Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Python>
  3. Checkins
python/dist/src/Objects obmalloc.c,2.43,2.44
tim_one at sourceforge
Apr 27, 2002, 11:14 PM
Post #1 of 1 (8 views)
Permalink
Update of /cvsroot/python/python/dist/src/Objects
In directory usw-pr-cvs1:/tmp/cvs-serv22851/python/Objects

Modified Files:
obmalloc.c
Log Message:
_PyObject_DebugCheckAddress(): If the leading pad bytes are corrupt,
display a msg warning that the count of bytes requested may be bogus,
and that a segfault may happen next.


Index: obmalloc.c
===================================================================
RCS file: /cvsroot/python/python/dist/src/Objects/obmalloc.c,v
retrieving revision 2.43
retrieving revision 2.44
diff -C2 -d -r2.43 -r2.44
*** obmalloc.c 18 Apr 2002 22:25:03 -0000 2.43
--- obmalloc.c 28 Apr 2002 06:14:45 -0000 2.44
***************
*** 1071,1074 ****
--- 1071,1076 ----
const uchar *q = (const uchar *)p;
char *msg;
+ ulong nbytes;
+ const uchar *tail;
int i;

***************
*** 1078,1081 ****
--- 1080,1087 ----
}

+ /* Check the stuff at the start of p first: if there's underwrite
+ * corruption, the number-of-bytes field may be nuts, and checking
+ * the tail could lead to a segfault then.
+ */
for (i = 4; i >= 1; --i) {
if (*(q-i) != FORBIDDENBYTE) {
***************
*** 1085,1096 ****
}

! {
! const ulong nbytes = read4(q-8);
! const uchar *tail = q + nbytes;
! for (i = 0; i < 4; ++i) {
! if (tail[i] != FORBIDDENBYTE) {
! msg = "bad trailing pad byte";
! goto error;
! }
}
}
--- 1091,1100 ----
}

! nbytes = read4(q-8);
! tail = q + nbytes;
! for (i = 0; i < 4; ++i) {
! if (tail[i] != FORBIDDENBYTE) {
! msg = "bad trailing pad byte";
! goto error;
}
}
***************
*** 1119,1131 ****
fprintf(stderr, " %lu bytes originally requested\n", nbytes);

! /* In case this is nuts, check the pad bytes before trying to read up
! the serial number (the address deref could blow up). */
!
! fputs(" the 4 pad bytes at p-4 are ", stderr);
if (*(q-4) == FORBIDDENBYTE &&
*(q-3) == FORBIDDENBYTE &&
*(q-2) == FORBIDDENBYTE &&
*(q-1) == FORBIDDENBYTE) {
! fputs("FORBIDDENBYTE, as expected\n", stderr);
}
else {
--- 1123,1133 ----
fprintf(stderr, " %lu bytes originally requested\n", nbytes);

! /* In case this is nuts, check the leading pad bytes first. */
! fputs(" The 4 pad bytes at p-4 are ", stderr);
if (*(q-4) == FORBIDDENBYTE &&
*(q-3) == FORBIDDENBYTE &&
*(q-2) == FORBIDDENBYTE &&
*(q-1) == FORBIDDENBYTE) {
! fputs("FORBIDDENBYTE, as expected.\n", stderr);
}
else {
***************
*** 1139,1151 ****
fputc('\n', stderr);
}
}

tail = q + nbytes;
! fprintf(stderr, " the 4 pad bytes at tail=%p are ", tail);
if (tail[0] == FORBIDDENBYTE &&
tail[1] == FORBIDDENBYTE &&
tail[2] == FORBIDDENBYTE &&
tail[3] == FORBIDDENBYTE) {
! fputs("FORBIDDENBYTE, as expected\n", stderr);
}
else {
--- 1141,1158 ----
fputc('\n', stderr);
}
+
+ fputs(" Because memory is corrupted at the start, the "
+ "count of bytes requested\n"
+ " may be bogus, and checking the trailing pad "
+ "bytes may segfault.\n", stderr);
}

tail = q + nbytes;
! fprintf(stderr, " The 4 pad bytes at tail=%p are ", tail);
if (tail[0] == FORBIDDENBYTE &&
tail[1] == FORBIDDENBYTE &&
tail[2] == FORBIDDENBYTE &&
tail[3] == FORBIDDENBYTE) {
! fputs("FORBIDDENBYTE, as expected.\n", stderr);
}
else {
***************
*** 1163,1172 ****

serial = read4(tail+4);
! fprintf(stderr, " the block was made by call #%lu to "
! "debug malloc/realloc\n", serial);

if (nbytes > 0) {
int i = 0;
! fputs(" data at p:", stderr);
/* print up to 8 bytes at the start */
while (q < tail && i < 8) {
--- 1170,1179 ----

serial = read4(tail+4);
! fprintf(stderr, " The block was made by call #%lu to "
! "debug malloc/realloc.\n", serial);

if (nbytes > 0) {
int i = 0;
! fputs(" Data at p:", stderr);
/* print up to 8 bytes at the start */
while (q < tail && i < 8) {

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal