]> granicus.if.org Git - python/commitdiff
projects / python / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 83cc512)
Issue #12881: ctypes: Fix segfault with large structure field names.
authorMeador Inge <meadori@gmail.com>
Tue, 4 Oct 2011 02:34:04 +0000 (21:34 -0500)
committerMeador Inge <meadori@gmail.com>
Tue, 4 Oct 2011 02:34:04 +0000 (21:34 -0500)
Lib/ctypes/test/test_structures.py patch | blob | history
Misc/NEWS patch | blob | history
Modules/_ctypes/stgdict.c patch | blob | history

diff --git a/Lib/ctypes/test/test_structures.py b/Lib/ctypes/test/test_structures.py
index a84bae0640b0cd21f63d0bf919cd9f4261d70617..1bde101d7cf5bf9f7bfbad8820ff599600e0f6a7 100644 (file)
--- a/Lib/ctypes/test/test_structures.py
+++ b/Lib/ctypes/test/test_structures.py
@@ -332,6 +332,18 @@ class StructureTestCase(unittest.TestCase):
         else:
             self.assertEqual(msg, "(Phone) exceptions.TypeError: too many initializers")
 
+    def test_huge_field_name(self):
+        # issue12881: segfault with large structure field names
+        def create_class(length):
+            class S(Structure):
+                _fields_ = [('x' * length, c_int)]
+
+        for length in [10 ** i for i in range(0, 8)]:
+            try:
+                create_class(length)
+            except MemoryError:
+                # MemoryErrors are OK, we just don't want to segfault
+                pass
 
     def get_except(self, func, *args):
         try:
diff --git a/Misc/NEWS b/Misc/NEWS
index ddcbde11af42e10f9a3a34a6fc062c29d6c58d2f..68d32a67c3d9ad5a7eddf266342aa028518d8e49 100644 (file)
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -210,6 +210,8 @@ Library
 Extension Modules
 -----------------
 
+- Issue #12881: ctypes: Fix segfault with large structure field names.
+
 - Issue #13013: ctypes: Fix a reference leak in PyCArrayType_from_ctype.
   Thanks to Suman Saha for finding the bug and providing a patch.
 
diff --git a/Modules/_ctypes/stgdict.c b/Modules/_ctypes/stgdict.c
index 4d4ecc47174649cf411954a2c76b8a6860650384..773233fe6ff587eeb4ccfe2ffc4dfe90965e1e67 100644 (file)
--- a/Modules/_ctypes/stgdict.c
+++ b/Modules/_ctypes/stgdict.c
@@ -508,13 +508,19 @@ PyCStructUnionType_update_stgdict(PyObject *type, PyObject *fields, int isStruct
             }
 
             len = strlen(fieldname) + strlen(fieldfmt);
-            buf = alloca(len + 2 + 1);
 
+            buf = PyMem_Malloc(len + 2 + 1);
+            if (buf == NULL) {
+                Py_DECREF(pair);
+                PyErr_NoMemory();
+                return -1;
+            }
             sprintf(buf, "%s:%s:", fieldfmt, fieldname);
 
             ptr = stgdict->format;
             stgdict->format = _ctypes_alloc_format_string(stgdict->format, buf);
             PyMem_Free(ptr);
+            PyMem_Free(buf);
 
             if (stgdict->format == NULL) {
                 Py_DECREF(pair);
Unnamed repository; edit this file 'description' to name the repository.