gh-78724: raise RuntimeError's when calling methods on non-ready Struct()'s #143643
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| Fix use-after-free in :meth:`struct.Struct.pack` when the | ||
| :class:`struct.Struct` object is mutated by dunder methods (like | ||
| :meth:`object.__bool__`) during packing of arguments. Now this trigger | ||
| :exc:`RuntimeError`. Patch by Sergey B Kirpichev. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| Prevent crashes due to using half-initialized :class:`~struct.Struct` | ||
| objects. For example, created by ``Struct.__new__(Struct)``. Calling the | ||
| ``Struct.__new__()`` dunder without required argument now is deprecated. | ||
| Calling :meth:`~object.__init__` dunder method of :class:`~struct.Struct` | ||
| object on initialized object now also is deprecated. Patch by Sergey B | ||
| Kirpichev. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -70,6 +70,8 @@ typedef struct { | |
| formatcode *s_codes; | ||
| PyObject *s_format; | ||
| PyObject *weakreflist; /* List of weak references */ | ||
| PyMutex mutex; /* to prevent mutation during packing */ | ||
| bool ready; | ||
|
skirpichev marked this conversation as resolved.
Outdated
|
||
| } PyStructObject; | ||
|
|
||
| #define PyStructObject_CAST(op) ((PyStructObject *)(op)) | ||
|
|
@@ -1762,6 +1764,12 @@ s_new(PyTypeObject *type, PyObject *args, PyObject *kwds) | |
| { | ||
| PyObject *self; | ||
|
|
||
| if (PyTuple_GET_SIZE(args) != 1 | ||
|
Member
There was a problem hiding this comment. I do not see how can this be useful.
Member
Author
There was a problem hiding this comment. This is to trigger deprecation warning in a following scenario: >>> import struct
>>> class MyStruct(struct.Struct):
... def __init__(self):
... super().__init__('>h')
...
>>> my_struct = MyStruct()
<python-input-2>:1: DeprecationWarning: Struct().__new__() has one required argumentPS: deprecation part moved to #143659. |
||
| && PyErr_WarnEx(PyExc_DeprecationWarning, | ||
| "Struct().__new__() has one required argument", 1)) | ||
| { | ||
| return NULL; | ||
| } | ||
| assert(type != NULL); | ||
| allocfunc alloc_func = PyType_GetSlot(type, Py_tp_alloc); | ||
| assert(alloc_func != NULL); | ||
|
|
@@ -1773,6 +1781,8 @@ s_new(PyTypeObject *type, PyObject *args, PyObject *kwds) | |
| s->s_codes = NULL; | ||
| s->s_size = -1; | ||
| s->s_len = -1; | ||
| s->mutex = (PyMutex){0}; | ||
| s->ready = false; | ||
| } | ||
| return self; | ||
| } | ||
|
|
@@ -1794,8 +1804,13 @@ static int | |
| Struct___init___impl(PyStructObject *self, PyObject *format) | ||
| /*[clinic end generated code: output=b8e80862444e92d0 input=192a4575a3dde802]*/ | ||
| { | ||
|
skirpichev marked this conversation as resolved.
|
||
| if (self->ready | ||
| && PyErr_WarnEx(PyExc_DeprecationWarning, | ||
| ("Explicit call of __init__() on " | ||
| "initialized Struct()"), 1)) | ||
|
skirpichev marked this conversation as resolved.
Outdated
|
||
| { | ||
| return -1; | ||
| } | ||
| if (PyUnicode_Check(format)) { | ||
| format = PyUnicode_AsASCIIString(format); | ||
| if (format == NULL) | ||
|
|
@@ -1816,8 +1831,16 @@ Struct___init___impl(PyStructObject *self, PyObject *format) | |
|
|
||
| Py_SETREF(self->s_format, format); | ||
|
|
||
| if (PyMutex_IsLocked(&self->mutex)) { | ||
| PyErr_SetString(PyExc_RuntimeError, | ||
| "Call Struct.__init__() in struct.pack()"); | ||
| return -1; | ||
| } | ||
| if (prepare_s(self)) { | ||
| return -1; | ||
| } | ||
| self->ready = true; | ||
| return 0; | ||
| } | ||
|
|
||
| static int | ||
|
|
@@ -1917,6 +1940,10 @@ Struct_unpack_impl(PyStructObject *self, Py_buffer *buffer) | |
| /*[clinic end generated code: output=873a24faf02e848a input=3113f8e7038b2f6c]*/ | ||
| { | ||
| _structmodulestate *state = get_struct_state_structinst(self); | ||
| if (!self->ready) { | ||
| PyErr_SetString(PyExc_RuntimeError, "Call unpack on non-initialized Struct()"); | ||
| return NULL; | ||
| } | ||
| assert(self->s_codes != NULL); | ||
|
skirpichev marked this conversation as resolved.
