From e3551869058406bcedf88d90d903fc995c1899a5 Mon Sep 17 00:00:00 2001 From: Valery Fedorenko Date: Tue, 29 Oct 2024 12:04:29 +0300 Subject: [PATCH 01/10] Fix potential null pointer dereference in PySys_AddWarnOptionUnicode --- Python/sysmodule.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Python/sysmodule.c b/Python/sysmodule.c index 24af4798eeac3b..d90aa5a8691708 100644 --- a/Python/sysmodule.c +++ b/Python/sysmodule.c @@ -2853,11 +2853,9 @@ PyAPI_FUNC(void) PySys_AddWarnOptionUnicode(PyObject *option) { PyThreadState *tstate = _PyThreadState_GET(); - if (_PySys_AddWarnOptionWithError(tstate, option) < 0) { + if (tstate && _PySys_AddWarnOptionWithError(tstate, option) < 0) { /* No return value, therefore clear error state if possible */ - if (tstate) { - _PyErr_Clear(tstate); - } + _PyErr_Clear(tstate); } } From 2ca65febed79991570180f1726a5c28850697dfa Mon Sep 17 00:00:00 2001 From: "blurb-it[bot]" <43283697+blurb-it[bot]@users.noreply.github.com> Date: Tue, 29 Oct 2024 09:15:11 +0000 Subject: [PATCH 02/10] =?UTF-8?q?=F0=9F=93=9C=F0=9F=A4=96=20Added=20by=20b?= =?UTF-8?q?lurb=5Fit.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst | 1 + 1 file changed, 1 insertion(+) create mode 100644 Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst diff --git a/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst b/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst new file mode 100644 index 00000000000000..2b6a9f351bcbd4 --- /dev/null +++ b/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst @@ -0,0 +1 @@ +Fix potential null pointer dereference in PySys_AddWarnOptionUnicode From 0fb17bc5f5003632a3206e14f4bb91f3e743e626 Mon Sep 17 00:00:00 2001 From: Valery Fedorenko Date: Tue, 29 Oct 2024 16:01:00 +0300 Subject: [PATCH 03/10] Update Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com> --- .../Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst b/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst index 2b6a9f351bcbd4..9e60f3dd5040d5 100644 --- a/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst +++ b/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst @@ -1 +1 @@ -Fix potential null pointer dereference in PySys_AddWarnOptionUnicode +Fix a possible ``NULL` pointer dereference in :c:func:`!PySys_AddWarnOptionUnicode`. From 6c22e447e9e409f8956f18c028f7bfa699740096 Mon Sep 17 00:00:00 2001 From: Valery Fedorenko Date: Tue, 29 Oct 2024 16:02:49 +0300 Subject: [PATCH 04/10] add assert --- Python/sysmodule.c | 1 + 1 file changed, 1 insertion(+) diff --git a/Python/sysmodule.c b/Python/sysmodule.c index d90aa5a8691708..cbf36f2c549ca6 100644 --- a/Python/sysmodule.c +++ b/Python/sysmodule.c @@ -2838,6 +2838,7 @@ PySys_ResetWarnOptions(void) static int _PySys_AddWarnOptionWithError(PyThreadState *tstate, PyObject *option) { + assert(tstate != NULL); PyObject *warnoptions = get_warnoptions(tstate); if (warnoptions == NULL) { return -1; From a9690262d6c6a69007f7935af575990ef27cd4d2 Mon Sep 17 00:00:00 2001 From: Valery Fedorenko Date: Tue, 29 Oct 2024 16:05:13 +0300 Subject: [PATCH 05/10] fix spaces --- Python/sysmodule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Python/sysmodule.c b/Python/sysmodule.c index cbf36f2c549ca6..1328f41bb0724d 100644 --- a/Python/sysmodule.c +++ b/Python/sysmodule.c @@ -2838,7 +2838,7 @@ PySys_ResetWarnOptions(void) static int _PySys_AddWarnOptionWithError(PyThreadState *tstate, PyObject *option) { - assert(tstate != NULL); + assert(tstate != NULL); PyObject *warnoptions = get_warnoptions(tstate); if (warnoptions == NULL) { return -1; From 16675994586ebb94927aa54847fdca231f7ba2e4 Mon Sep 17 00:00:00 2001 From: Valery Fedorenko Date: Tue, 29 Oct 2024 16:09:01 +0300 Subject: [PATCH 06/10] fix unbalanced literal markup --- .../Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst b/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst index 9e60f3dd5040d5..e8610af555c3f4 100644 --- a/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst +++ b/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst @@ -1 +1 @@ -Fix a possible ``NULL` pointer dereference in :c:func:`!PySys_AddWarnOptionUnicode`. +Fix a possible `NULL` pointer dereference in :c:func:`!PySys_AddWarnOptionUnicode`. From 93231838dbd90d6dc90d58c818d204bc49162c79 Mon Sep 17 00:00:00 2001 From: Valery Fedorenko Date: Tue, 29 Oct 2024 16:10:56 +0300 Subject: [PATCH 07/10] fix backticks --- .../Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst b/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst index e8610af555c3f4..9f2c7e84d4dff0 100644 --- a/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst +++ b/Misc/NEWS.d/next/Security/2024-10-29-09-15-10.gh-issue-126108.eTIjHY.rst @@ -1 +1 @@ -Fix a possible `NULL` pointer dereference in :c:func:`!PySys_AddWarnOptionUnicode`. +Fix a possible ``NULL`` pointer dereference in :c:func:`!PySys_AddWarnOptionUnicode`. From 5cd8e30f9a18f5e9d696af42640357ff604d0426 Mon Sep 17 00:00:00 2001 From: Valery Fedorenko Date: Tue, 29 Oct 2024 16:45:26 +0300 Subject: [PATCH 08/10] Update Python/sysmodule.c Co-authored-by: Tomas R. --- Python/sysmodule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Python/sysmodule.c b/Python/sysmodule.c index 1328f41bb0724d..52759399bbf351 100644 --- a/Python/sysmodule.c +++ b/Python/sysmodule.c @@ -2854,7 +2854,7 @@ PyAPI_FUNC(void) PySys_AddWarnOptionUnicode(PyObject *option) { PyThreadState *tstate = _PyThreadState_GET(); - if (tstate && _PySys_AddWarnOptionWithError(tstate, option) < 0) { + if (tstate && _PySys_AddWarnOptionWithError(tstate, option) < 0) { /* No return value, therefore clear error state if possible */ _PyErr_Clear(tstate); } From 67b9de21d8888f142fc4f8705ea50f8ab1e254d4 Mon Sep 17 00:00:00 2001 From: Valery Fedorenko Date: Thu, 31 Oct 2024 09:36:15 +0800 Subject: [PATCH 09/10] Apply suggession for Python/sysmodule.c Co-authored-by: Peter Bierma --- Python/sysmodule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Python/sysmodule.c b/Python/sysmodule.c index 325c541188fc00..3a2326e09700d3 100644 --- a/Python/sysmodule.c +++ b/Python/sysmodule.c @@ -2862,7 +2862,7 @@ PyAPI_FUNC(void) PySys_AddWarnOptionUnicode(PyObject *option) { PyThreadState *tstate = _PyThreadState_GET(); - if (tstate && _PySys_AddWarnOptionWithError(tstate, option) < 0) { + if (_PySys_AddWarnOptionWithError(tstate, option) < 0) { /* No return value, therefore clear error state if possible */ _PyErr_Clear(tstate); } From 7d0754fa93fb5cec0e9428c9219fff3df154556f Mon Sep 17 00:00:00 2001 From: Valery Fedorenko Date: Thu, 31 Oct 2024 09:36:29 +0800 Subject: [PATCH 10/10] Apply suggession for Python/sysmodule.c Co-authored-by: Peter Bierma --- Python/sysmodule.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Python/sysmodule.c b/Python/sysmodule.c index 3a2326e09700d3..6a861da49b8216 100644 --- a/Python/sysmodule.c +++ b/Python/sysmodule.c @@ -2862,6 +2862,8 @@ PyAPI_FUNC(void) PySys_AddWarnOptionUnicode(PyObject *option) { PyThreadState *tstate = _PyThreadState_GET(); + _Py_EnsureTstateNotNULL(tstate); + assert(!_PyErr_Occurred(tstate)); if (_PySys_AddWarnOptionWithError(tstate, option) < 0) { /* No return value, therefore clear error state if possible */ _PyErr_Clear(tstate);