Segfaults within error-handling paths
Dave Malcolm, the python maintainer for the Fedora Linux distribution, has been writing an experimental static analysis tool to detect bugs commonly occurring within C Python extension modules:
He ran the latest version of the tool on the Fedora pycrypto package (2.5) , and it reported various errors.
You can see a list of errors here, triaged into categories (from most significant to least significant):
Note that the top-most bug there is a false positive (reported for "Segfaults in normal paths" - "Crypto.Random" always has a "new" member, though the checker can't know that).
He believes that the five errors reported within "Segfaults within error-handling paths" are genuine crashers, which could be seen under low memory conditions (there may of course be other bugs in his checker tool).
More information on this process can be found at:
- Segfaults in error-handling within pycrypto
+ Segfaults within error-handling paths