New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Guard against memory unmapping errors #5775
Conversation
1. When calloc fails. 2. If ZNAXIS keyword is not present in header.
@MSeifert04, @pllim - I think this is OK -- at least it provable avoids getting a complete breakdown, stacktrace included -- but a closer look is most welcome... @embray - if you have time, could you check that this indeed fixes #3118? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have a two comments and a question but overall this looks good.
@@ -764,6 +768,13 @@ void init_output_buffer(PyObject* hdu, void** buf, size_t* bufsize) { | |||
} | |||
|
|||
*buf = calloc(*bufsize, sizeof(char)); | |||
if (*buf == NULL) { | |||
// Checking if calloc failed. | |||
PyErr_SetString(PyExc_TypeError, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be a PyExc_MemoryError
and the next line has inconsistent indentation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, makes sense, done.
@@ -888,7 +899,7 @@ PyObject* compression_compress_hdu(PyObject* self, PyObject* args) | |||
PyObject* retval = NULL; | |||
tcolumn* columns = NULL; | |||
|
|||
void* outbuf; | |||
void* outbuf = NULL; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this needed? I'm only asking out of curiosity.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, it turned out that was in fact the most important change I still had to make -- the problem is that init_output_buffer
does not touch outbuf
at all when an error occurs and then the comparison with NULL
fails, leading to a later trial to unmap buf
.
(I guess an alternative would be to check for PyErr_Occurred
or to let init_output_buffer
return or set a status flag.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't see anything wrong just setting it to NULL anyway.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed; overall, it seemed best to just keep any individual piece of code as little reliant as possible on the rest being correct...
CHANGES.rst
Outdated
@@ -204,6 +204,9 @@ Bug Fixes | |||
|
|||
- Fix out-of-order TUNITn cards when writing tables to FITS. [#5720] | |||
|
|||
- Guard against extremely unlikely problems in compressed images, which | |||
could lead to memory unmapping errors. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PR number is missing. :)
OK, I fixed the indentation and added the PR number to the changelog. (I used Ready to go in? |
LGTM 👍 Thanks! |
👍 Thanks |
Guard against memory unmapping errors
Guard against memory unmapping errors
Guard against memory unmapping errors
Guard against memory unmapping errors
This is an update of #4585, which ensures we don't get stack traces from badly corrupted compressed data hdus. It makes an additional change so that the code actually works as advertised (initializing
*buf=NULL
), simplifies it a bit, adds an extra error message, and adds tests.fixes #3118