From 4c5678d7e6867c1cda3dec7400f80edf05cd90ab Mon Sep 17 00:00:00 2001 From: Artem Chernyshev Date: Wed, 7 Feb 2024 16:05:18 +0300 Subject: [PATCH 1/5] gh-115136: Fix possible NULL deref in getpath_joinpath() Check return value of PyMem_Malloc() before passing to memset() Signed-off-by: Artem Chernyshev --- Modules/getpath.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Modules/getpath.c b/Modules/getpath.c index a3c8fc269d1c3c..abed139028244a 100644 --- a/Modules/getpath.c +++ b/Modules/getpath.c @@ -262,6 +262,10 @@ getpath_joinpath(PyObject *Py_UNUSED(self), PyObject *args) } /* Convert all parts to wchar and accumulate max final length */ wchar_t **parts = (wchar_t **)PyMem_Malloc(n * sizeof(wchar_t *)); + if (parts == NULL) { + PyErr_NoMemory(); + return NULL; + } memset(parts, 0, n * sizeof(wchar_t *)); Py_ssize_t cchFinal = 0; Py_ssize_t first = 0; From 82b7d15ea86eab2cd98de2998c051b775bca0804 Mon Sep 17 00:00:00 2001 From: Artem Chernyshev Date: Wed, 7 Feb 2024 16:14:42 +0300 Subject: [PATCH 2/5] Misc/NEWS.d: New entry in news Signed-off-by: Artem Chernyshev --- .../next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst | 1 + 1 file changed, 1 insertion(+) create mode 100644 Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst diff --git a/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst b/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst new file mode 100644 index 00000000000000..cc2ca9ddb98c9a --- /dev/null +++ b/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst @@ -0,0 +1 @@ +Check return value of PyMem_Malloc() before passing to memset() From d4147a566d484ca0605bb69f9cba41c007b900e0 Mon Sep 17 00:00:00 2001 From: Artem Chernyshev <62871052+dTenebrae@users.noreply.github.com> Date: Wed, 7 Feb 2024 16:43:14 +0300 Subject: [PATCH 3/5] Update 2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst --- .../next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst b/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst index cc2ca9ddb98c9a..321b7d9cb95999 100644 --- a/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst +++ b/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst @@ -1 +1 @@ -Check return value of PyMem_Malloc() before passing to memset() +Check return value of :c:func:`PyMem_Malloc` before passing to :c:func:`memset`. From d9ccb08ec240847bbfc6979864346adfbc689167 Mon Sep 17 00:00:00 2001 From: Artem Chernyshev <62871052+dTenebrae@users.noreply.github.com> Date: Wed, 7 Feb 2024 17:00:47 +0300 Subject: [PATCH 4/5] Update 2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst --- .../Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst b/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst index 321b7d9cb95999..a39d2c0a46f5a4 100644 --- a/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst +++ b/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst @@ -1 +1,2 @@ -Check return value of :c:func:`PyMem_Malloc` before passing to :c:func:`memset`. +Check return value of :c:func:`PyMem_Malloc` before passing to :c:func:`memset` +in ``Modules/getpath.c``. From 8584ae4957f8c9ab691feb82b029afd51c5a201a Mon Sep 17 00:00:00 2001 From: Serhiy Storchaka Date: Thu, 8 Feb 2024 10:17:54 +0200 Subject: [PATCH 5/5] Delete Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst --- .../next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst diff --git a/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst b/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst deleted file mode 100644 index a39d2c0a46f5a4..00000000000000 --- a/Misc/NEWS.d/next/Library/2024-02-07-16-14-23.gh-issue-115136.DuI2LN.rst +++ /dev/null @@ -1,2 +0,0 @@ -Check return value of :c:func:`PyMem_Malloc` before passing to :c:func:`memset` -in ``Modules/getpath.c``.