Skip to content

Static analysis reveals that tok_mode->last_expr_buffer[i] != '\0' && i < input_length is not safe #132769

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
sobolevn opened this issue Apr 21, 2025 · 0 comments
Closed

Static analysis reveals that tok_mode->last_expr_buffer[i] != '\0' && i < input_length is not safe #132769

sobolevn opened this issue Apr 21, 2025 · 0 comments
Assignees
@sobolevn
Labels
interpreter-core (Objects, Python, Grammar, and Parser dirs) topic-parser type-bug An unexpected behavior, bug, or error

Comments

@sobolevn
Copy link
Member

sobolevn commented Apr 21, 2025
edited by bedevere-app bot
Loading

Bug report

This code can be improved:

cpython/Parser/lexer/lexer.c

Line 143 in 132b6bc

while (tok_mode->last_expr_buffer[i] != '\0' && i < input_length) {

It would be safer to first check the value of i and then try to access [i] index. This way it is harder to get read out of bounds.

Found by PVS-Studio in https://habr.com/ru/companies/pvs-studio/articles/902048/

Linked PRs
@sobolevn sobolevn added interpreter-core (Objects, Python, Grammar, and Parser dirs) topic-parser type-bug An unexpected behavior, bug, or error labels Apr 21, 2025
@sobolevn sobolevn self-assigned this Apr 21, 2025
sobolevn added a commit to sobolevn/cpython that referenced this issue Apr 21, 2025
@sobolevn
pythongh-132769: Refactor possible read-out-of-bounds in lexer.c
a7f914d
@bedevere-app bedevere-app bot mentioned this issue Apr 21, 2025
Merged
sobolevn added a commit to sobolevn/cpython that referenced this issue Apr 21, 2025
@sobolevn
pythongh-132769: Refactor possible read-out-of-bounds in lexer.c
8768865
pablogsal pushed a commit that referenced this issue Apr 21, 2025
@sobolevn
gh-132769: Refactor possible read-out-of-bounds in lexer.c (#132770)
ea8ec95
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Apr 21, 2025
@sobolevn @miss-islington
pythongh-132769: Refactor possible read-out-of-bounds in lexer.c (p…
b19205b 
…ythonGH-132770)

(cherry picked from commit ea8ec95)

Co-authored-by: sobolevn <[email protected]>
@bedevere-app bedevere-app bot mentioned this issue Apr 21, 2025
Merged
sobolevn added a commit that referenced this issue Apr 21, 2025
@miss-islington @sobolevn
[3.13] gh-132769: Refactor possible read-out-of-bounds in lexer.c (G…
e140e6e 
…H-132770) (#132788)

gh-132769: Refactor possible read-out-of-bounds in `lexer.c` (GH-132770)
(cherry picked from commit ea8ec95)

Co-authored-by: sobolevn <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sobolevn sobolevn

Labels
interpreter-core (Objects, Python, Grammar, and Parser dirs) topic-parser type-bug An unexpected behavior, bug, or error
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sobolevn