After the recent discussion about Coverity, I took a look at one of the checkins made, apparently based on output from their tool.
http://svn.python.org/view/python/branches/release24-maint/Objects/object.c?&r1=43015&r2=43014&rev=43015&view=diff&diff_format=l This change, a backport of a similar change made to HEAD, doesn't seem to fix the flaw: the PyUnicode_CheckExact() call is now guarded against a NULL return, but the subsequent PyUnicode_Check() and PyString_Check() calls don't seem to be. I'm not 100% sure what's going on here, but it still looks a bit fishy. The API reference says that PyObject_AsUnicode may return NULL, so why doesn't the function just call PyErr_BadInternalCall() and return NULL? Jeff _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com