invalid arguments for _stackless._wrap.frame.setstate() cause segfault in frame_dealloc() line "Py_DECREF(f->f_globals);"

Question

invalid arguments for _stackless._wrap.frame.setstate() cause segfault in frame_dealloc() line "Py_DECREF(f->f_globals);"

akruis opened this issue 3 years ago · 1 comments

I found a crasher. Calling _stackless._wrap.frame.__setstate__() (C-function frame_setstate()) with invalid arguments leads to a NULL pointer access later on.

frame_setstate() clears f->f_globals and later sets f->f_globals to a new value. If frame_setstate() fails between this points, f->f_globals is NULL and this is not expected by frame_dealloc(). The fix is trivial.

akruis commented 3 years ago

Fixed.