[Libguestfs] [Bug #1406906] [PATCH] python: fix segmentation fault when setting non UTF-8 strings

Pino Toscano ptoscano at redhat.com
Wed May 3 16:02:14 UTC 2017 

On Tuesday, 25 April 2017 22:25:20 CEST Matteo Cafasso wrote:
> When constructing the returned objects, check the return value of
> Python APIs.
> 
> A RuntimeError will be raised on failure pointing to the problematic
> entry and the field name.
> 
> Signed-off-by: Matteo Cafasso <noxdafox at gmail.com>
> ---
>  generator/python.ml | 143 +++++++++++++++++++++++++++++++++++-----------------
>  1 file changed, 97 insertions(+), 46 deletions(-)
> 
> diff --git a/generator/python.ml b/generator/python.ml
> index 11dc48102..7d86131b1 100644
> --- a/generator/python.ml
> +++ b/generator/python.ml
> @@ -152,12 +152,20 @@ and generate_python_structs () =
>      pr "PyObject *\n";
>      pr "guestfs_int_py_put_%s_list (struct guestfs_%s_list *%ss)\n" typ typ typ;
>      pr "{\n";
> -    pr "  PyObject *list;\n";
> +    pr "  PyObject *list, *element;\n";
>      pr "  size_t i;\n";
>      pr "\n";
>      pr "  list = PyList_New (%ss->len);\n" typ;
> -    pr "  for (i = 0; i < %ss->len; ++i)\n" typ;
> -    pr "    PyList_SetItem (list, i, guestfs_int_py_put_%s (&%ss->val[i]));\n" typ typ;
> +    pr "  if (list == NULL) {\n";
> +    pr "    PyErr_SetString (PyExc_RuntimeError, \"PyList_New\");\n";

This should most probably:

  return PyErr_NoMemory();

as it sets the right exception for "no memory" situations.  Also all
the other NULL checks in this patch for PySomething*() APIs should do
the same.

> +    pr "    return NULL;\n";
> +    pr "  }\n";
> +    pr "  for (i = 0; i < %ss->len; ++i) {\n" typ;
> +    pr "    element = guestfs_int_py_put_%s (&%ss->val[i]);\n" typ typ;
> +    pr "    if (element == NULL)\n";
> +    pr "      return NULL;\n";

This leaks 'list'.  Similar situation also in other parts of this
patch.

Also, I guess also the other guestfs_int_* functions in python/handle.c
need similar checks/changes?

Moreover, can you please add a regression test for this? I.e. a new
python/t/test8xxSomething.py, formatted as PEP-8.  See the section
"ADDING A NEW LANGUAGE BINDING" in the docs/guestfs-hacking
documentation for the numbering of tests.

Thanks,
-- 
Pino Toscano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/libguestfs/attachments/20170503/6802d55d/attachment.sig>

More information about the Libguestfs mailing list