Python Cryptography Toolkit

Segfaults within error-handling paths

Reported by Paul Howarth on 2012-02-17
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Python-Crypto
Undecided
Unassigned

Bug Description

Dave Malcolm, the python maintainer for the Fedora Linux distribution, has been writing an experimental static analysis tool to detect bugs commonly occurring within C Python extension modules:

  https://fedorahosted.org/gcc-python-plugin/
  http://gcc-python-plugin.readthedocs.org/en/latest/cpychecker.html

He ran the latest version of the tool on the Fedora pycrypto package (2.5) , and it reported various errors.

You can see a list of errors here, triaged into categories (from most significant to least significant):
http://fedorapeople.org/~dmalcolm/gcc-python-plugin/2012-02-14/python-crypto-2.5-1.fc17/

Note that the top-most bug there is a false positive (reported for "Segfaults in normal paths" - "Crypto.Random" always has a "new" member, though the checker can't know that).

He believes that the five errors reported within "Segfaults within error-handling paths" are genuine crashers, which could be seen under low memory conditions (there may of course be other bugs in his checker tool).

More information on this process can be found at:
http://fedoraproject.org/wiki/Features/StaticAnalysisOfPythonRefcounts

Dwayne Litzenberger (dlitz) wrote :
Changed in pycrypto:
status: New → Fix Committed
summary: - Segfaults in error-handling within pycrypto
+ Segfaults within error-handling paths
Dwayne Litzenberger (dlitz) wrote :

Fixed in PyCrypto 2.6.

Changed in pycrypto:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers