Mercurial > hg-stable
changeset 38783:91477b123700 stable
base85: fix leak on error return from b85decode()
Spotted by ASAN.
We don't need to initialize 'out' to NULL, but I decided to do that for
clarity.
author | Yuya Nishihara <yuya@tcha.org> |
---|---|
date | Wed, 05 Sep 2018 20:57:38 +0900 |
parents | e574cae381b6 |
children | ad76032d27da |
files | mercurial/cext/base85.c |
diffstat | 1 files changed, 16 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/cext/base85.c Tue Sep 04 11:59:12 2018 -0400 +++ b/mercurial/cext/base85.c Wed Sep 05 20:57:38 2018 +0900 @@ -77,7 +77,7 @@ static PyObject *b85decode(PyObject *self, PyObject *args) { - PyObject *out; + PyObject *out = NULL; const char *text; char *dst; Py_ssize_t len, i, j, olen, cap; @@ -104,27 +104,33 @@ cap = 4; for (j = 0; j < cap; i++, j++) { c = b85dec[(int)*text++] - 1; - if (c < 0) - return PyErr_Format( + if (c < 0) { + PyErr_Format( PyExc_ValueError, "bad base85 character at position %d", (int)i); + goto bail; + } acc = acc * 85 + c; } if (i++ < len) { c = b85dec[(int)*text++] - 1; - if (c < 0) - return PyErr_Format( + if (c < 0) { + PyErr_Format( PyExc_ValueError, "bad base85 character at position %d", (int)i); + goto bail; + } /* overflow detection: 0xffffffff == "|NsC0", * "|NsC" == 0x03030303 */ - if (acc > 0x03030303 || (acc *= 85) > 0xffffffff - c) - return PyErr_Format( + if (acc > 0x03030303 || (acc *= 85) > 0xffffffff - c) { + PyErr_Format( PyExc_ValueError, "bad base85 sequence at position %d", (int)i); + goto bail; + } acc += c; } @@ -141,6 +147,9 @@ } return out; +bail: + Py_XDECREF(out); + return NULL; } static char base85_doc[] = "Base85 Data Encoding";