* self, PyObject* args, PyObject* kw)
29832983
return result;
29842984

29852985
failed:
2986-
Py_DECREF(keys);
2986+
Py_XDECREF(keys);
29872987
Py_DECREF(result);
29882988
return NULL;
29892989
}

Modules/audioop.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1013,6 +1013,8 @@ audioop_ratecv(PyObject *self, PyObject *args)
10131013
while (d < 0) {
10141014
if (len == 0) {
10151015
samps = PyTuple_New(nchannels);
1016+
if (samps == NULL)
1017+
goto exit;
10161018
for (chan = 0; chan < nchannels; chan++)
10171019
PyTuple_SetItem(samps, chan,
10181020
Py_BuildValue("(ii)",

Modules/regexmodule.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -535,7 +535,7 @@ regex_symcomp(PyObject *self, PyObject *args)
535535

536536
gdict = PyDict_New();
537537
if (gdict == NULL || (npattern = symcomp(pattern, gdict)) == NULL) {
538-
Py_DECREF(gdict);
538+
Py_XDECREF(gdict);
539539
Py_DECREF(pattern);
540540
return NULL;
541541
}

0 commit comments

Comments
 (0)