Skip to content

bpo-34454: datetime: Fix crash on PyUnicode_AsUTF8AndSize() failure #8850

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

bpo-34454: datetime: Fix crash on PyUnicode_AsUTF8AndSize() failure #8850

wants to merge 1 commit into from

Conversation

@izbyshev
Copy link
Contributor

@izbyshev izbyshev commented Aug 21, 2018
edited by bedevere-bot
Loading

The missing NULL check was reported by Svace static analyzer.

https://bugs.python.org/issue34454

bpo-34454: datetime: Fix crash on PyUnicode_AsUTF8AndSize() failure
e2dad4a 
The missing NULL check was reported by Svace static analyzer.
pganssle
pganssle reviewed Aug 21, 2018
View reviewed changes
Lib/test/datetimetester.py

with self.subTest(dtstr=dtstr):
dt_rt = self.theclass.fromisoformat(dtstr)
try:
Copy link
Member

@pganssle pganssle Aug 21, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this try/catch is the right solution here. We should fix the actual problem.

@serhiy-storchaka serhiy-storchaka added type-bug An unexpected behavior, bug, or error needs backport to 3.7 labels Aug 22, 2018
@serhiy-storchaka serhiy-storchaka self-requested a review August 22, 2018 05:03
@taleinat taleinat mentioned this pull request Aug 22, 2018
Closed
@taleinat
Copy link
Contributor

taleinat commented Aug 23, 2018

@izbyshev, now that #8862 has been merged, please update this accordingly and merge master into it.

@izbyshev
Copy link
Contributor Author

izbyshev commented Aug 23, 2018

@taleinat Should I create another bpo for the updated PR?

@taleinat
Copy link
Contributor

taleinat commented Aug 23, 2018
edited
Loading

@izbyshev, yes, please create a new issue on bpo, with a title regarding the null dereference bugs, and mark it as a security issue. Do mention there that this bug existed and was recently fixed in the fromisoformat methods, referencing the existing bpo issue.

@izbyshev
Copy link
Contributor Author

izbyshev commented Aug 23, 2018
edited by bedevere-bot
Loading

I've created bpo-34482 and #8878. Closing this one. Thank you!

@izbyshev izbyshev closed this Aug 23, 2018
@izbyshev izbyshev deleted the bpo-34454 branch August 23, 2018 17:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pganssle pganssle pganssle left review comments

@serhiy-storchaka serhiy-storchaka Awaiting requested review from serhiy-storchaka

Assignees

No one assigned

Labels

awaiting review type-bug An unexpected behavior, bug, or error

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@izbyshev @taleinat @pganssle @serhiy-storchaka @the-knights-who-say-ni @bedevere-bot