[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-11 Thread Zackery Spytz 


Change by Zackery Spytz :


--
versions: +Python 2.7, Python 3.6

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-10 Thread miss-islington 


miss-islington  added the comment:


New changeset 8a0c254fdd68cfafede168356fc5c5c3e372bc3f by Miss Islington (bot) 
in branch '3.6':
bpo-23855: Add missing NULL checks for malloc() in _msi.c (GH-9038)
https://github.com/python/cpython/commit/8a0c254fdd68cfafede168356fc5c5c3e372bc3f


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-10 Thread miss-islington 


miss-islington  added the comment:


New changeset f51a46631f8dcca596c08a934a766da9afe93c06 by Miss Islington (bot) 
in branch '2.7':
bpo-23855: Add missing NULL checks for malloc() in _msi.c (GH-9038)
https://github.com/python/cpython/commit/f51a46631f8dcca596c08a934a766da9afe93c06


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-08 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +8568

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-08 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +8569

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-07 Thread Berker Peksag 


Change by Berker Peksag :


--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed
versions:  -Python 2.7, Python 3.6

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-07 Thread miss-islington 


miss-islington  added the comment:


New changeset 73994077250bd70385cb8e7a92f24874129369d1 by Miss Islington (bot) 
in branch '3.7':
bpo-23855: Add missing NULL checks for malloc() in _msi.c (GH-9038)
https://github.com/python/cpython/commit/73994077250bd70385cb8e7a92f24874129369d1


--
nosy: +miss-islington

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-07 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +8564

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-07 Thread Berker Peksag 


Berker Peksag  added the comment:


New changeset 4e519377b1b84c9414a360961276993d24198825 by Berker Peksag 
(Zackery Spytz) in branch 'master':
bpo-23855: Add missing NULL checks for malloc() in _msi.c (GH-9038)
https://github.com/python/cpython/commit/4e519377b1b84c9414a360961276993d24198825


--
nosy: +berker.peksag

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-02 Thread Zackery Spytz 


Change by Zackery Spytz :


--
pull_requests: +8499
stage:  -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2018-09-02 Thread Zackery Spytz 


Zackery Spytz  added the comment:

The suggested patch is not acceptable: MemoryError should be raised in the 
unlikely event of a malloc() failure, there's a missing call to 
MsiCloseHandle(), the use of tabs violates PEP 7, and there's a blatant syntax 
error.

--
nosy: +ZackerySpytz
versions: +Python 2.7, Python 3.6, Python 3.7, Python 3.8 -Python 3.4

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2015-04-06 Thread Bill Parker 

Bill Parker added the comment:

In directory 'PC', file '_msi.c', I found another call to
malloc() which was not checked for a return value of NULL
which would indicate failure.  The new patch file is below:

--- _msi.c.orig 2015-04-02 15:01:02.882326352 -0700
+++ _msi.c  2015-04-04 16:36:56.919605881 -0700
@@ -324,6 +324,10 @@
 code = MsiRecordGetInteger(err, 1); /* XXX code */
 if (MsiFormatRecord(0, err, res, size) == ERROR_MORE_DATA) {
 res = malloc(size+1);
+   if (res == NULL) /* malloc() failed, out of memory... */
+   PyErr_SetString(MSIError, out of memory);
+   return NULL;
+   }
 MsiFormatRecord(0, err, res, size);
 res[size]='\0';
 }
@@ -547,6 +551,10 @@
 fval, sval, ssize);
 if (status == ERROR_MORE_DATA) {
 sval = malloc(ssize);
+   if (sval == NULL) { /* malloc() failed, out of memory... */
+   PyErr_SetString(MSIError, out of memory);
+   return NULL;
+   }
 status = MsiSummaryInfoGetProperty(si-h, field, type, ival,
 fval, sval, ssize);
 }

--
Added file: http://bugs.python.org/file38847/_msi.c.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue23855
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23855] Missing Sanity Check for malloc() in PC/_msi.c

2015-04-02 Thread Bill Parker 

New submission from Bill Parker:

Hello All,

   In reviewing code in Python-3.4.3/PC/_msi.c, I found a call to malloc() at 
line 326 in function 'static PyObject* msierror(int status)' in which the call 
is made and assigned to variable 'res', but no check for NULL, indicating 
failure is made afterwards.  The patch below corrects this issue:

--- _msi.c.orig 2015-04-02 15:01:02.882326352 -0700
+++ _msi.c  2015-04-02 15:02:43.382099357 -0700
@@ -324,6 +324,10 @@
 code = MsiRecordGetInteger(err, 1); /* XXX code */
 if (MsiFormatRecord(0, err, res, size) == ERROR_MORE_DATA) {
 res = malloc(size+1);
+   if (res == NULL) /* malloc() failed, out of memory... */
+   PyErr_SetString(MSIError, out of memory);
+   return NULL;
+   }
 MsiFormatRecord(0, err, res, size);
 res[size]='\0';
 }

--
components: Windows
files: _msi.c.patch
keywords: patch
messages: 239948
nosy: dogbert2, steve.dower, tim.golden, zach.ware
priority: normal
severity: normal
status: open
title: Missing Sanity Check for malloc() in PC/_msi.c
type: behavior
versions: Python 3.4
Added file: http://bugs.python.org/file38811/_msi.c.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue23855
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com