summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNadeem Vawda <nadeem.vawda@gmail.com>2011-08-28 11:26:46 +0200
committerNadeem Vawda <nadeem.vawda@gmail.com>2011-08-28 11:26:46 +0200
commit524148ad7a3e5420abf867b1e30017b5ca2311a4 (patch)
treea1641b086435868bbfcafba4232c85cf5111364b
parentd54fa555cba8bb6d26469a5cc283c468a03f0db8 (diff)
downloadcpython-git-524148ad7a3e5420abf867b1e30017b5ca2311a4.tar.gz
Issue #12839: Fix crash in zlib module due to version mismatch.
If the version of zlib used to compile the zlib module is incompatible with the one that is actually linked in, then calls into zlib will fail. This can leave attributes of the z_stream uninitialized, so we must take care to avoid segfaulting by trying to use an invalid pointer. Fix by Richard M. Tew.
-rw-r--r--Misc/ACKS1
-rw-r--r--Misc/NEWS3
-rw-r--r--Modules/zlibmodule.c8
3 files changed, 11 insertions, 1 deletions
diff --git a/Misc/ACKS b/Misc/ACKS
index 6f7d9d1251..7096d728d2 100644
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -874,6 +874,7 @@ Monty Taylor
Amy Taylor
Anatoly Techtonik
Mikhail Terekhov
+Richard M. Tew
Tobias Thelen
James Thomas
Robin Thomas
diff --git a/Misc/NEWS b/Misc/NEWS
index f6fe5b7014..23b336bb52 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -22,6 +22,9 @@ Core and Builtins
Library
-------
+- Issue #12839: Fix crash in zlib module due to version mismatch.
+ Fix by Richard M. Tew.
+
- Issue #11657: Fix sending file descriptors over 255 over a multiprocessing
Pipe.
diff --git a/Modules/zlibmodule.c b/Modules/zlibmodule.c
index ba0e59ce06..a1e605b3d2 100644
--- a/Modules/zlibmodule.c
+++ b/Modules/zlibmodule.c
@@ -52,7 +52,13 @@ typedef struct
static void
zlib_error(z_stream zst, int err, char *msg)
{
- const char *zmsg = zst.msg;
+ const char *zmsg = Z_NULL;
+ /* In case of a version mismatch, zst.msg won't be initialized.
+ Check for this case first, before looking at zst.msg. */
+ if (err == Z_VERSION_ERROR)
+ zmsg = "library version mismatch";
+ if (zmsg == Z_NULL)
+ zmsg = zst.msg;
if (zmsg == Z_NULL) {
switch (err) {
case Z_BUF_ERROR: