Chiaki Ishikawa added the comment:
I found that the inlined functions are used by other functions and resulted in
similar issues. Once obmalloc.c is fixed, I think such problems are
automatically fixed.
--
___
Python tracker
<ht
Chiaki Ishikawa added the comment:
PyMem_Free and PyMem_Realloc also suffer from similar "Use After Free" issue.
The standard version of Python3.7 interpreter does not seem to have debug
symbol and so I installed a debug version of it. Now it seems to have a shadow
symbol
Chiaki Ishikawa added the comment:
Addtion:
PyObject_Realloc also has the issue of Use After Free: this may be more serious.
==31128== Invalid read of size 4
==31128==at 0x5A48CA: PyObject_Realloc (in /usr/bin/python3.7)
==31128==by 0x5DD8FB: _PyBytes_Resize (in /usr/bin/python3.7
New submission from Chiaki Ishikawa :
Hi,
I am new to Python bug tracker, so my setting of the fields may be inadequate.
If so, apologies in advance.
I think Use After Free bug is a potential security issue and so wanted to
report ASAP.
First my environment: I am using Debian GNU/Linux, and
