subject:"\[issue24630\] null pointer dereference in `load_newobj

[issue24630] null pointer dereference in `load_newobj_ex`

2015-07-16 Thread Serhiy Storchaka

Changes by Serhiy Storchaka : -- resolution: -> out of date stage: -> resolved status: pending -> closed ___ Python tracker ___ ___

[issue24630] null pointer dereference in `load_newobj_ex`

2015-07-16 Thread Brad Larsen

Brad Larsen added the comment: Yeah, this appears to be fixed along with #24552. -- status: open -> pending ___ Python tracker ___ ___

[issue24630] null pointer dereference in `load_newobj_ex`

2015-07-14 Thread Serhiy Storchaka

Serhiy Storchaka added the comment: Likely this crash was fixed by issue24552 patch. -- nosy: +benjamin.peterson ___ Python tracker ___ __

[issue24630] null pointer dereference in `load_newobj_ex`

2015-07-14 Thread Brad Larsen

Brad Larsen added the comment: Both test cases cause segfaults for me: (1) on 64-bit Python 3.4.3 built from source on Mac OS X (2) on the system 64-bit Python 3.4.3 from Debian "Jessie" I do not see the segfaults with a 64-bit build of the latest sources (cpython `default` branch at 23

[issue24630] null pointer dereference in `load_newobj_ex`

2015-07-13 Thread Serhiy Storchaka

Serhiy Storchaka added the comment: Can't reproduce the crash with current sources. In both examples the result is an exception: _pickle.UnpicklingError: NEWOBJ_EX class argument must be a type, not float How an ob_type field of cls can be set to 0? -- nosy: +alexandre.vassalotti, pit

[issue24630] null pointer dereference in `load_newobj_ex`

2015-07-13 Thread Brad Larsen

Brad Larsen added the comment: Also, it appears that the `ob_type` field of `cls` need not be NULL; it can be an arbitrary value treated as a memory location. Attached another POC that triggers this case. -- Added file: http://bugs.python.org/file39922/bug-nonnull.py _

[issue24630] null pointer dereference in `load_newobj_ex`

2015-07-13 Thread Brad Larsen

Brad Larsen added the comment: Seems to be similar to #24552, but not the same problem. -- ___ Python tracker ___ ___ Python-bugs-list

[issue24630] null pointer dereference in `load_newobj_ex`

2015-07-13 Thread Brad Larsen

New submission from Brad Larsen: `load_newobj_ex` in can crash with a null pointer dereference. File Modules/_pickle.c: static int load_newobj_ex(UnpicklerObject *self) { PyObject *cls, *args, *kwargs; PyObject *obj; PickleState *st = _Pickle_GetGlobalState(

[issue24630] null pointer dereference in `load_newobj_ex`

[issue24630] null pointer dereference in `load_newobj_ex`

[issue24630] null pointer dereference in `load_newobj_ex`

[issue24630] null pointer dereference in `load_newobj_ex`

[issue24630] null pointer dereference in `load_newobj_ex`

[issue24630] null pointer dereference in `load_newobj_ex`

[issue24630] null pointer dereference in `load_newobj_ex`

[issue24630] null pointer dereference in `load_newobj_ex`

8 matches

Site Navigation

Mail list logo

Footer information