Skip to content

bpo-34454: datetime: Fix crash on PyUnicode_AsUTF8AndSize() failure #8850

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

bpo-34454: datetime: Fix crash on PyUnicode_AsUTF8AndSize() failure #8850

wants to merge 1 commit into from

Conversation

izbyshev
Copy link
Contributor

@izbyshev izbyshev commented Aug 21, 2018
edited by bedevere-bot
Loading

The missing NULL check was reported by Svace static analyzer.

https://bugs.python.org/issue34454

bpo-34454: datetime: Fix crash on PyUnicode_AsUTF8AndSize() failure
e2dad4a 
The missing NULL check was reported by Svace static analyzer.
pganssle
pganssle reviewed Aug 21, 2018
View reviewed changes
Lib/test/datetimetester.py
]

for sep in separators:
dt = self.theclass(2018, 1, 31, 23, 59, 47, 124789)
dtstr = dt.isoformat(sep=sep)

with self.subTest(dtstr=dtstr):
dt_rt = self.theclass.fromisoformat(dtstr)
try:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this try/catch is the right solution here. We should fix the actual problem.

@serhiy-storchaka serhiy-storchaka added type-bug An unexpected behavior, bug, or error needs backport to 3.7 labels Aug 22, 2018
@serhiy-storchaka serhiy-storchaka self-requested a review August 22, 2018 05:03
@taleinat taleinat mentioned this pull request Aug 22, 2018
Closed
@taleinat
Copy link
Contributor

@izbyshev, now that #8862 has been merged, please update this accordingly and merge master into it.

@izbyshev
Copy link
Contributor Author

@taleinat Should I create another bpo for the updated PR?

@taleinat
Copy link
Contributor

taleinat commented Aug 23, 2018
edited
Loading

@izbyshev, yes, please create a new issue on bpo, with a title regarding the null dereference bugs, and mark it as a security issue. Do mention there that this bug existed and was recently fixed in the fromisoformat methods, referencing the existing bpo issue.

@izbyshev
Copy link
Contributor Author

izbyshev commented Aug 23, 2018
edited by bedevere-bot
Loading

I've created bpo-34482 and #8878. Closing this one. Thank you!

@izbyshev izbyshev closed this Aug 23, 2018
@izbyshev izbyshev deleted the bpo-34454 branch August 23, 2018 17:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pganssle pganssle pganssle left review comments

@serhiy-storchaka serhiy-storchaka Awaiting requested review from serhiy-storchaka

Assignees
No one assigned
Labels
awaiting review type-bug An unexpected behavior, bug, or error
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@izbyshev @taleinat @pganssle @serhiy-storchaka @the-knights-who-say-ni @bedevere-bot