Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some object-to-AST conversions are missing error checks #105588

Closed
brandtbucher opened this issue Jun 9, 2023 · 0 comments
Closed

Some object-to-AST conversions are missing error checks #105588

brandtbucher opened this issue Jun 9, 2023 · 0 comments
Assignees
@brandtbucher
Labels
3.11 only security fixes 3.12 bugs and security fixes 3.13 new features, bugs and security fixes interpreter-core (Objects, Python, Grammar, and Parser dirs) triaged The issue has been accepted as valid by a triager. type-crash A hard crash of the interpreter, possibly with a core dump

Comments

@brandtbucher
Copy link
Member

brandtbucher commented Jun 9, 2023
edited by bedevere-bot

The generated code in Python-ast.c is missing error checks following the construction of C-level alias, arg, comprehension, keyword, match_item, and withitem nodes from their Python object counterparts. This means it's possible to crash the interpreter by attempting to compile an AST where a required member of these nodes is replaced with None:

>>> import ast
>>> tree = ast.parse("""
... match ...:
...     case THIS:
...         ...
... """)
>>> tree.body[0].cases[0].pattern = None
>>> compile(tree, "<crash>", "exec")
Segmentation fault

I'll have a PR up in a minute with the one-line fix.

Linked PRs
@brandtbucher brandtbucher added interpreter-core (Objects, Python, Grammar, and Parser dirs) 3.11 only security fixes type-crash A hard crash of the interpreter, possibly with a core dump 3.12 bugs and security fixes triaged The issue has been accepted as valid by a triager. 3.13 new features, bugs and security fixes labels Jun 9, 2023
@brandtbucher brandtbucher self-assigned this Jun 9, 2023
@bedevere-bot bedevere-bot mentioned this issue Jun 9, 2023
Merged
brandtbucher added a commit that referenced this issue Jun 15, 2023
@brandtbucher
GH-105588: Add missing error checks to some obj2ast_* converters (GH-…
a4056c8 
…105589)
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jun 15, 2023
@brandtbucher @miss-islington
pythonGH-105588: Add missing error checks to some obj2ast_* converters (
f8c3966 
pythonGH-105589)

(cherry picked from commit a4056c8)

Co-authored-by: Brandt Bucher <brandtbucher@microsoft.com>
@bedevere-bot bedevere-bot mentioned this issue Jun 15, 2023
Merged
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jun 15, 2023
@brandtbucher @miss-islington
pythonGH-105588: Add missing error checks to some obj2ast_* converters (
3680071 
pythonGH-105589)

(cherry picked from commit a4056c8)

Co-authored-by: Brandt Bucher <brandtbucher@microsoft.com>
@bedevere-bot bedevere-bot mentioned this issue Jun 15, 2023
Merged
brandtbucher added a commit that referenced this issue Jun 15, 2023
@miss-islington @brandtbucher
[3.12] GH-105588: Add missing error checks to some obj2ast_* converte…
0add516 
…rs (GH-105838)

GH-105588: Add missing error checks to some obj2ast_* converters (GH-105589)
(cherry picked from commit a4056c8)

Co-authored-by: Brandt Bucher <brandtbucher@microsoft.com>
brandtbucher added a commit that referenced this issue Jun 15, 2023
@miss-islington @brandtbucher
[3.11] GH-105588: Add missing error checks to some obj2ast_* converte…
c0c4186 
…rs (GH-105839)

GH-105588: Add missing error checks to some obj2ast_* converters (GH-105589)
(cherry picked from commit a4056c8)

Co-authored-by: Brandt Bucher <brandtbucher@microsoft.com>
carljm added a commit to carljm/cpython that referenced this issue Jun 16, 2023
@carljm
Merge branch 'main' into modulelocals
b096651 
* main:
  pythongh-104799: PEP 695 backward compatibility for ast.unparse (python#105846)
  pythongh-105834: Add tests for calling `issubclass()` between two protocols (python#105835)
  CI: Remove docs build from Azure Pipelines (python#105823)
  pythongh-105844: Consistently use 'minor version' for X.Y versions (python#105851)
  Fix inaccuracies in "Assorted Topics" section of "Defining Extension Types" tutorial (python#104969)
  pythongh-105433: Add `pickle` tests for PEP695 (python#105443)
  bpo-44530: Document the change in MAKE_FUNCTION behavior (python#93189)
  pythonGH-103124: Multiline statement support for pdb (pythonGH-103125)
  pythonGH-105588: Add missing error checks to some obj2ast_* converters (pythonGH-105589)
gvanrossum pushed a commit to gvanrossum/cpython that referenced this issue Jun 18, 2023
@brandtbucher @gvanrossum
pythonGH-105588: Add missing error checks to some obj2ast_* converters (
524490c 
pythonGH-105589)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brandtbucher brandtbucher

Labels
3.11 only security fixes 3.12 bugs and security fixes 3.13 new features, bugs and security fixes interpreter-core (Objects, Python, Grammar, and Parser dirs) triaged The issue has been accepted as valid by a triager. type-crash A hard crash of the interpreter, possibly with a core dump
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@brandtbucher