From: Neal Norwitz Date: Sat, 12 Aug 2006 01:45:47 +0000 (+0000) Subject: Even though _Py_Mangle() isn't truly public anyone can call it and X-Git-Tag: v2.5c1~84 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=84167d09cd3e97bff3e750d0dcb0d2d440c6fc2e;p=python Even though _Py_Mangle() isn't truly public anyone can call it and there was no verification that privateobj was a PyString. If it wasn't a string, this could have allowed a NULL pointer to creep in below and crash. I wonder if this should be PyString_CheckExact? Must identifiers be strings or can they be subclasses? Klocwork #275 --- diff --git a/Python/compile.c b/Python/compile.c index 6a9e8c9f7e..92eff00732 100644 --- a/Python/compile.c +++ b/Python/compile.c @@ -204,8 +204,8 @@ _Py_Mangle(PyObject *privateobj, PyObject *ident) const char *p, *name = PyString_AsString(ident); char *buffer; size_t nlen, plen; - if (privateobj == NULL || name == NULL || name[0] != '_' || - name[1] != '_') { + if (privateobj == NULL || !PyString_Check(privateobj) || + name == NULL || name[0] != '_' || name[1] != '_') { Py_INCREF(ident); return ident; }