bpo-46561: Ensure operands to __get__ survive the call by tekknolagi · Pull Request #30979 · python/cpython
Callees can assume their parameters survive for the entire call. This violates that assumption and can cause a use-after-free. This is not an issue in CPython right now because later on in the interpreter __get__ fastcall path, the whole vector of arguments get INCREFed. However, if a program provides a different entrypoint for a vectorcall, it may crash.
facebook-github-bot pushed a commit to facebookincubator/cinder that referenced this pull request
Summary: Callees can assume their parameters survive for the entire call. This violates that assumption and can cause a use-after-free. Similar to D27254519. See python/cpython#30979. Reviewed By: swtaarrs Differential Revision: D33699901 fbshipit-source-id: 677d97d
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters