Bug report
Bug description:
In socketmodule.c, a call is made to PyThread_allocate_lock to allocate a lock, but its return value is not checked.
|
#if defined(USE_GETHOSTBYNAME_LOCK) |
|
netdb_lock = PyThread_allocate_lock(); |
|
#endif |
That same netdb_lock is later used without being checked for null-ness either.
|
#ifdef USE_GETHOSTBYNAME_LOCK |
|
PyThread_acquire_lock(netdb_lock, 1); |
|
#endif |
|
_Py_COMP_DIAG_PUSH |
|
_Py_COMP_DIAG_IGNORE_DEPR_DECLS |
|
h = gethostbyname(name); |
|
_Py_COMP_DIAG_POP |
|
#endif /* HAVE_GETHOSTBYNAME_R */ |
|
Py_END_ALLOW_THREADS |
|
/* Some C libraries would require addr.__ss_family instead of |
|
addr.ss_family. |
|
Therefore, we cast the sockaddr_storage into sockaddr to |
|
access sa_family. */ |
|
sa = SAS2SA(&addr); |
|
ret = gethost_common(state, h, SAS2SA(&addr), sizeof(addr), |
|
sa->sa_family); |
|
#ifdef USE_GETHOSTBYNAME_LOCK |
|
PyThread_release_lock(netdb_lock); |
|
#endif |
If PyThread_allocate_lock fails (due to being out of memory, that's the only failure case as far as I can tell), this will lead to a crash.
Backports
Once fix, the fix would have to be backported to 3.15 / 3.14 / 3.13 which have the same problem.
CPython versions tested on:
CPython main branch
Operating systems tested on:
Other, macOS
Linked PRs
Bug report
Bug description:
In
socketmodule.c, a call is made toPyThread_allocate_lockto allocate a lock, but its return value is not checked.cpython/Modules/socketmodule.c
Lines 9294 to 9296 in a189e3d
That same
netdb_lockis later used without being checked for null-ness either.cpython/Modules/socketmodule.c
Lines 6219 to 6237 in a189e3d
If
PyThread_allocate_lockfails (due to being out of memory, that's the only failure case as far as I can tell), this will lead to a crash.Backports
Once fix, the fix would have to be backported to 3.15 / 3.14 / 3.13 which have the same problem.
CPython versions tested on:
CPython main branch
Operating systems tested on:
Other, macOS
Linked PRs
PyThread_allocate_lockfornetdb_lock#150407