Outdated
|
||
| if (buffer->len != self->s_size) { | ||
| PyErr_Format(state->StructError, | ||
|
|
@@ -1949,6 +1976,10 @@ Struct_unpack_from_impl(PyStructObject *self, Py_buffer *buffer, | |
| /*[clinic end generated code: output=57fac875e0977316 input=cafd4851d473c894]*/ | ||
| { | ||
| _structmodulestate *state = get_struct_state_structinst(self); | ||
| if (!self->ready) { | ||
|
skirpichev marked this conversation as resolved.
Outdated
|
||
| PyErr_SetString(PyExc_RuntimeError, "Call unpack_from on non-initialized Struct()"); | ||
| return NULL; | ||
| } | ||
| assert(self->s_codes != NULL); | ||
|
|
||
| if (offset < 0) { | ||
|
|
@@ -2101,6 +2132,10 @@ Struct_iter_unpack_impl(PyStructObject *self, PyObject *buffer) | |
| { | ||
| _structmodulestate *state = get_struct_state_structinst(self); | ||
| unpackiterobject *iter; | ||
| if (!self->ready) { | ||
| PyErr_SetString(PyExc_RuntimeError, "Call iter_unpack on non-initialized Struct()"); | ||
| return NULL; | ||
| } | ||
|
|
||
| assert(self->s_codes != NULL); | ||
|
|
||
|
|
@@ -2139,7 +2174,7 @@ Struct_iter_unpack_impl(PyStructObject *self, PyObject *buffer) | |
| * argument for where to start processing the arguments for packing, and a | ||
| * character buffer for writing the packed string. The caller must insure | ||
| * that the buffer may contain the required length for packing the arguments. | ||
| * 0 is returned on success, -1 is returned if there is an error. | ||
| * | ||
| */ | ||
| static int | ||
|
|
@@ -2242,6 +2277,10 @@ s_pack(PyObject *self, PyObject *const *args, Py_ssize_t nargs) | |
|
|
||
| /* Validate arguments. */ | ||
| soself = PyStructObject_CAST(self); | ||
| if (!soself->ready) { | ||
| PyErr_SetString(PyExc_RuntimeError, "Call pack on non-initialized Struct()"); | ||
| return NULL; | ||
| } | ||
| assert(PyStruct_Check(self, state)); | ||
| assert(soself->s_codes != NULL); | ||
| if (nargs != soself->s_len) | ||
|
|
@@ -2259,10 +2298,13 @@ s_pack(PyObject *self, PyObject *const *args, Py_ssize_t nargs) | |
| char *buf = PyBytesWriter_GetData(writer); | ||
|
|
||
| /* Call the guts */ | ||
| PyMutex_Lock(&soself->mutex); | ||
| if ( s_pack_internal(soself, args, 0, buf, state) != 0 ) { | ||
| PyMutex_Unlock(&soself->mutex); | ||
| PyBytesWriter_Discard(writer); | ||
| return NULL; | ||
| } | ||
| PyMutex_Unlock(&soself->mutex); | ||
|
|
||
| return PyBytesWriter_FinishWithSize(writer, soself->s_size); | ||
| } | ||
|
|
@@ -2285,6 +2327,10 @@ s_pack_into(PyObject *self, PyObject *const *args, Py_ssize_t nargs) | |
|
|
||
| /* Validate arguments. +1 is for the first arg as buffer. */ | ||
| soself = PyStructObject_CAST(self); | ||
| if (!soself->ready) { | ||
| PyErr_SetString(PyExc_RuntimeError, "Call pack_into on non-initialized Struct()"); | ||
| return NULL; | ||
| } | ||
| assert(PyStruct_Check(self, state)); | ||
| assert(soself->s_codes != NULL); | ||
| if (nargs != (soself->s_len + 2)) | ||
|
|
@@ -2360,11 +2406,13 @@ s_pack_into(PyObject *self, PyObject *const *args, Py_ssize_t nargs) | |
| } | ||
|
|
||
| /* Call the guts */ | ||
| PyMutex_Lock(&soself->mutex); | ||
| if (s_pack_internal(soself, args, 2, (char*)buffer.buf + offset, state) != 0) { | ||
| PyMutex_Unlock(&soself->mutex); | ||
| PyBuffer_Release(&buffer); | ||
| return NULL; | ||
| } | ||
| PyMutex_Unlock(&soself->mutex); | ||
| PyBuffer_Release(&buffer); | ||
| Py_RETURN_NONE; | ||
| } | ||
|
|
||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.