fix: avoid memory leak when decoding invalid nested arrays (#671)

KowalskiThomas · web-flow · commit 4a077456754a · 2026-05-27T18:04:24.000+09:00
diff --git a/msgpack/_unpacker.pyx b/msgpack/_unpacker.pyx
@@ -322,6 +322,7 @@ cdef class Unpacker:
         self.buf = NULL
 
     def __dealloc__(self):
+        unpack_clear(&self.ctx)
         PyMem_Free(self.buf)
         self.buf = NULL
 
diff --git a/msgpack/unpack_template.h b/msgpack/unpack_template.h
@@ -72,6 +72,14 @@ static inline PyObject* unpack_data(unpack_context* ctx)
 
 static inline void unpack_clear(unpack_context *ctx)
 {
+    unsigned int i;
+    for (i = 1; i < ctx->top; i++) {
+        Py_CLEAR(ctx->stack[i].obj);
+        /* map_key holds a live reference only while waiting for the value */
+        if (ctx->stack[i].ct == CT_MAP_VALUE) {
+            Py_CLEAR(ctx->stack[i].map_key);
+        }
+    }
     Py_CLEAR(ctx->stack[0].obj);
 }
 
diff --git a/test/test_except.py b/test/test_except.py
@@ -1,6 +1,8 @@
 #!/usr/bin/env python
 
 import datetime
+import gc
+import tracemalloc
 
 from pytest import raises
 
@@ -80,6 +82,39 @@ def test_invalidvalue():
         unpackb(b"\x91" * 3000)  # nested fixarray(len=1)
 
 
+def test_no_memory_leak_on_nested_invalid_tag() -> None:
+    """Regression test: unpacking nested arrays containing an invalid tag must not leak objects."""
+
+    kwargs: dict = {
+        "raw": False,
+        "strict_map_key": False,
+        "max_array_len": 1 << 20,
+        "max_map_len": 1 << 20,
+    }
+    n = 1000
+
+    for depth in range(1, 15):
+        data = bytes([0x91] * depth + [0xC1])
+
+        gc.collect()
+        tracemalloc.start()
+        s1 = tracemalloc.take_snapshot()
+
+        for _ in range(n):
+            try:
+                unpackb(data, **kwargs)
+            except Exception:
+                pass
+
+        gc.collect()
+        s2 = tracemalloc.take_snapshot()
+        tracemalloc.stop()
+
+        leaked = sum(s.count_diff for s in s2.compare_to(s1, "lineno") if s.count_diff > 0)
+        per_call = leaked / n
+        assert per_call < 1.0, f"depth={depth}: {per_call:.2f} leaked objects/call (expected < 1)"
+
+
 def test_strict_map_key():
     valid = {"unicode": 1, b"bytes": 2}
     packed = packb(valid, use_bin_type=True)

Original file line number	Diff line number	Diff line change
`@@ -72,6 +72,14 @@ static inline PyObject* unpack_data(unpack_context* ctx)`
`72`	`72`
`73`	`73`	`static inline void unpack_clear(unpack_context *ctx)`
`74`	`74`	`{`
	`75`	`+ unsigned int i;`
	`76`	`+ for (i = 1; i < ctx->top; i++) {`
	`77`	`+ Py_CLEAR(ctx->stack[i].obj);`
	`78`	`+ /* map_key holds a live reference only while waiting for the value */`
	`79`	`+ if (ctx->stack[i].ct == CT_MAP_VALUE) {`
	`80`	`+ Py_CLEAR(ctx->stack[i].map_key);`
	`81`	`+ }`
	`82`	`+ }`
`75`	`83`	`Py_CLEAR(ctx->stack[0].obj);`
`76`	`84`	`}`
`77`	`85`