Issue #6697: Fixed instances of _PyUnicode_AsString() result not checked for NULL

abalkin · abalkin · commit e239d23e8cc6 · 2010-12-08T23:31:48.000Z
diff --git a/Lib/test/datetimetester.py b/Lib/test/datetimetester.py
@@ -2508,11 +2508,17 @@ def test_zones(self):
 
         # Check that an invalid tzname result raises an exception.
         class Badtzname(tzinfo):
-            def tzname(self, dt): return 42
+            tz = 42
+            def tzname(self, dt): return self.tz
         t = time(2, 3, 4, tzinfo=Badtzname())
         self.assertEqual(t.strftime("%H:%M:%S"), "02:03:04")
         self.assertRaises(TypeError, t.strftime, "%Z")
 
+        # Issue #6697:
+        if '_Fast' in str(type(self)):
+            Badtzname.tz = '\ud800'
+            self.assertRaises(ValueError, t.strftime, "%Z")
+
     def test_hash_edge_cases(self):
         # Offsets that overflow a basic time.
         t1 = self.theclass(0, 1, 2, 3, tzinfo=FixedOffset(1439, ""))
diff --git a/Lib/test/test_pyexpat.py b/Lib/test/test_pyexpat.py
@@ -203,6 +203,8 @@ def test_unicode(self):
 
         operations = out.out
         self._verify_parse_output(operations)
+        # Issue #6697.
+        self.assertRaises(AttributeError, getattr, parser, '\uD800')
 
     def test_parse_file(self):
         # Try parsing a file
diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py
@@ -667,6 +667,8 @@ def testGetaddrinfo(self):
                                type=socket.SOCK_STREAM, proto=0,
                                flags=socket.AI_PASSIVE)
         self.assertEqual(a, b)
+        # Issue #6697.
+        self.assertRaises(UnicodeEncodeError, socket.getaddrinfo, 'localhost', '\uD800')
 
     def test_getnameinfo(self):
         # only IP addresses are allowed
diff --git a/Lib/test/test_syslog.py b/Lib/test/test_syslog.py
@@ -11,6 +11,8 @@ class Test(unittest.TestCase):
 
     def test_openlog(self):
         syslog.openlog('python')
+        # Issue #6697.
+        self.assertRaises(UnicodeEncodeError, syslog.openlog, '\uD800')
 
     def test_syslog(self):
         syslog.openlog('python')
diff --git a/Lib/test/test_xml_etree_c.py b/Lib/test/test_xml_etree_c.py
@@ -8,10 +8,26 @@
 # cElementTree specific tests
 
 def sanity():
-    """
+    r"""
     Import sanity.
 
     >>> from xml.etree import cElementTree
+
+    Issue #6697.
+
+    >>> e = cElementTree.Element('a')
+    >>> getattr(e, '\uD800')           # doctest: +ELLIPSIS
+    Traceback (most recent call last):
+      ...
+    UnicodeEncodeError: ...
+
+    >>> p = cElementTree.XMLParser()
+    >>> p.version.split()[0]
+    'Expat'
+    >>> getattr(p, '\uD800')
+    Traceback (most recent call last):
+     ...
+    AttributeError: 'XMLParser' object has no attribute '\ud800'
     """
 
 
diff --git a/Modules/_datetimemodule.c b/Modules/_datetimemodule.c
@@ -1257,7 +1257,8 @@ wrap_strftime(PyObject *object, PyObject *format, PyObject *timetuple,
             assert(PyUnicode_Check(Zreplacement));
             ptoappend = _PyUnicode_AsStringAndSize(Zreplacement,
                                                   &ntoappend);
-            ntoappend = Py_SIZE(Zreplacement);
+            if (ptoappend == NULL)
+                goto Done;
         }
         else if (ch == 'f') {
             /* format microseconds */
diff --git a/Modules/_elementtree.c b/Modules/_elementtree.c
@@ -1483,6 +1483,9 @@ element_getattro(ElementObject* self, PyObject* nameobj)
 
     if (PyUnicode_Check(nameobj))
         name = _PyUnicode_AsString(nameobj);
+    
+    if (name == NULL)
+        return NULL;
 
     /* handle common attributes first */
     if (strcmp(name, "tag") == 0) {
@@ -2139,7 +2142,7 @@ expat_set_error(const char* message, int line, int column)
     PyObject *position;
     char buffer[256];
 
-    sprintf(buffer, "%s: line %d, column %d", message, line, column);
+    sprintf(buffer, "%.100s: line %d, column %d", message, line, column);
 
