about truly wrong code.
Checkin comment from 51262:
Can't return NULL from a void function. If there is a memory error,
about the best we can do is call PyErr_WriteUnraisable and go on.
We won't be able to do the call below either, so verify delstr is valid.
fixing an unlikely crash bug in dict resizing, SF
bug 1456209.
The rest of rev 46589 changes whether Python suppresses
exceptions during some dict-related comparisons. While I
think that's a good idea, it does change visible behavior at
times, and there was already some complaining about that on
the trunk. Not a good idea for backporting. The part of
46589 checked in here can at worst stop segfaults, and I doubt
anyone will gripe about that ;-)
Fix problems found by Coverity.
longobject.c: also fix an ssize_t problem
<a> could have been NULL, so hoist the size calc to not use <a>.
[The ssize_t change isn't needed for 2.4. The other changes in this revision
are to modules not present in 2.4. --amk]
Fix three nits found by Coverity, adding null checks and comments.
[This commit only makes two changes. One change in the original patch
is just adding a comment, and another adds a 'base != NULL' check to
silence Coverity, but a comment adds that that base is never going to
be NULL. I didn't backport that change. --amk]
backported.]
Use sizeof(buffer) instead of duplicating the constants to ensure they won't
be wrong.
The real change is to pass (bufsz - 1) to PyOS_ascii_formatd and 1
to strncat. strncat copies n+1 bytes from src (not dest).
Reported by Klocwork #58.
PyFunction_SetDefaults() is documented as taking None or a tuple.
A NULL would crash the PyTuple_Check(). Now make NULL return a SystemError.
Reported by Klocwork #73.
Handle a whole lot of failures from PyString_FromInternedString().
Should fix most of Klocwork 234-272.
[Backport r51400 | neal.norwitz]
Move initialization of interned strings to before allocating the
object so we don't leak op. (Fixes an earlier patch to this code)
Klockwork #350
and _elementtree.c weren't applicable]
Klocwork made another run and found a bunch more problems.
This is the first batch of fixes that should be easy to verify based on context.
This fixes problem numbers: 220 (ast), 323-324 (symtable),
321-322 (structseq), 215 (array), 210 (hotshot), 182 (codecs), 209 (etree).
* unified the way intobject, longobject and mystrtoul handle
values around -sys.maxint-1.
* in general, trying to entierely avoid overflows in any computation
involving signed ints or longs is extremely involved. Fixed a few
simple cases where a compiler might be too clever (but that's all
guesswork).
* more overflow checks against bad data in marshal.c.
Move the initialization of size_a down below the check for a being NULL.
Reported by Klocwork #106.
[Slight change required: in 2.5 Py_ssize_t is used, but 2.4 uses int.]
Stop INCREFing name, then checking if it's NULL. name (f_name) should never
be NULL so assert it. Fix one place where we could have passed NULL.
Reported by Klocwork #66.
i_divmod(): As discussed on Python-Dev, changed the overflow
checking to live happily with recent gcc optimizations that
assume signed integer arithmetic never overflows.
