Potential NULL dereference of kw_defaults in has_kwonlydefaults

[rialbat]

The pointer s->v.AsyncFunctionDef.args->kw_defaults is explicitly checked for NULL:

cpython/Python/symtable.c

Lines 2193 to 2195 in aaad2e8

	if (s->v.AsyncFunctionDef.args->kw_defaults)
	VISIT_SEQ_WITH_NULL(st, expr,
	s->v.AsyncFunctionDef.args->kw_defaults);

However, a few lines later, the same pointer is passed unconditionally to the has_kwonlydefaults function:

cpython/Python/symtable.c

Lines 2203 to 2204 in aaad2e8

	has_kwonlydefaults(s->v.AsyncFunctionDef.args->kwonlyargs,
	s->v.AsyncFunctionDef.args->kw_defaults),

Inside has_kwonlydefaults, the kw_defaults parameter is not checked for NULL before being dereferenced:

cpython/Python/symtable.c

Lines 1783 to 1787 in aaad2e8

	for (int i = 0; i < asdl_seq_LEN(kwonlyargs); i++) {
	expr_ty default_ = asdl_seq_GET(kw_defaults, i);
	if (default_) {
	return 1;
	}

Linked PRs

• gh-135302: Fix NULL pointer dereference in has_kwonlydefaults function #135303

[JelleZijlstra]

This isn't necessary because we access kw_defaults only if kwonlyargs is nonempty.

[picnixz]

@JelleZijlstra I suggested adding an assertion #135303 (comment) but I don't know if you wouldn't prefer a PR that adds assertions also elsewhere rather than just modifiying this single place.

[JelleZijlstra]

I don't really have a preference. The code is fine as is; an assertion would be harmless but not help much. Feel free to merge a PR adding assertions if you feel it's useful.

[picnixz]

I think it's only useful if there is a chance to call the function by mistake. If it's not the case, then let's keep the code as is (I don't know if there are other places that would benefit having an assertion)

[rialbat]

This isn't necessary because we access kw_defaults only if kwonlyargs is nonempty.

Got it. Thanks for your answer. I'll close the issue and PR.