     error = PyObject_CallFunction(elementtree_parseerror_obj, "s", buffer);
     if (!error)
@@ -2194,8 +2197,8 @@ expat_default_handler(XMLParserObject* self, const XML_Char* data_in,
         Py_XDECREF(res);
     } else if (!PyErr_Occurred()) {
         /* Report the first error, not the last */
-        char message[128];
-        sprintf(message, "undefined entity &%.100s;", _PyUnicode_AsString(key));
+        char message[128] = "undefined entity ";
+        strncat(message, data_in, data_len < 100?data_len:100);
         expat_set_error(
             message,
             EXPAT(GetErrorLineNumber)(self->parser),
@@ -2796,29 +2799,25 @@ static PyMethodDef xmlparser_methods[] = {
 static PyObject*  
 xmlparser_getattro(XMLParserObject* self, PyObject* nameobj)
 {
-    PyObject* res;
-    char *name = "";
-
-    if (PyUnicode_Check(nameobj))
-        name = _PyUnicode_AsString(nameobj);
-
-    PyErr_Clear();
-
-    if (strcmp(name, "entity") == 0)
-        res = self->entity;
-    else if (strcmp(name, "target") == 0)
-        res = self->target;
-    else if (strcmp(name, "version") == 0) {
-        char buffer[100];
-        sprintf(buffer, "Expat %d.%d.%d", XML_MAJOR_VERSION,
+    if (PyUnicode_Check(nameobj)) {
+        PyObject* res;
+        if (PyUnicode_CompareWithASCIIString(nameobj, "entity") == 0)
+            res = self->entity;
+        else if (PyUnicode_CompareWithASCIIString(nameobj, "target") == 0)
+            res = self->target;
+        else if (PyUnicode_CompareWithASCIIString(nameobj, "version") == 0) {
+            return PyUnicode_FromFormat(
+                "Expat %d.%d.%d", XML_MAJOR_VERSION,
                 XML_MINOR_VERSION, XML_MICRO_VERSION);
-        return PyUnicode_DecodeUTF8(buffer, strlen(buffer), "strict");
-    } else {
-        return PyObject_GenericGetAttr((PyObject*) self, nameobj);
-    }
+        }
+        else
+            goto generic;
 
-    Py_INCREF(res);
-    return res;
+        Py_INCREF(res);
+        return res;
+    }
+  generic:
+    return PyObject_GenericGetAttr((PyObject*) self, nameobj);
 }
 
 static PyTypeObject XMLParser_Type = {
diff --git a/Modules/_lsprof.c b/Modules/_lsprof.c
@@ -178,7 +178,16 @@ normalizeUserObj(PyObject *obj)
         PyObject *mod = fn->m_module;
         const char *modname;
         if (mod && PyUnicode_Check(mod)) {
+            /* XXX: The following will truncate module names with embedded
+             * null-characters.  It is unlikely that this can happen in
+             * practice and the concequences are not serious enough to
+             * introduce extra checks here.
+             */
             modname = _PyUnicode_AsString(mod);
+            if (modname == NULL) {
+                modname = "<encoding error>";
+                PyErr_Clear();
+            }
         }
         else if (mod && PyModule_Check(mod)) {
             modname = PyModule_GetName(mod);
diff --git a/Modules/_testcapimodule.c b/Modules/_testcapimodule.c
@@ -1741,15 +1741,16 @@ test_string_from_format(PyObject *self, PyObject *args)
 {
     PyObject *result;
     char *msg;
-
-#define CHECK_1_FORMAT(FORMAT, TYPE)                    \
-    result = PyUnicode_FromFormat(FORMAT, (TYPE)1);     \
-    if (result == NULL)                                 \
-        return NULL;                                    \
-    if (strcmp(_PyUnicode_AsString(result), "1")) {     \
-        msg = FORMAT " failed at 1";                    \
-        goto Fail;                                      \
-    }                                                   \
+    static const Py_UNICODE one[] = {'1', 0};
+
+#define CHECK_1_FORMAT(FORMAT, TYPE)                                \
+    result = PyUnicode_FromFormat(FORMAT, (TYPE)1);                 \
+    if (result == NULL)                                             \
+        return NULL;                                                \
+    if (Py_UNICODE_strcmp(PyUnicode_AS_UNICODE(result), one)) {     \
+        msg = FORMAT " failed at 1";                                \
+        goto Fail;                                                  \
+    }                                                               \
     Py_DECREF(result)
 
     CHECK_1_FORMAT("%d", int);
diff --git a/Modules/parsermodule.c b/Modules/parsermodule.c
@@ -792,6 +792,11 @@ build_node_children(PyObject *tuple, node *root, int *line_num)
                 }
             }
             temp_str = _PyUnicode_AsStringAndSize(temp, &len);
+            if (temp_str == NULL) {
+                Py_DECREF(temp);
+                Py_XDECREF(elem);
+                return 0;
+            }
             strn = (char *)PyObject_MALLOC(len + 1);
             if (strn != NULL)
                 (void) memcpy(strn, temp_str, len + 1);
@@ -870,6 +875,8 @@ build_node_tree(PyObject *tuple)
             encoding = PySequence_GetItem(tuple, 2);
             /* tuple isn't borrowed anymore here, need to DECREF */
             tuple = PySequence_GetSlice(tuple, 0, 2);
+            if (tuple == NULL)
+                return NULL;
         }
         res = PyNode_New(num);
         if (res != NULL) {
@@ -881,6 +888,12 @@ build_node_tree(PyObject *tuple)
                 Py_ssize_t len;
                 const char *temp;
                 temp = _PyUnicode_AsStringAndSize(encoding, &len);
+                if (temp == NULL) {
+                    Py_DECREF(res);
+                    Py_DECREF(encoding);
+                    Py_DECREF(tuple);
+                    return NULL;
+                }
                 res->n_str = (char *)PyObject_MALLOC(len + 1);
                 if (res->n_str != NULL && temp != NULL)
                     (void) memcpy(res->n_str, temp, len + 1);
diff --git a/Modules/pyexpat.c b/Modules/pyexpat.c
diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
diff --git a/Modules/syslogmodule.c b/Modules/syslogmodule.c
