Skip to content

gh-148222 Fix Null dereference bugs at genericaliasobject.c#148226

Open
prakashsellathurai wants to merge 10 commits intopython:mainfrom
prakashsellathurai:fix/148222
Open

gh-148222 Fix Null dereference bugs at genericaliasobject.c#148226
prakashsellathurai wants to merge 10 commits intopython:mainfrom
prakashsellathurai:fix/148222

Conversation

@prakashsellathurai
Copy link
Copy Markdown

@prakashsellathurai prakashsellathurai commented Apr 7, 2026
edited by bedevere-app bot
Loading

@bedevere-app bedevere-app bot mentioned this pull request Apr 7, 2026
Open
JelleZijlstra
JelleZijlstra reviewed Apr 7, 2026
View reviewed changes
Objects/genericaliasobject.c Outdated
if (_PyTuple_Resize(&parameters, len) < 0) {
Py_DECREF(subparams);
Py_DECREF(parameters);
Py_XDECREF(parameters);
Copy link
Copy Markdown
Member

@JelleZijlstra JelleZijlstra Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apparently _PyTuple_Resize sets its arg to NULL on failures, so this will never be non-NULL. Possibly the only safe way to use _PyTuple_Resize is to keep another pointer to the tuple around and DECREF that on failure? I haven't verified in the code though.

Copy link
Copy Markdown
Member

@serhiy-storchaka serhiy-storchaka Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Simply remove this line.

Copy link
Copy Markdown
Author

@prakashsellathurai prakashsellathurai Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes

checked in

cpython/Objects/tupleobject.c

Line 1024 in 2c8f26c

Py_XDECREF(v);

removing the redundant Py_XDECREF call

JelleZijlstra
JelleZijlstra reviewed Apr 7, 2026
View reviewed changes
Objects/genericaliasobject.c Outdated
{
gaobject *alias = (gaobject *) self;
PyObject *obj = PyVectorcall_Function(alias->origin)(alias->origin, args, nargsf, kwnames);
vectorcallfunc origin_vectorcall = PyVectorcall_Function(alias->origin);
Copy link
Copy Markdown
Member

@JelleZijlstra JelleZijlstra Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The docs say this is primarily useful for checking whether a callable supports vectorcall. Why don't we unconditionally call PyObject_Vectorcall, which automatically falls back to non-vectorcall if needed?

Copy link
Copy Markdown
Author

@prakashsellathurai prakashsellathurai Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense
I checked the code flow PyObject_Vectorcall internally calls https://github.com/python/cpython/blob/main/Include/internal/pycore_call.h#L140-L142 PyVectorcall_Function

i will update the code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JelleZijlstra JelleZijlstra Awaiting requested review from JelleZijlstra

@serhiy-storchaka serhiy-storchaka Awaiting requested review from serhiy-storchaka

Assignees

No one assigned

Labels

awaiting review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@prakashsellathurai @JelleZijlstra @serhiy-storchaka