Bug 13331 - (cpychecker) Segfault in gdb/python/py-function.c:convert_values_to_python under low memory conditions
Summary: (cpychecker) Segfault in gdb/python/py-function.c:convert_values_to_python un...
Status: RESOLVED FIXED
Alias: None
Product: gdb
Classification: Unclassified
Component: python (show other bugs)
Version: HEAD
: P2 normal
Target Milestone: 7.4
Assignee: Phil Muldoon
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-10-21 21:21 UTC by Dave Malcolm
Modified: 2011-10-27 10:31 UTC (History)
1 user (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
HTML report showing the execution paths that can crash (2.59 KB, text/html)
2011-10-21 21:21 UTC, Dave Malcolm 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dave Malcolm 2011-10-21 21:21:38 UTC 
Created attachment 6025 [details]
HTML report showing the execution paths that can crash

convert_values_to_python doesn't check the return value from PyTuple_New, which can return NULL under low memory conditions.

If it returns NULL and argc > 0 then there are two different segfaults possible; see attached HTML.
Comment 1 Sourceware Commits 2011-10-27 10:30:02 UTC 
CVSROOT:	/cvs/src
Module name:	src
Changes by:	pmuldoon@sourceware.org	2011-10-27 10:29:58

Modified files:
	gdb            : ChangeLog 
	gdb/python     : py-function.c 

Log message:
	2011-10-27  Phil Muldoon  <pmuldoon@redhat.com>
	
	PR python/13331
	
	* python/py-function.c (fnpy_call): Check 'args' is not NULL.
	(convert_values_to_python): Return on Python tuple allocation
	failure.  Return NULL on value conversion error.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/ChangeLog.diff?cvsroot=src&r1=1.13464&r2=1.13465
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/python/py-function.c.diff?cvsroot=src&r1=1.10&r2=1.11
Comment 2 Phil Muldoon 2011-10-27 10:31:52 UTC 
Fixed and committed.