Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segfault if pysqlite_Row->description == PyNone #129603

Open
erlend-aasland opened this issue Feb 3, 2025 · 0 comments · May be fixed by #129604
Open

Segfault if pysqlite_Row->description == PyNone #129603

erlend-aasland opened this issue Feb 3, 2025 · 0 comments · May be fixed by #129604
Assignees
@erlend-aasland
Labels
extension-modules C modules in the Modules dir topic-sqlite3 type-crash A hard crash of the interpreter, possibly with a core dump

Comments

@erlend-aasland
Copy link
Contributor

erlend-aasland commented Feb 3, 2025
edited by bedevere-app bot
Loading

Crash report

What happened?

Most of the code in Modules/_sqlite/row.c assumes ->description is a tuple. However, it may be None. Since it is possible to craft a sqlite3.Row object "by hand", it is easy to provoke segfauls for paths that involve the PyTuple API and description == Py_None. Any real code would never directly instantiate a row object; it would be implicitly created by the cursor (via the .fetch*() APIs or by iterating on the cursor). However, I don't think we should let a possible segfault hang around.

import sqlite3
cx = sqlite3.connect(":memory:")
cu = cx.cursor()
row = sqlite3.Row(cu, (1,2))
row.keys()  # <= boom

CPython versions tested on:

3.14, 3.13, 3.12, CPython main branch

Operating systems tested on:

macOS

Output from running 'python -VV' on the command line:

No response

Linked PRs
@erlend-aasland erlend-aasland added the type-crash A hard crash of the interpreter, possibly with a core dump label Feb 3, 2025
@erlend-aasland erlend-aasland self-assigned this Feb 3, 2025
@erlend-aasland erlend-aasland moved this to In Progress in sqlite3 issues Feb 3, 2025
erlend-aasland added a commit to erlend-aasland/cpython that referenced this issue Feb 3, 2025
@erlend-aasland
pythongh-129603: Don't segfault if sqlite3.Row description is None
ae502d7
@bedevere-app bedevere-app bot linked a pull request Feb 3, 2025 that will close this issue
Open
erlend-aasland added a commit to erlend-aasland/cpython that referenced this issue Feb 3, 2025
@erlend-aasland
pythongh-129603: Don't segfault if sqlite3.Row description is None
6f029cd
@erlend-aasland erlend-aasland linked a pull request Feb 3, 2025 that will close this issue
gh-129603: Don't segfault if sqlite3.Row description is None #129604
Open
@picnixz picnixz added the extension-modules C modules in the Modules dir label Feb 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@erlend-aasland erlend-aasland

Labels
extension-modules C modules in the Modules dir topic-sqlite3 type-crash A hard crash of the interpreter, possibly with a core dump
Projects
sqlite3 issues
Status: In Progress
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

gh-129603: Don't segfault if sqlite3.Row description is None erlend-aasland/cpython
2 participants
@picnixz @erlend-aasland