Skip to content

Commit 222f10c

Browse files
authored
GH-96569: Add two NULL checks to avoid undefined behavior. (GH-96585)
1 parent cd0ff9b commit 222f10c

File tree

3 files changed

+13
-10
lines changed

3 files changed

+13
-10
lines changed

Include/internal/pycore_frame.h

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -190,11 +190,16 @@ _PyFrame_FastToLocalsWithError(_PyInterpreterFrame *frame);
190190
void
191191
_PyFrame_LocalsToFast(_PyInterpreterFrame *frame, int clear);
192192

193-
194193
static inline bool
195194
_PyThreadState_HasStackSpace(PyThreadState *tstate, int size)
196195
{
197-
return tstate->datastack_top + size < tstate->datastack_limit;
196+
assert(
197+
(tstate->datastack_top == NULL && tstate->datastack_limit == NULL)
198+
||
199+
(tstate->datastack_top != NULL && tstate->datastack_limit != NULL)
200+
);
201+
return tstate->datastack_top != NULL &&
202+
size < tstate->datastack_limit - tstate->datastack_top;
198203
}
199204

200205
extern _PyInterpreterFrame *
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Remove two cases of undefined behavoir, by adding NULL checks.

Python/pystate.c

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2195,15 +2195,12 @@ _PyInterpreterFrame *
21952195
_PyThreadState_PushFrame(PyThreadState *tstate, size_t size)
21962196
{
21972197
assert(size < INT_MAX/sizeof(PyObject *));
2198-
PyObject **base = tstate->datastack_top;
2199-
PyObject **top = base + size;
2200-
if (top >= tstate->datastack_limit) {
2201-
base = push_chunk(tstate, (int)size);
2198+
if (_PyThreadState_HasStackSpace(tstate, (int)size)) {
2199+
_PyInterpreterFrame *res = (_PyInterpreterFrame *)tstate->datastack_top;
2200+
tstate->datastack_top += size;
2201+
return res;
22022202
}
2203-
else {
2204-
tstate->datastack_top = top;
2205-
}
2206-
return (_PyInterpreterFrame *)base;
2203+
return (_PyInterpreterFrame *)push_chunk(tstate, (int)size);
22072204
}
22082205

22092206
void

0 commit comments

Comments
 (0)