From: Neal Norwitz <nnorwitz@gmail.com>
Date: Sat, 12 Aug 2006 01:45:47 +0000 (+0000)
Subject: Even though _Py_Mangle() isn't truly public anyone can call it and
X-Git-Tag: v2.5c1~84
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=84167d09cd3e97bff3e750d0dcb0d2d440c6fc2e;p=python

Even though _Py_Mangle() isn't truly public anyone can call it and
there was no verification that privateobj was a PyString.  If it wasn't
a string, this could have allowed a NULL pointer to creep in below and crash.

I wonder if this should be PyString_CheckExact?  Must identifiers be strings
or can they be subclasses?

Klocwork #275
---

diff --git a/Python/compile.c b/Python/compile.c
index 6a9e8c9f7e..92eff00732 100644
--- a/Python/compile.c
+++ b/Python/compile.c
@@ -204,8 +204,8 @@ _Py_Mangle(PyObject *privateobj, PyObject *ident)
 	const char *p, *name = PyString_AsString(ident);
 	char *buffer;
 	size_t nlen, plen;
-	if (privateobj == NULL || name == NULL || name[0] != '_' ||
-            name[1] != '_') {
+	if (privateobj == NULL || !PyString_Check(privateobj) ||
+	    name == NULL || name[0] != '_' || name[1] != '_') {
 		Py_INCREF(ident);
 		return ident;
 	}