◐ Shell
reader mode source ↗
Skip to content

gh-144475: Fix a heap buffer overflow in partial_repr#145362

Merged
encukou merged 5 commits into
python:mainfrom
brijkapadia:partial-repr
Mar 3, 2026
Merged

gh-144475: Fix a heap buffer overflow in partial_repr#145362
encukou merged 5 commits into
python:mainfrom
brijkapadia:partial-repr

Conversation

@brijkapadia

@brijkapadia brijkapadia commented Feb 28, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

This is a cleaner version of PR #144571. I am not exactly sure what happened in #144571 so I would appreciate if anyone could tell me so I don't make the same mistake again.

Here are the changes I made:

  • I added an args and kw local pointer so that both live long enough during the call to repr to prevent a segfault
  • I added an fn local pointer so that repr uses its original state when generating its final representation.
  • I got rid of the error goto and merged it with the done goto as I needed to decrement the reference count of fn, args, and kw, and I found that decrementing them in the done goto was the easiest.
  • I added a test based on @Qanux's original code. I extended it to also check for changes in the fn and kw arguments.

aisk
aisk reviewed Feb 28, 2026
View reviewed changes

@aisk aisk left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hide comment

Sorry, the approval is by accidant. I don't mean to approve this, just have comments this.

@bedevere-app bedevere-app Bot mentioned this pull request Feb 28, 2026
Closed
@aisk aisk self-requested a review February 28, 2026 17:23
@StanFromIreland StanFromIreland changed the title gh-144475: Fix a heap buffer overflow in partial_repr (v2) Feb 28, 2026
encukou
encukou reviewed Mar 2, 2026
View reviewed changes

@encukou encukou left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hide comment

I am not exactly sure what happened in #144571 so I would appreciate if anyone could tell me so I don't make the same mistake again.

Looks like a bad git rebase.
You don't need rebase in CPython, since the PRs are squashed.

@aisk aisk mentioned this pull request Mar 2, 2026
Closed
@brijkapadia brijkapadia mentioned this pull request Mar 3, 2026
Closed
@encukou encukou enabled auto-merge (squash) March 3, 2026 13:20
@encukou encukou added needs backport to 3.13 bugs and security fixes needs backport to 3.14 bugs and security fixes labels Mar 3, 2026
Hide details View details @encukou encukou merged commit 671a953 into python:main Mar 3, 2026
55 checks passed
@miss-islington-app

miss-islington-app Bot commented Mar 3, 2026

Copy link
Copy Markdown

Thanks @bkap123 for the PR, and @encukou for merging it 🌮🎉.. I'm working now to backport this PR to: 3.13, 3.14.
🐍🍒⛏🤖

miss-islington pushed a commit to miss-islington/cpython that referenced this pull request Mar 3, 2026
@brijkapadia @miss-islington
pythongh-144475: Fix reference management in partial_repr (pythonGH-1…
cac1a91 
…45362)

(cherry picked from commit 671a953)

Co-authored-by: bkap123 <97006829+bkap123@users.noreply.github.com>
@miss-islington-app

miss-islington-app Bot commented Mar 3, 2026

Copy link
Copy Markdown

Sorry, @bkap123 and @encukou, I could not cleanly backport this to 3.13 due to a conflict.
Please backport using cherry_picker on command line.

cherry_picker 671a953dd65292a5b69ba7393666ddcac93dbc44 3.13

@bedevere-app

bedevere-app Bot commented Mar 3, 2026

Copy link
Copy Markdown

GH-145470 is a backport of this pull request to the 3.14 branch.

@bedevere-app bedevere-app Bot removed the needs backport to 3.14 bugs and security fixes label Mar 3, 2026
@brijkapadia brijkapadia deleted the partial-repr branch March 3, 2026 13:56
@brijkapadia brijkapadia mentioned this pull request Mar 3, 2026
Closed
encukou pushed a commit that referenced this pull request Mar 3, 2026
@miss-islington @brijkapadia
[3.14] gh-144475: Fix reference management in partial_repr (GH-145362) (
3c99c16 
GH-145470)

(cherry picked from commit 671a953)

Co-authored-by: bkap123 <97006829+bkap123@users.noreply.github.com>
brijkapadia added a commit to brijkapadia/cpython that referenced this pull request Mar 12, 2026
@brijkapadia
[3.13] pythongh-144475: Fix reference management in partial_repr (pyt…
bcce928 
…honGH-145362)

(cherry picked from commit 671a953)

Co-authored-by: bkap123 <97006829+bkap123@users.noreply.github.com>
@bedevere-app

bedevere-app Bot commented Mar 12, 2026

Copy link
Copy Markdown

GH-145882 is a backport of this pull request to the 3.13 branch.

@bedevere-app bedevere-app Bot removed the needs backport to 3.13 bugs and security fixes label Mar 12, 2026
Yhg1s pushed a commit that referenced this pull request Mar 24, 2026
@brijkapadia
[3.13] gh-144475: Fix reference management in partial_repr (GH-145362) (
4e37207 
#145882)

(cherry picked from commit 671a953)
ljfp pushed a commit to ljfp/cpython that referenced this pull request Apr 25, 2026
@brijkapadia @ljfp
pythongh-144475: Fix reference management in partial_repr (pythonGH-1…
30fb67d 
…45362)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@encukou encukou encukou approved these changes

@rhettinger rhettinger Awaiting requested review from rhettinger rhettinger is a code owner

@aisk aisk Awaiting requested review from aisk

Assignees

@encukou encukou

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@brijkapadia @encukou @aisk