From: Christian Heimes <christian@cheimes.de>
Date: Fri, 26 Jul 2013 20:49:26 +0000 (+0200)
Subject: Issue #18560: Fix potential NULL pointer dereference in sum()
X-Git-Tag: v3.4.0a1~71^2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=704e2d374f88bca83339b95d559b0abce12dc6bd;p=python

Issue #18560: Fix potential NULL pointer dereference in sum()
---

diff --git a/Misc/NEWS b/Misc/NEWS
index 24b0c53f6c..505fab5820 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -12,6 +12,8 @@ What's New in Python 3.3.3 release candidate 1?
 Core and Builtins
 -----------------
 
+- Issue #18560: Fix potential NULL pointer dereference in sum().
+
 - Issue #15905: Fix theoretical buffer overflow in handling of sys.argv[0],
   prefix and exec_prefix if the operation system does not obey MAXPATHLEN.
 
diff --git a/Python/bltinmodule.c b/Python/bltinmodule.c
index 4fe8dace59..b07ee8ec32 100644
--- a/Python/bltinmodule.c
+++ b/Python/bltinmodule.c
@@ -2009,6 +2009,11 @@ builtin_sum(PyObject *self, PyObject *args)
             }
             /* Either overflowed or is not an int. Restore real objects and process normally */
             result = PyLong_FromLong(i_result);
+            if (result == NULL) {
+                Py_DECREF(item);
+                Py_DECREF(iter);
+                return NULL;
+            }
             temp = PyNumber_Add(result, item);
             Py_DECREF(result);
             Py_DECREF(item);