New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pylauncher, launcher.c: Assigning NULL to a pointer instead of testing against NULL #70031
Comments
I found this while writing up a separate bug (CPython doesn't use static analysis!). In PC/launcher.c, get_env has a bug: /* Large environment variable. Accept some leakage */
wchar_t *buf2 = (wchar_t*)malloc(sizeof(wchar_t) * (result+1));
if (buf2 = NULL) {
error(RC_NO_MEMORY, L"Could not allocate environment buffer");
}
GetEnvironmentVariableW(key, buf2, result);
return buf2; See: https://hg.python.org/cpython/file/tip/PC/launcher.c#l117 Instead of Thus, whatever value was in buf2 is lost, the branch is NOT taken (because buf2 evaluates to false), and GetEnvironmentVariableW will (probably) cause an access violation. Compiling with /analyze found this quite easily: c:\pythondev\repo\pc\launcher.c(117): warning C6282: Incorrect operator: assignment of constant in Boolean context. Consider using '==' instead. |
New changeset 5015440beec2 by Vinay Sajip in branch '3.4': New changeset 9552fcd303fd by Vinay Sajip in branch '3.5': New changeset cdf8033d8820 by Vinay Sajip in branch 'default': |
To the fix for this bug we have to provoke the unsufficient memory error just at this point. This is unlikely worth. Thank you Alexander for your reports. |
New changeset 48b3cac0dbcd by Vinay Sajip in branch '3.4': |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: