bpo-15108: Prevent accessing the result tuple from Python in PySequence_Tuple#24510
bpo-15108: Prevent accessing the result tuple from Python in PySequence_Tuple#24510pablogsal wants to merge 1 commit intopython:masterfrom
Conversation
|
|
||
| // bpo-15108: Code can access the result tuple while being | ||
| // incomplete when calling PyIter_Next(). | ||
| PyObject_GC_UnTrack(result); |
There was a problem hiding this comment.
I would prefer to add a new API to create an untracked tuple: https://bugs.python.org/issue15108#msg387029
There was a problem hiding this comment.
Let's discuss int the issue, then I can modify the PR :)
|
FWIW: Traditionally any "crasher" that depended on gc.get_referrers was not considered a bug. These do not seem to affect "normal code" and are hard to fix without doing brain surgery to Python. |
|
Yeah, I have to say that I am not very convinced about this change because it also fixes a bigger problem only on one place. What worries me the most here is not using |
5 participants
https://bugs.python.org/issue15108