gh-145376: Fix null pointer deref in md5module.c#145422
gh-145376: Fix null pointer deref in md5module.c#145422eendebakpt wants to merge 8 commits intopython:mainfrom
Conversation
picnixz
left a comment
There was a problem hiding this comment.
I think this pattern is also present in SHA-* and other modules as it's essentially C/C a b it everywhere.
Not sure what C/C a b is, but the pattern is indeed the same. E.g. Line 89 in 02288bf There the |
it was meant to be a "C/C a bit" and I used C/C for "carbon copy" (which is essentially to mean "copy-paste" for me)
Likely to prevent a double-free (I don't know if it was me or tiran/gpshead who added this) |
|
Actually it was me in 261633b. I just forgot about the MD5 one I think. |
|
|
Oh and please also put the state to NULL just to prevent a possible double-free |
| int rc = py_hmac_hinfo_ht_add(table, KEY, value); \ | ||
| if (rc < 0) { \ | ||
| PyMem_Free(value); \ | ||
| if (value->refcnt == 0) { \ |
There was a problem hiding this comment.
This one is already part of an other PR actually.
Avoid a null pointer deref in the case of an error path in the constructors (e.g.
MD5Type_copy_impl)Issue found using Claude.