From 451f0fa37ee8e57627edd6cfa6e44208ece75eee Mon Sep 17 00:00:00 2001 From: Zackery Spytz Date: Tue, 14 Aug 2018 03:53:11 -0600 Subject: [PATCH 1/2] bpo-34400: Fix undefined behavior in parsetok() --- .../Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst | 1 + Parser/parsetok.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst b/Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst new file mode 100644 index 00000000000000..768f5a26c1a6b8 --- /dev/null +++ b/Misc/NEWS.d/next/Core and Builtins/2018-08-14-03-52-43.bpo-34400.AJD0bz.rst @@ -0,0 +1 @@ +Fix undefined behavior in parsetok.c. Patch by Zackery Spytz. diff --git a/Parser/parsetok.c b/Parser/parsetok.c index 00d741d2217e8f..c725d6c91fe393 100644 --- a/Parser/parsetok.c +++ b/Parser/parsetok.c @@ -225,7 +225,7 @@ parsetok(struct tok_state *tok, grammar *g, int start, perrdetail *err_ret, } else started = 1; - len = b - a; /* XXX this may compute NULL - NULL */ + len = a != NULL && b != NULL ? b - a : 0; str = (char *) PyObject_MALLOC(len + 1); if (str == NULL) { err_ret->error = E_NOMEM; From b20b84b18352f73948d4f272cab23e04da60fe9d Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Tue, 14 Aug 2018 23:15:00 -0700 Subject: [PATCH 2/2] add parens --- Parser/parsetok.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Parser/parsetok.c b/Parser/parsetok.c index c725d6c91fe393..b9c9fe8fa8c29e 100644 --- a/Parser/parsetok.c +++ b/Parser/parsetok.c @@ -225,7 +225,7 @@ parsetok(struct tok_state *tok, grammar *g, int start, perrdetail *err_ret, } else started = 1; - len = a != NULL && b != NULL ? b - a : 0; + len = (a != NULL && b != NULL) ? b - a : 0; str = (char *) PyObject_MALLOC(len + 1); if (str == NULL) { err_ret->error = E_NOMEM;